last executing test programs:

1m52.88910608s ago: executing program 3 (id=910):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x1, 0x3, {0x61efbc0f, @struct={0x5, 0x4}, 0x0, 0x0, 0x8000000000000001, 0xfffffffffffffff8, 0x6, 0xfffffffffffffff2, 0xa0, @usage=0xfffffffffffffffb, 0xc94, 0x8, [0x4, 0xfffffffffffffff8, 0x7fffffffffffffff, 0x4f, 0x3, 0x80]}, {0x8000000000000001, @struct={0x9, 0x80000001}, 0x0, 0xf, 0x2, 0x4, 0x9, 0xffffffffffffff97, 0x10, @struct={0x1, 0x3}, 0x8000, 0x0, [0x1, 0x7, 0x3, 0x40, 0x9, 0x8000000000000001]}, {0x0, @usage=0x7, 0x0, 0x6c2, 0xb, 0x7, 0x46c89e81, 0x8, 0x4, @struct={0x3, 0xffffffff}, 0xffff8000, 0x9, [0x7, 0x101, 0x2, 0x0, 0x7, 0x3]}, {0x315f, 0x1}})
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000780)='{:\'@-\x00\x9dF\x15\x86!\xa0\x85\xb9\x1f\xed\xb7X\x80\nQ\xf8\xc9\xf9|o3 S\xf7\x1eQr\xb1\xea\xe4\x16\xd8\x1c\\]\xb9\t\x92\xb0\x17\xdc*\xcd*\xc7:%\\LG\xa1\xd5c\x05T;\x99k\xe8\\\x8d5\x1c\xb2\x9e\x8eFV\x0e_gw\xc9^\xd8\xc6\t\xf5\xb1!\x97\x97x\x14:\x1e\x16\x0f&Tk.\xae6\'+\xcf\a\xe1\x87(l\xe0\x00|\n?u\xb8\xd3H\vt\xcc\xa1\x85\xf0\xd7\xd6wzx\xb9\x1c\xc9i\x9fc[u$$\a\xff2\x06\x03|(\xbc\xf4il@OA\f*\xd2', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f0000000a80)='fuseblk\x00', 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0xffffffffffffffa9, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000913000000000000030000008500000027000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed36adbe9abc89b6f5bec", 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r4 = dup(r1)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x103, 0x100, 0x551}})
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x107, 0x100, 0x100, 0x1, 0x4000}})
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f0000000080)={0xc000003, 0x40000000000001a3, &(0x7f0000000580), 0x0, 0x2})
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
writev(r6, &(0x7f00000002c0)=[{&(0x7f0000000040)}, {0x0}], 0x2)

1m51.602864045s ago: executing program 3 (id=916):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@block_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@norecovery}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$security_ima(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000200), &(0x7f0000000240)=ANY=[], 0x700, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file0/file0\x00')

1m47.976092109s ago: executing program 3 (id=922):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
rmdir(0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket$pppoe(0x18, 0x1, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
r4 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f0000000000)={0x18, 0x0, {0x1, @empty, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r3, &(0x7f0000000100)={0x18, 0x0, {0x1, @empty, 'ip_vti0\x00'}}, 0x1e)
connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xe408d604c2d1c231}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004850}, 0x8040)

1m45.214783071s ago: executing program 3 (id=934):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000340))
chdir(0x0)
chdir(0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x4)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1e, 0x1c, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000003000000000200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001c000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b702000004000000632af8ff00000000b509000000000000c3aaf8fff1000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffc40200000800000018220000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000f0c042178e9a044d8f74f5ac922f70a372d42ec9eaeef3a32919a2da4e656b890d523ef0553f8fe09a51483f251ad84c24b8b4df791b8a5a8377a53e71a39bec1f08eb7158681e5f14ac5f8f39f1cdedd0f0d0dd98cae340a4f8e51840b2b70ad34465a916d23a612695f2e05221a11732c8cd79be75ee0830e386d9cf35a90c00d53b3adc848d86f3ed2da98b2ec4112ab39eab0da66b4cee0f3f00b26ef1cc"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m44.000165503s ago: executing program 3 (id=936):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48)
r3 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000180)={r1, r2})
sendmmsg$inet(r3, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x1}, {0x0}], 0x2, &(0x7f0000000e40)=ANY=[], 0xd0}}], 0x1, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

1m43.651252463s ago: executing program 3 (id=938):
pipe(&(0x7f00000000c0))
io_setup(0x3ff, &(0x7f0000000500)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x880)

1m28.39984882s ago: executing program 32 (id=938):
pipe(&(0x7f00000000c0))
io_setup(0x3ff, &(0x7f0000000500)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x880)

48.865260816s ago: executing program 4 (id=1126):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), r0)
sendmsg$IEEE802154_ASSOCIATE_REQ(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000240)={0x24, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4044080}, 0x0)

48.2944657s ago: executing program 4 (id=1129):
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x600, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [0x7758], [0x8200], 0x1}}})
ioctl$VIDIOC_QBUF(r2, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, "8000"}, 0x0, 0x2, {}, 0x20800, 0x0, <r3=>0xffffffffffffffff})
close_range(r3, 0xffffffffffffffff, 0x0)
socket(0x10, 0x3, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000007, 0x13, r1, 0xfffff000)
readlink(&(0x7f0000000100)='./cgroup.cpu/cgroup.procs/file0\x00', &(0x7f0000000500)=""/250, 0xfa)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101900, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000400)=[@in6={0xa, 0x4e23, 0x6, @dev={0xfe, 0x80, '\x00', 0x2b}, 0x1}, @in6={0xa, 0x4e21, 0x7fff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2a}, @in6={0xa, 0x4e20, 0x80000000, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x6667}, @in6={0xa, 0x4e22, 0x9, @remote, 0x87}], 0x70)
mprotect(&(0x7f0000387000/0x4000)=nil, 0x4000, 0x5)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={&(0x7f0000000180), 0xc, &(0x7f00000001c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000200000ab0010000160a01020000000000000000070000080900010073797a300000000008000740000000000900010073797a30000000000900010073797a3100000000080007400000000214000380080001400000000008000140000000005401f20e9d50cd1059fd010067656e657665300000000000000000001400010070696d726567310016175fba108cc9fd14000100626f6e645f736c6176655f3100000000140001006d6163736563300000000000000000001400010076657468315f746f5f7465616d0000001400010076657468315f746f5f6873720000000054000380140001007465616d5f736c6176655f31000000001400010076657468305f746f5f687372000000001400010074756e6c3000000000000000000000001400010076657468305f746f5f7465616d000000080001400000000008000240000001ff0800024000000052680003801400010074756e6c3000000000000000000000001400010062617461647630000000000000000000140001006e7230000000000000000000000000001400010074756e6c3000000000000000000000001400010064766d7270310000000000000000000014000000180a010400000000000000000200000440000000140a01080000000000000000010000070c000640000000000000000408000340000000030900020073797a30000000000c0006400000000000000002140000001100010000000000000000000700000a8c0ffbfbd80d92768afecb89902cda"], 0x22c}, 0x1, 0x0, 0x0, 0x8010}, 0x1)
setsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, &(0x7f0000000000)=0xffffffff, 0x4)
syz_open_procfs(0x0, &(0x7f0000000340)='net/if_inet6\x00')

48.033097855s ago: executing program 4 (id=1133):
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="19000000040000000800000005"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1, 0x25, 0x0, @val=@tcx}, 0x1c)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000380), &(0x7f0000000580)=r3}, 0x20)
syz_emit_ethernet(0xd81, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xd73, 0x0, 0x0, 0x0, 0x84, 0x0, @remote, @broadcast}, "dd9dec79219eb549dbd024c796335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a5eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842fe8e0d9ce47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3a9d27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d5ef5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc65b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae564390a3d0aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324dde85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b6805913e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d50"}}}}, 0x0)

44.72369285s ago: executing program 4 (id=1143):
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x600, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [0x7758], [0x8200], 0x1}}})
ioctl$VIDIOC_QBUF(r2, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, "8000"}, 0x0, 0x2, {}, 0x20800, 0x0, <r3=>0xffffffffffffffff})
close_range(r3, 0xffffffffffffffff, 0x0)
socket(0x10, 0x3, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000007, 0x13, r1, 0xfffff000)
readlink(&(0x7f0000000100)='./cgroup.cpu/cgroup.procs/file0\x00', &(0x7f0000000500)=""/250, 0xfa)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101900, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000400)=[@in6={0xa, 0x4e23, 0x6, @dev={0xfe, 0x80, '\x00', 0x2b}, 0x1}, @in6={0xa, 0x4e21, 0x7fff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2a}, @in6={0xa, 0x4e20, 0x80000000, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x6667}, @in6={0xa, 0x4e22, 0x9, @remote, 0x87}], 0x70)
mprotect(&(0x7f0000387000/0x4000)=nil, 0x4000, 0x5)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={&(0x7f0000000180), 0xc, &(0x7f00000001c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000200000ab0010000160a01020000000000000000070000080900010073797a300000000008000740000000000900010073797a30000000000900010073797a3100000000080007400000000214000380080001400000000008000140000000005401f20e9d50cd1059fd010067656e657665300000000000000000001400010070696d726567310016175fba108cc9fd14000100626f6e645f736c6176655f3100000000140001006d6163736563300000000000000000001400010076657468315f746f5f7465616d0000001400010076657468315f746f5f6873720000000054000380140001007465616d5f736c6176655f31000000001400010076657468305f746f5f687372000000001400010074756e6c3000000000000000000000001400010076657468305f746f5f7465616d000000080001400000000008000240000001ff0800024000000052680003801400010074756e6c3000000000000000000000001400010062617461647630000000000000000000140001006e7230000000000000000000000000001400010074756e6c3000000000000000000000001400010064766d7270310000000000000000000014000000180a010400000000000000000200000440000000140a01080000000000000000010000070c000640000000000000000408000340000000030900020073797a30000000000c0006400000000000000002140000001100010000000000000000000700000a8c0ffbfbd80d92768afecb89902cda"], 0x22c}, 0x1, 0x0, 0x0, 0x8010}, 0x1)
setsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, &(0x7f0000000000)=0xffffffff, 0x4)
syz_open_procfs(0x0, &(0x7f0000000340)='net/if_inet6\x00')

44.38269986s ago: executing program 4 (id=1147):
r0 = socket$inet(0x2, 0x2, 0x1)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x8}, {0x0}], 0x2}}], 0x1, 0x2004000)

43.569752808s ago: executing program 4 (id=1148):
r0 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r1 = getpgid(0x0)
r2 = syz_pidfd_open(r1, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f0000000500)={0x1, 0x0, '\x00', 0x0, 0x0})
r3 = pidfd_getfd(r2, r2, 0x0)
setns(r3, 0x66020000)
mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x92)
r4 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80001)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r5 = getpid()
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r6 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r6, 0xc0c0583b, &(0x7f0000000880)={0x0, 0x2904c, 0x7, 0x10003, '\x00', [{0x0, 0x5, 0x900, 0xffffffffffffffff, 0x0, 0xa}, {0xffffffff, 0x4, 0x9, 0xa}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
ptrace$peek(0xffffffffffffffff, r5, &(0x7f0000000300))
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000040)='.\x00', 0x2)

27.832303023s ago: executing program 33 (id=1148):
r0 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r1 = getpgid(0x0)
r2 = syz_pidfd_open(r1, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f0000000500)={0x1, 0x0, '\x00', 0x0, 0x0})
r3 = pidfd_getfd(r2, r2, 0x0)
setns(r3, 0x66020000)
mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x92)
r4 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80001)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r5 = getpid()
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r6 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r6, 0xc0c0583b, &(0x7f0000000880)={0x0, 0x2904c, 0x7, 0x10003, '\x00', [{0x0, 0x5, 0x900, 0xffffffffffffffff, 0x0, 0xa}, {0xffffffff, 0x4, 0x9, 0xa}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
ptrace$peek(0xffffffffffffffff, r5, &(0x7f0000000300))
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000040)='.\x00', 0x2)

21.314666407s ago: executing program 1 (id=1247):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000280)={0xb45, 0xffffffff, 0x7fffffff, 0xbf0e, 0xc, "4ae23ae17df2e98c69ba36c4095c911abad88f", 0xcb0, 0xafb})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x9)

21.210596113s ago: executing program 1 (id=1248):
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x0, 0x0}, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000040)={0x2, 'lo\x00', 0x8}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000002c0)={0x2, 'ip6gretap0\x00'}, 0x18)

14.813988869s ago: executing program 1 (id=1275):
syz_read_part_table(0x1056, &(0x7f0000001080)="$eJzsz7GNwkAUBNBZW/bZyekKuJ6IiAnIaAI3QCN0QiWkFIBkZGOgAyB4L/mj0WilDR9V2uw2dUnSJxme9XKbOZVXkfZ++uTwO4Xq79yUyzj7SXLaPpb19OIqybjP/3WuhnTTplsW1fr4nl8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHe7BQAA//+j4A+2")

14.554668184s ago: executing program 0 (id=1277):
syz_usb_connect$printer(0x0, 0x2d, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000200)={0xfffa, [0x0, 0xfffffffc]}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

13.634586848s ago: executing program 1 (id=1281):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x15, 0xc, &(0x7f0000000300)=ANY=[@ANYRESHEX=0x0, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x21, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000004}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x72, &(0x7f0000000000)=""/114}, 0x94)
r1 = socket$igmp6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_emit_ethernet(0x3e, &(0x7f0000000440)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x64, 0x0, 0x9, 0x2, 0x0, @broadcast, @multicast1}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x98, 0x0, {0x5, 0x4, 0x2, 0x2a, 0x1, 0x68, 0xa, 0x64, 0x1, 0x3, @multicast1, @rand_addr=0x64010100}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x8, 0x3, 0x500, 0x0, 0xffffffff, 0xffffffff, 0x190, 0xffffffff, 0x430, 0xffffffff, 0xffffffff, 0x430, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0xffffff00], [], 'veth0_macvtap\x00', 'bridge0\x00', {}, {0xff}}, 0x0, 0x148, 0x190, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, 'bridge0\x00', {0x8}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x8, 0x6, 0x3}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'pimreg\x00', {0xf2e3}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x560)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0xa00, @loopback}}, 0x100, 0x0, 0xf401, 0x0, 0x54}, 0x9c)

4.350370445s ago: executing program 5 (id=1300):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))
syz_genetlink_get_family_id$tipc2(0x0, r0)
pwritev2(r0, &(0x7f0000000cc0)=[{&(0x7f0000000240)=';', 0xffffffbc}], 0x1, 0xfff, 0xc, 0x4)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

4.272685469s ago: executing program 2 (id=1301):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000001180)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xbe, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0xfb, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @loopback, @local, {[@cipso={0x86, 0x77, 0xffffffffffffffff, [{0x0, 0xe, "08c82ce8da6ee06cb8dd9452"}, {0x5, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x2, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x6, 0xa, "0000000000800000"}, {0x7, 0x11, "73bc23f9ffffffa30900a301c84600"}, {0x0, 0x11, "c8f46976e79ea788f03d9d3205927e"}]}, @cipso={0x86, 0x6, 0x20}]}}}}}}}, 0x0)

4.059661082s ago: executing program 2 (id=1302):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x1, 0x3, {0x61efbc0f, @struct={0x5, 0x4}, 0x0, 0x0, 0x8000000000000001, 0xfffffffffffffff8, 0x6, 0xfffffffffffffff2, 0xa0, @usage=0xfffffffffffffffb, 0xc94, 0x8, [0x4, 0xfffffffffffffff8, 0x7fffffffffffffff, 0x4f, 0x3, 0x80]}, {0x8000000000000001, @struct={0x9, 0x80000001}, 0x0, 0xf, 0x2, 0x4, 0x9, 0xffffffffffffff97, 0x10, @struct={0x1, 0x3}, 0x8000, 0x0, [0x1, 0x7, 0x3, 0x40, 0x9, 0x8000000000000001]}, {0x0, @usage=0x7, 0x0, 0x6c2, 0xb, 0x7, 0x46c89e81, 0x8, 0x4, @struct={0x3, 0xffffffff}, 0xffff8000, 0x9, [0x7, 0x101, 0x2, 0x0, 0x7, 0x3]}, {0x315f, 0x1}})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000580)='\xc1J\xaf\xfd,\x86\xbc\xa9\x02\xf2\xf6\xe2\xcd\x9f\xf6\x83\xeb\xba_6\xfdR\xd0\x8d\xc1\xf6.$w\xab|*`\x11H+^\xbb\x8ar\xb1\x8ec\xec,\xd5\xfd,\xce`\x9f\x92\xb4\xbe\x06?\xaa\x16Q\x94\x15\xbe\x80E\x9c\x93Hq?<(+\xceb0\xcc\xad\xdd\x1c\xee\x19\x1b\x91Z\x85\xb7\x04\xe7\xaf\xe0W,G\xc8\xc0\xbcR\x90\x17\x19@m\xa5\x19\x16i\xc8\x99)\xa5\xb0\xba\xbc\xe0rV\x06\xd0B\x0f\xcdF\xbc\x8e\x8a^%8k\x849S\x15=kxS\x1c\xc1\xdaT\x9c\b\xb6\xd8\xa0st~\xf1\x93\xb8\xba\xa5gV\x18F\x8f\xe4b\xdc\x19_P\x81\xa4\xc3\\g\x11\xd1\xc8 U\xba\x03\xc9\xf17\x88\r\xb99]\xdfM\xc8AQB\xc3\xf0\xf7t\xee\x95&w\xc3;', 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000780)='{:\'@-\x00\x9dF\x15\x86!\xa0\x85\xb9\x1f\xed\xb7X\x80\nQ\xf8\xc9\xf9|o3 S\xf7\x1eQr\xb1\xea\xe4\x16\xd8\x1c\\]\xb9\t\x92\xb0\x17\xdc*\xcd*\xc7:%\\LG\xa1\xd5c\x05T;\x99k\xe8\\\x8d5\x1c\xb2\x9e\x8eFV\x0e_gw\xc9^\xd8\xc6\t\xf5\xb1!\x97\x97x\x14:\x1e\x16\x0f&Tk.\xae6\'+\xcf\a\xe1\x87(l\xe0\x00|\n?u\xb8\xd3H\vt\xcc\xa1\x85\xf0\xd7\xd6wzx\xb9\x1c\xc9i\x9fc[u$$\a\xff2\x06\x03|(\xbc\xf4il@OA\f*\xd2', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000a80)='fuseblk\x00', 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0xffffffffffffffa9, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000913000000000000030000008500000027000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r4 = dup(r1)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x103, 0x100, 0x551}})
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x107, 0x100, 0x100, 0x1, 0x4000}})
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f0000000080)={0xc000003, 0x40000000000001a3, &(0x7f0000000580), 0x0, 0x2})
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES16=r7, @ANYBLOB="010000000000fddbdf2512000000080003", @ANYRES32=r6, @ANYBLOB="0a00060008021100000100000c00430002"], 0x34}}, 0x20048054)
r8 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000500)=ANY=[], 0x119)
writev(r8, &(0x7f00000002c0)=[{&(0x7f0000000040)}, {0x0}], 0x2)

3.796836397s ago: executing program 0 (id=1303):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="540000001c000104000000000000000002000000", @ANYRES32=r2, @ANYBLOB="000001000a0001"], 0x54}}, 0x0)

3.795610357s ago: executing program 6 (id=1304):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29428f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280), 0x3, 0x2, 0x7})
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x1, 0x15, 0x0, "89753015418ab0cb0900245518580ce0c8bf604cca41f31c108938fcfa393ef569e0bcf244bb4b23555b130900000000000000d0f08e8ad896ba67a07673defa", "8b609009aaa722681a1e2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fee40080000027cc7d24fdc26f1a95d702020000e4b8fb1703e47463b969e4", "ca1bf5ffffffffffffff6570128218a0d22915ff6eddb10000800400", [0xc]})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @dstopts_2292={{0xf8, 0x29, 0x4, {0x4, 0x1b, '\x00', [@calipso={0x7, 0x8, {0x1, 0x0, 0x9, 0x9f}}, @generic={0xfe, 0x70, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b08"}, @generic={0x80, 0xf, "09e12e5f0b6bdcf72f2ec7008a15fa"}, @calipso={0x7, 0x30, {0x1, 0xa, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}, @generic={0x93}]}}}, @hoplimit={{0x14}}, @hopopts={{0x78, 0x29, 0x36, {0x5e, 0xb, '\x00', [@generic={0xff, 0x41, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70"}, @pad1, @pad1, @calipso={0x7, 0x8, {0x0, 0x0, 0x7, 0x6}}, @generic={0x8}, @calipso={0x7, 0x8, {0x3, 0x0, 0x3}}]}}}, @rthdr={{0x18}}], 0x1b8}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(0x0, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.818730605s ago: executing program 0 (id=1305):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000200)={@val={0x0, 0x600}, @void, @eth={@broadcast, @link_local, @val, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x2, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}, {0x3, 0x17c1, 0x8}}}}}}, 0x36)

2.716772161s ago: executing program 2 (id=1306):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x2, 0x0, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x9)

2.688806212s ago: executing program 5 (id=1307):
socket(0x2, 0x80805, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
readv(r0, &(0x7f00000000c0)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)

2.55456633s ago: executing program 1 (id=1308):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x12)
epoll_create1(0x80000)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x3b00, 0x0, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d4"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

2.433723167s ago: executing program 0 (id=1309):
r0 = syz_open_dev$evdev(&(0x7f00000021c0), 0xc, 0x2)
write$evdev(r0, &(0x7f00000022c0)=[{{}, 0x11, 0x5, 0x6}], 0x18)

2.330598153s ago: executing program 6 (id=1310):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000000)={0x0, 0x400, 0x2, 0x1, 0xfffffffd, 0xffffff00})
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDGKBDIACR(r0, 0x4bfa, 0x0)

2.258728648s ago: executing program 5 (id=1311):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0xc000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a48000000030a010200000000000000000a0000050900030093797a30000000000900010073797a3100000000080007006e617400140004800800024054dd5e54080001"], 0x70}}, 0x24044850)

2.231177619s ago: executing program 0 (id=1312):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x2802, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f000000bb40)=@newtfilter={0x48, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0x4}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_matchall={{0xd}, {0x14, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xf, 0xb}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)

2.202551391s ago: executing program 2 (id=1313):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x2800010, &(0x7f0000000300)=ANY=[], 0x3, 0x21f, &(0x7f0000000940)="$eJzs2j+LXFUcBuDfXRMSN2xmxH8kIB60UJtLZmqLLJKAOKBoRoiC5Ma9o8NcZ5a5w8KImK209SNYi6WdIClttvETWNhts2UK8Uoya5INY7GIO2Kep5kXzrzccziXwynu/uvffDYa1PmgmMValsXa5diNO1m0Yy3+shuvvXL95xfeu/7BW5u93pV3U7q6ea3TTSmdf/GnD7/4/qXbs3Pv/3D+xzOx1/5o/6D7295zexf2/7j26bBOwzqNJ7NUpJuTyay4WZVpa1iP8pTeqcqiLtNwXJfTI+ODarK9PU/FeGtjfXta1nUqxvM0KudpNkmz6TwVnxTDccrzPG2sB/9E/7s7TRMHzekb0TTNk9/Gudux8Wu0InsqZU9fzp69kT2/m104aJrWqqfKv8L+P94eOtTPRlRf7/R3+ovfxfjmIIZRRRmXohW/x93X5NAiX32zd+VSuqcdX1W3Dvu3dvpPHO13ohXt5f3Oop+O9s/EesTpiMN+N1rxzPJ+d2n/bLz68kPPz6MVv3wck6hiK+52H/S/7KT0xtu9R/oX7/0PAOD/Jk/3Lb2/5fnfjS/6x7gfPnK/OhUXT6127UTU889HRVWVU0EQhPth1ScTJ+HBpq96JgAAAAAAAAAAABzHSXxOuOo1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/21/BgAA//9DWtUg")
sendto$packet(0xffffffffffffffff, &(0x7f0000000040)="6f3d7b6e3595904a", 0x8, 0x4, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)

2.142738755s ago: executing program 6 (id=1314):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x3800000, &(0x7f00000006c0), 0x1, 0x519, &(0x7f0000000700)="$eJzs3W1rXFkdAPD/vclk0zZrZlWkLri7uCvtop1JNu5uFNldQfRVQa3va0wmIWSSCZlJbULRFD+AIKKCH8A3gh9AkH4EEQr6XlQU0VZfaq/cmRvNw0wy5Gnq5PeDkznnPpz/OZfMnftwuDeAS+u1iPggIkYi4s2ImCymp0WKnU7Kl3v65MF8npLIsjt/SyIppu3WlZdHI+Jasdp4RHz9KxHfSg7HbW5tr8zV67WNolxtra5Xm1vbt5ZX55ZqS7W1mZnpd2bfnX17diornKqf5Yh470t/+tH3f/bl9371mW///u5fbn4nb9YXPtZpd0TMnypAD526S+1tsSvfRhvnEWxA8v6URgbdCgAA+pEf4384Ij7ZPv6fjJH20RwAAAAwTLL3J+JfSUQGAAAADK00IiYiSSvFWICJSNNKpTOG96NxNa03mq1PLzY21xbyeRHlKKWLy/XaVDFWuBylJC9PF2Nsd8tvHSjPRMRLEfHDySvtcmW+UV8Y9MUPAAAAuCSuvbr//P+fk2k7DwAAAAyZcs8CAAAAMCyc8gMAAMDwc/4PAAAAQ+2rt2/nKdt9j/fCva3Nlca9Wwu15kpldXO+Mt/YWK8sNRpL7Wf2rR5XX73RWP9srG3er7ZqzVa1ubV9d7Wxuda6u7zvFdgAAADABXrp1Ue/SyJi5/NX2imK5wAC7PPHQTcAOEsjg24AMDCjg24AMDClY5ewh4Bhlxwz//Dgnc61wvj1+bQHAAA4ezc+fvj+/1gx7/hrA8D/M2N9AODycXcPLq/SSUcAXj/rlgCD8qHOxwu95vd8eEcf9/871xiy7EQNAwAAzsxEOyVppThOn4g0rVQiXmy/FqCULC7Xa1PF+cFvJ0sv5OXp9prJsWOGAQAAAAAAAAAAAAAAAAAAAAAAAICOLEsiAwAAAIZaRPrnpP00/4gbk29M7L86cOCtXz+98+P7c63WxnTEWPL3yXzSWES0flJMfyvr95UAPV8nBgAAAJxe5zy9+JwedGsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDZPnzyY300XGfevX4yIcrf4ozHe/hyPUkRc/UcSo3vWSyJi5Azi7zyMiOvd4ifxLMuyctGKbvGvnHP8cnvTdI+fRsS1M4gPl9mjfP/zQbfvXxqvtT+7f/9Gi3Ravfd/6X/3fyM99j8vHij38vLjX1R7xn8Y8fJo9/3PbvykE39fiLzwep99/OY3tre7zthTZbf4e2NVW6vr1ebW9q3l1bml2lJtbWZm+p3Zd2ffnp2qLi7Xa8XfrmF+8IlfPjuq/1d7xC/v7/+h7f9GX73P4t+P7z/5SKdQ6hb/5uvdf3+v94ifFr99nyry+fwbu/mdTn6vV37+m1eO6v9Cj/6PH9P/m331Pz735te+94eucw5tDQDgIjS3tlfm6vXaxhGZ8T6WueDM+ydbPXkuGt81E89HMwaVyb7b+X88XT2nXP1QJjvN6qNxBs0YO/Q9HYmTVphE7OR19fkPCQAADJn/HfQfdQcJAAAAAAAAAAAAAAAAAAAAOE8nfCzZeET0vfDBmDuD6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJH+EwAA//9RBtEi")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0x7, 0x4d, 0x1}, 0x7)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x2904c, 0x3fffffffffffd49, 0x10003, '\x00', [{0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x4}]})

2.04841899s ago: executing program 5 (id=1315):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCDELRT(r0, 0x890c, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x20, r2, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}]}, 0x20}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r4, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r6)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r7, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)

1.795685895s ago: executing program 2 (id=1316):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000440))
futex(0x0, 0xb, 0x1, 0x0, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
connect$unix(r1, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8)
r2 = socket(0x11, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000)={'team0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f00000001c0)={0x11, 0xf7, r4, 0x1, 0x2, 0x6, @broadcast}, 0x14)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

1.7195601s ago: executing program 5 (id=1317):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
unshare(0xc000400)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d7003000c0b, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETOWNER(r1, 0x400454cc, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)

1.662687862s ago: executing program 6 (id=1318):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000780)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0xc, 0x2, [@TCA_BPF_FD={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8858}, 0x20004814)

1.244672417s ago: executing program 0 (id=1319):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x800718, &(0x7f00000003c0)={[{@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x60}}, {@nobh}, {@resgid}, {@resuid}, {@nombcache}, {@noblock_validity}, {@usrquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}]}, 0x2, 0x4a3, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nz2M3n79v1orRotQlBMmrRqF24UBZGKgi7qMk6mJXTaSBPBfmCjiCtBCroWl6J/gbgRQdSV4Epw5UoKRbNp6ypyZ+5NMpNM2iSTTO38fjCZc+aemXueOffce+45kwA61lD2J4nYHRG/RsRALVtfYKj2dHP+cunW/OVSEgsLr/6RVMvdmL9cKooW79uVZ4bTiPT9JN9JvZkLF89MVCrl83l+dPZsX56cOF0+XT43fvz4saNjTz05/kRL4sziunHwnelDB154/epLpZNX3/jhy6y+u/Pty+NYp19Gm2wYygL/c6GqcdsjG9zZ3WrPsnTS3caKsC5dEZE1V0+1/w9EVyw13kA8/15bKwdsqeza1Nd889wCcA9Lot01ANqjuNDvnO8qZffAK++DB7Zy+NF215+p3QBlcd/MH7Ut3ZHmZXoa7m9baSgiTs799Wn2iM3NQwAA3JEPS5+c6I2IS7e+eDEbeyyN9tLu/1aff6v+3ZuPBAcj4l8RsS8i/h0R+yPiPxGRlf1fRPx/k/VZOf5Jr23yI9eUjf+ezte26sd/xegvBrvy3J5q/D3JqalK+Uj+nQxHT1+WH1tjH9889/NHzbYtH/9lj2z/xVgwr8e17oYJusmJ2YnqoLQFrr8bcbA7SVbGnyyuBCQRcSAiDq7vo/cWialHPz/UrNDt419DC9aZFj7LwpvL2n8uGuIvJLX1yTdHZy5cfHzqbOP65Gh/VMpHRoujYqUff/rglWb7r8Xfn+dWj3/H5sNs6nq59rys/ZdtXewDS+u1M63d/waP/7Q3ea26ztybv/b2xOzs+bGI3uRENV/3+vjSe4t8UT47/ocPr97/9+Xvydr/vojIDuL7I+KBiHgwr/tDEfFwRBxeI8bvn719/JFu4PhvgSz+yVXPf4vH/2BS1/7rT3Sd+e6rZvu/s/Y/Vk0N569Uz38Nkob8atXpjuhrrOBmvz8AAAD4J0irv4FP0pHFdJqOjNR+w78/dqaV6ZnZx05Nv3VusvZb+cHoSYuZroF8PrQyVSmPJXP5J9bmR8fzueJivvRoPm/8cdeOan6kNF2ZbHPs0Ol2Nen/md+72l07YIvVLy8VC8DjvW2pDLDNGtfR0/rslZfDyQDuVf5fGzrXbfp/ul31ALaf6z90rtX6/5WGvLUAuDe5/kPn0v+hQ6Xfrvry19teEaAdXP+hI23m//q3MNF/d1SjPYntbpRYV+EoEmnbv6hWJfrjrqjGxhOX8t7cyk9u84kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgRf4OAAD//+Nr2uw=")
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

1.20221107s ago: executing program 1 (id=1320):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000540)={0x1, 0x3, {0x61efbc0f, @struct={0x5, 0x4}, 0x0, 0x0, 0x8000000000000001, 0xfffffffffffffff8, 0x6, 0xfffffffffffffff2, 0xa0, @usage=0xfffffffffffffffb, 0xc94, 0x8, [0x4, 0xfffffffffffffff8, 0x7fffffffffffffff, 0x4f, 0x3, 0x80]}, {0x8000000000000001, @struct={0x9, 0x80000001}, 0x0, 0xf, 0x2, 0x4, 0x9, 0xffffffffffffff97, 0x10, @struct={0x1, 0x3}, 0x8000, 0x0, [0x1, 0x7, 0x3, 0x40, 0x9, 0x8000000000000001]}, {0x0, @usage=0x7, 0x0, 0x6c2, 0xb, 0x7, 0x46c89e81, 0x8, 0x4, @struct={0x3, 0xffffffff}, 0xffff8000, 0x9, [0x7, 0x101, 0x2, 0x0, 0x7, 0x3]}, {0x315f, 0x1}})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000580)='\xc1J\xaf\xfd,\x86\xbc\xa9\x02\xf2\xf6\xe2\xcd\x9f\xf6\x83\xeb\xba_6\xfdR\xd0\x8d\xc1\xf6.$w\xab|*`\x11H+^\xbb\x8ar\xb1\x8ec\xec,\xd5\xfd,\xce`\x9f\x92\xb4\xbe\x06?\xaa\x16Q\x94\x15\xbe\x80E\x9c\x93Hq?<(+\xceb0\xcc\xad\xdd\x1c\xee\x19\x1b\x91Z\x85\xb7\x04\xe7\xaf\xe0W,G\xc8\xc0\xbcR\x90\x17\x19@m\xa5\x19\x16i\xc8\x99)\xa5\xb0\xba\xbc\xe0rV\x06\xd0B\x0f\xcdF\xbc\x8e\x8a^%8k\x849S\x15=kxS\x1c\xc1\xdaT\x9c\b\xb6\xd8\xa0st~\xf1\x93\xb8\xba\xa5gV\x18F\x8f\xe4b\xdc\x19_P\x81\xa4\xc3\\g\x11\xd1\xc8 U\xba\x03\xc9\xf17\x88\r\xb99]\xdfM\xc8AQB\xc3\xf0\xf7t\xee\x95&w\xc3;', 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000780)='{:\'@-\x00\x9dF\x15\x86!\xa0\x85\xb9\x1f\xed\xb7X\x80\nQ\xf8\xc9\xf9|o3 S\xf7\x1eQr\xb1\xea\xe4\x16\xd8\x1c\\]\xb9\t\x92\xb0\x17\xdc*\xcd*\xc7:%\\LG\xa1\xd5c\x05T;\x99k\xe8\\\x8d5\x1c\xb2\x9e\x8eFV\x0e_gw\xc9^\xd8\xc6\t\xf5\xb1!\x97\x97x\x14:\x1e\x16\x0f&Tk.\xae6\'+\xcf\a\xe1\x87(l\xe0\x00|\n?u\xb8\xd3H\vt\xcc\xa1\x85\xf0\xd7\xd6wzx\xb9\x1c\xc9i\x9fc[u$$\a\xff2\x06\x03|(\xbc\xf4il@OA\f*\xd2', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000a80)='fuseblk\x00', 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0xffffffffffffffa9, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000913000000000000030000008500000027000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r4 = dup(r1)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x103, 0x100, 0x551}})
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x107, 0x100, 0x100, 0x1, 0x4000}})
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f0000000080)={0xc000003, 0x40000000000001a3, &(0x7f0000000580), 0x0, 0x2})
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES16=r7, @ANYBLOB="010000000000fddbdf2512000000080003", @ANYRES32=r6, @ANYBLOB="0a00060008021100000100000c00430002"], 0x34}}, 0x20048054)
r8 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000500)=ANY=[], 0x119)
writev(r8, &(0x7f00000002c0)=[{&(0x7f0000000040)='\b\x00', 0x2}, {0x0}], 0x2)

1.130451354s ago: executing program 5 (id=1321):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29428f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000340)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280), 0x3, 0x2, 0x7})
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x1, 0x15, 0x0, "89753015418ab0cb0900245518580ce0c8bf604cca41f31c108938fcfa393ef569e0bcf244bb4b23555b130900000000000000d0f08e8ad896ba67a07673defa", "8b609009aaa722681a1e2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fee40080000027cc7d24fdc26f1a95d702020000e4b8fb1703e47463b969e4", "ca1bf5ffffffffffffff6570128218a0d22915ff6eddb10000800400", [0xc]})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @dstopts_2292={{0xf8, 0x29, 0x4, {0x4, 0x1b, '\x00', [@calipso={0x7, 0x8, {0x1, 0x0, 0x9, 0x9f}}, @generic={0xfe, 0x70, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d188e0b08"}, @generic={0x80, 0xf, "09e12e5f0b6bdcf72f2ec7008a15fa"}, @calipso={0x7, 0x30, {0x1, 0xa, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}, @generic={0x93}]}}}, @hoplimit={{0x14}}, @hopopts={{0x78, 0x29, 0x36, {0x5e, 0xb, '\x00', [@generic={0xff, 0x41, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0bb903fe94b32c28f70"}, @pad1, @pad1, @calipso={0x7, 0x8, {0x0, 0x0, 0x7, 0x6}}, @generic={0x8}, @calipso={0x7, 0x8, {0x3, 0x0, 0x3}}]}}}, @rthdr={{0x18}}], 0x1b8}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(0x0, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.110524975s ago: executing program 6 (id=1322):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r0, 0x40082102, &(0x7f0000000040))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
fanotify_init(0x4, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000000000000000000000000100000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000767c4a5830d3a2f700000000006ad99282c895e75eec"], 0x68)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x141, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x4}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r7, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendto$inet6(r5, 0x0, 0x0, 0x24008000, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='vegas', 0x5)
shutdown(r5, 0x1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd7040010000000f00000005002e000000000008000300", @ANYRES32=r8, @ANYBLOB="05002f0000001a9b428edacb7e61f20000"], 0x2c}}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0366547b47866e9961e1c079c2c2b4f462133c75e3d09c8614cc56079b2a4b97ff1bf739c113428805cdcc920030aa07960364c56b912e488c84353cede7c78f48d645070210fb851c6f5743b452e022e913f601d67e75c69a4064c3"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000850000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

55.272177ms ago: executing program 6 (id=1323):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet(0x2, 0x800, 0x5ab4)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0xd6c2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000140)={0x932, 0x6})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
socket$rds(0x15, 0x5, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000680)={0x0, 0xfff, "46426f66bca54a2a398a1201cf57e95fb4ddef84aa371b63c745b6da8c088cb2a097c9b207f264e512e41150eb9ee3142a6e924751e7d4ae68dfecbe787e5ec19806e5abd3603f3086893cbefcb24559fa575a87976f1de4ffc0ba43beff86f8b63e384d6e7bc4254e6b899b91a85a314a2c25ae3085f376fbf463928e1b36e83bb5fd42d3e201ba7b099862131ea5c645b16f51b62117db54d39a1c085f80557bc98c4a976e6e30c25357585f964df8cece6a52bc8c361252474c84625aebd3c0a603e1bb83dc9a2d948fafcff7605f3ccc5603d7f27312521b680ac363951e2f08843d30eb0a8821f56d174b8a7e4b1958ac057d18c67be6508c8c66fdd290fa77b60bfd6b9cd82202a5013498e4d06b9a4215c76727f65f043c7b8f0e05b6937e8ee28f60fd43e088ee8f9c4f5a7b8fa8fbfd4f8c64349804268f9bb462a048446f9f7f14a1ecbc583cca26b81773db841d10c9c0a0294fddd181556b16cadb318b947369cfa0b1b91d17560035f85f3a25882f64abd2a10784f7c5f31d5a2d679aaa2acba54abcabdbf4c29086666808cd1aef6c0b578b4cdc4a7a659b7a42be32066fdd432772a8019faa94340c081bb3f56191c26adb3bd5c832114ed4fc7f280a947e1f51a5fd69e80d7fe484f48000c69e93acc769531b02d58fbdee8e61906a862d2022cfb2692efec2fbfc29b67349b0a628cd2082347ef8685e81c38e91f7501a72f8d6fc08b5b7289f1ef09336a3b02096345ca053241b9f17334803a6438a97f85a2b61cb01df1b6c936bc34d507d2e2c725dc1d027d6051eaeb4922e98de7e44fa366f7449ce7dd0e22d6ba39d25ee6fd20477eb9a0a499e5eb54aebd9b514ebd9b461dea1d83ecacba8cab635cb8fcc96e66794aa20e2b2d58f29ec2d7a9449bdb6b2586f95a90848c8c0aeec92ff7a0d2aa869547221511f6d4eb4a07a2e9d92e0c70bd9fcbfbf96d19d46c9768dc243e82debc09e318cea4a4169227026b611d665d766718c439800222e589087f41b46098ff70444681f3af1c3d4a99f4e27d001b52e217b55039ffeb3468c9d0974f66acf718e7e1877c6b5010bb81ed6eb2178da931446612c4f2de14d84862dc54023806b10a2fc5fc4f475f2278dbbc4c9eb50221c7cfe53ff9e067d36fdaa4a75946c8f6575399b9cef017e3c87b64e68cad81cb2545137076097acb0a5fa2a4ac2fcdb46a10ecb5ae376a009c1c691d4a9782033ee1a09f8f85fb341dc0a4adef0dc6eb0def55d4a37ad4596c8d2ac1ed5f631f97b5e427e8a263bb9dfc8e2c2dd41f424f849518c385f2d0034ec37666672900d89942da48a5e7e601a57ec6fb2496044138a9ac75c31ba33452e73fc054541c0d329ec2570c999861bf858195a5c9c5a8ee770ff9bcd582436d2b0c722fd52888baad128070cb241b5f7d974ad4c3093bcf698c1d2052324d0c57b1cf8097906c28b20927aaa639d7b89b227f6400da5631a5eac773876cba4d8d3c2a90b8eeaf527f0e0c5ba1386d3552417e4ee26b2da6b8db58f098caa56207afddec26a52617262520f38b1246454d7d19c48d18511d614c69858e7c6239dd1275378b304e6c0fe5e918726c19ff6223228ce94c04a21620c9e3bea4a393635acaaf2bc891c72602197882a73c23b2f6eeffdcc36182a12d4ac2205bafed9fe5237261072f4db77bc30d6841b6f06f0ae52017cd9abe84a778f6413924bf40b4d4d54229f0fdf33657e92fd49ffdc15da91af662473a9b815119d442dd0d9af0b71caf24662d6b030ae8760589e43fd5930766f73daaa171fdda786e1de47d7a17f8749ef5352c835089b7bb1e613ada908b9a8ab93add561fc9d1a8a538c5f17fe5db19ae9fb1b81dbd0c9fec0c01fdc52a10fd2531461e2a39a64b2d4fb2626cd120fa208dd0a8b69d69629b3ca17e4cc5051e96ad83818541af1d0fb50754fab305d17e73e2542a7e6dc6ef4e8ddf4a7be8856004684f2d384aeb47c63c00e834beb10be9e2001131b71e8f484acca18395831c3b80f4f2315c4b12a11a3fa460cb021884f31736b59d3aab52924c14e126db280bf355b32d0df46e201db9a2773346bf3b5e042d742a6f09c96d2fc2abc0400946d296a12c429c61bacfbead1c2a9e182b627433b4d5624f5b39b8d4c66eeeb90b363e88fdb879444d6aa63cbc083f908074ea27e5b08a139cbb68aeadfcc5c7aed1a2567c2cfc0df5910b2ee497a7cd47fd2452b95243683aca6b9749bb7408159fbb74e34f4ffd0708741d9a4299a7c243d68ee55db19a9ad70d372fda6cc99a19fdc908cfa66ef2fe70fee465713748b6bb3c3b7b86c59ad776b8fb9d6c03245ea9d7a1db18047c7aa86ff35a97d7df1264aade60a8209a17ba4fca9fdc57c4b54b00b9fc6c7086e828b8d838bb9a3250b1e87d43a280501e240421792c1f79d16c9cb5320f6488650783a021653727f1ec7e259927f3d05330369bb337e8c55c27f7ec18ce027d2437cefe7452073f48ec0f23c38ec014b1aebe79ef9c10b958ad465410755fdf405d2b45dd8e3c6076f93bf14f7f79a3584fc6548992ee1527ede0791ee5496451904de0c7fdb3bad5399b8640bce9df434a162556eed258d94e3e370c3f40f33b7178467e11916318aaa3eae8c9343cec9b7b74918034594431b107537ba60814ef05bbbedf91e61d7a7780c3de1799cd9efc896f1eac14aec6750de420bf9b8c475c94053bfbc4dc6c66e441b714066a3fd270f07fc92dfd4c9e51299de7e2fc748b70b4c06a386d7bd86a1c97a9220534edcde6df692dc3e5f3979a535797a508e70a02f79ff1ddfbdb0a7c114df267af736c3591799f772f14b910d0ee2fd13b64e54ccf11dad57d59befa98164d49d5cb6481808d98243b2d6b6ed62fda54561f898bf82113c08f52e39ebbc7e22b653e5211059a3fc62a1649e5bd9f875cfab7099b48de4c2955620ad828aea684143c0e30d13496418655de12b277a98df05640c36f1a34dd0d0313994b9a7aac0047e725271cd7a1a1a85c643d069ed3195773a43210b9437c17618177086170c39d0271867e739863e6a47cd1d3b894fc8394212c569939018fd7414c5b89f7239108180d519b80515fa6243ece2c8a77da251aa8420d047c31fc12b438cee0339455ed8e5a84263684a8007b8aa7a2f419533f2e181fd900117f1e5fee2f0e6e047476061bfeaba5adb612809db8aac7a2de040d608bf4220d8551317b05ea20f604c1a483d725d627561b7b2efe6602adf4101bc2ee4a1cb8610dff264dfe588798a59b71f2706d4494e303443ce9af055fc7582d8c1c344faf61d99de2c783867a31840e3a6411317ad8da95d2ee5312a06048007d7250aa195cd2d729584c7a45dce41872e223611388f92adad7d7461575618793c0ed92f7dbedd05eeea96de116925748a723e53646caeb59f1ceb454f0354153bd23ea376166a116f2bb11da8303853fe777388c06923f86fb7f6a0f29a9706a36243c486f686baac7f5ec7ba55ef1964eb5739567c8cc5dbde5ef53358f6477feadc7488628155836af8d7861eb32c6e64e0df59fddfb7a765b0209b061caf85b0299ef7d3696f7f87d48935dcd3b6dd8927327234914677a7591bad53bdcf1430e3033fdc4ad242353c094d3793996d43db442c45586db56d5628a80458d4ffe5b67c0b620f5abdc6d1b3ae130f7a4bb20fd608050096f2e3c78d339535ee3a7cdd03c12ef27efa8a9b79430fdd034b8afcc18ff8cad2b7f67c5f63dfdf7e8f24506ffdf50db46400639671b0f915dbde72788a57b752d59a5a30929f4de809e092ecd5ef5716f7e3ddce52624cb92da03020cf9d9103f1758fbe539ad48623cfa8ad1d7a11ceb8733569f263681221bee80a07566074ec41f7990bdc60835026626f51c702a4d114ae850d9b402fcebe552441a59d0aa44ca43aea4c8847bc866255f41eb57e29e07631a17020d5b49baa8be2e4b63117fd292634bafda4fda0a8e85eb5c1804ab0edb8f392fbff337d7a640bf886c50283ca70fb2eb991296f5acc2a2a28495395b59d880ac3428f5ac118a4143e990737f3b1f4851ccfbc6b8b65e91fb65f39014313a77bd2a84c9cf23ebb731ed8de256add7b003ec2a416100ca1815daab73f6f07b81bff0785636d9f9f3138db4e55565f0bf489bad920d869962336e3cb0d01fe48d382f42a1df840797f4d85fc290de4d2d36924de3842c5edfc0f2687b819ec8c952102a859e0e13caf27be4c2dd58dc00bdda420fbed65c8e45c4e5e831f09033050ebf68f7ac7dcff7da1c1bc5afd8961b07b020d62cb3aacb70c3556694d6b229f86bf2f0f23be17162536208168cc3977c437f85f3082689f62b175c4e47b24d3618f55d9ff64ea7a9c5ea8a52010ead97aea0ff102c68c4d0a2ffa5b518faf5b27f50a4eb3ca09e2cfae03b650a4a5ba48f2b8f9b8ec0e84be21dbc1288dc83bf958e39dfd997b662d06931df067644ae7d830a0311a0545600e1b2eb7140f99ab067f5b3d52faef12170e68180b10f0ffec3ce07902af8cf6a1200805721a6ed56de8f6e16f97ba28c7929a35937ec1bc700721b96e6bfd471097a351f3b0d6b5aedbfad1beb8cec71d04177dcc6b14b127f9c9ded749648cbeafc3473eb921b882937378bd803731e9b8b3b1a851195acb897b50b6331674849e8bac60d51ade1b322d3168ccafa882c414bde73fa8c35567dc2d9dd0e6cf996c8a74cc344b98821f036687e2dd8ba4a80fcfc0dba82388f2c52ac6668f4bb10d2eb3bb501aa7383f3333a86497f256d434459d17f617ae585f42d280880cb0253558c0c47a6ee39d44db9da2409bbb4a01f5e38b6c399a01ccfbb25bfbb0def34b118362647d645295ab29a1ca47e4d88b29e6cda0c21a614c85687b4342a7ccabf022ce537f59ad55848d4048932d95d1fd8a8fea2b40f84ee00125f6f32a0ba641b066260d596246dc2c8d44db6c7a751e5132727bcbbfe79b521c6286078d0bcf99cc739a14949869100f25b3e1150fcf3cc773fbd85bfd0a9cf363023feab6fb842a454377c3c9f4cf03b9129e92825e7fcaf9f9175df81a2d78f237609cb1a1530842511d364919ddc58e32fc6ef94a80a9d86c947085cc4be3313b0fc3b2120011c79eb202b9a129430850080b0bb7146ccb1cb59a0a6edf6071cc49c021a0683d9db547bd7c1e5ae8a6be2c328d01913888b16743cdc7443c05f111802f7d19b6edfc8f730131e62df85a5983135bfb5ddc4e8d55555b3777abfa4240291ad841f596cd6915178f4a4bf1465e1d4f96dc1746385366419311ff696fefbe5fc6c688420fdef5e75b6752fc8748fc0ea6fb4dfe3ef99460e272ed53f69a318a2eeade78fa26fc3a96412e79946fa516e089cb60d7f40d9a189c06c7d3ea1a81eaaa9ce1e3cf3d6ca1561c2b95d91f4a7a46e7b64a997d3860cd4bc9aa41e3760e567fa7d4112eb7d2fc3f103b781a7d0c68b9694ae615206341514de2c0b63703a1615bff08e8424c82151af4c3755a63196b92272e5270d540b88dee94b86b8d2f4be64ee2cc733a8f08f3915d7e08df1000f31d24eb19ee41b83f2ab6a65a35ddd10ad16aaa55a921c8a99a2050ef59c1da75ee549ec8987578a9678837cfab1505158ec189fdc0ce6a02ce7686c732cf58a3ee2cace7981856fc167cb6de13104bfbe37d2e03e4d3acbbb470e5a1ea32002344dbd9a843571831efd2597f700a79b251d3a4be02acbad22c82c41758ceadf8d947ac64b5d984d6464060c8e53309250e"}, &(0x7f0000000100)=0x1007)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000fea000/0x14000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000fef000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff7000/0x3000)=nil, &(0x7f0000000380)="eb379ba3ae5a49ceb8ca64a7597a0679931a8b6ea78540516bf104f7aa3228c510018844e50de41605e206bc4358ba4a3f19039492585c852d0fc3485a4f5a9d916685ea3291c4ac8c31beac203eba98356f3a0943722fb5d31e74cba79be14f0850b2e13c445fe430b58d1a54fcc779b557f41195eadff3251ab9ed1fc5b6c992735a5cd0ca0b84d95ad3922b6bdcf1ab70609c9735af25c3b962afdc20cae3a3f8a79b841ae6b9b72336ffeb", 0xad, r0}, 0x68)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x2, 0x0)
write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

0s ago: executing program 2 (id=1324):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_ep_read(0xffffffffffffffff, 0x7, 0x92, &(0x7f0000002240)=""/146)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f0000000080)={0x3ff, 0x7, 0x100000, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000140)='tracefs\x00', 0x22048dc, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r2, &(0x7f0000002780)={0x2020}, 0x5ecfb203)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
read$eventfd(r2, &(0x7f0000000180), 0x8)

kernel console output (not intermixed with test programs):

dv_slave_1
[   75.365424][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.378012][ T4185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.392287][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.404587][ T4185] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.408346][ T4304] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   75.424621][ T4185] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.462168][ T4185] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.491998][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.509571][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.520231][ T4251] Bluetooth: hci0: command 0x0419 tx timeout
[   75.528465][ T4251] Bluetooth: hci3: command 0x0419 tx timeout
[   75.539350][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.551469][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.565751][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.578075][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.590960][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.601857][ T4251] Bluetooth: hci1: command 0x0419 tx timeout
[   75.608259][ T4251] Bluetooth: hci4: command 0x0419 tx timeout
[   75.614713][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.625004][ T4251] Bluetooth: hci2: command 0x0419 tx timeout
[   75.632503][ T4196] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.643018][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   75.652967][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   75.662642][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   75.672017][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   75.709463][ T4185] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.741889][ T4185] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.759898][ T4185] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.769225][ T4185] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.793883][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.806929][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.817203][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.828664][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.842630][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.859609][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.869936][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.907193][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.934880][ T4196] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.943535][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   75.956379][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   75.998573][ T4196] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.025847][ T4196] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.046031][ T4196] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.055867][ T4196] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.137834][ T4313] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7'.
[   76.163765][ T4316] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7'.
[   76.214851][ T4275] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.223176][ T4275] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.239803][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   76.298249][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.309570][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.336896][ T1287] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   76.401118][ T4275] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.432679][ T4275] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.461363][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   76.537621][ T4275] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.577402][ T4275] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.644808][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.681797][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.193774][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.720839][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   77.758972][ T4328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.803249][    C0] sched: RT throttling activated
[   77.809235][ T4328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.955515][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.364089][ T4334] tmpfs: Unknown parameter 'grpquota'
[   78.459507][ T4334] netlink: 'syz.4.5': attribute type 1 has an invalid length.
[   78.493324][ T4334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5'.
[   78.539065][ T4334] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5'.
[   78.691564][ T4334] netlink: 'syz.4.5': attribute type 10 has an invalid length.
[   78.718810][ T4334] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5'.
[   78.758926][ T4334] device dummy0 entered promiscuous mode
[   78.789020][ T4254] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   79.034434][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   79.043975][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   79.053278][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   79.062302][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   79.071222][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!!
[   79.080231][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!!
[   79.089274][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!!
[   79.098312][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!!
[   79.107230][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!!
[   79.116347][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!!
[   81.002107][ T4254] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   81.026358][ T4254] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   81.053729][ T4254] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   81.062975][ T4254] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.184794][ T4336] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   81.897132][ T4251] usb 2-1: USB disconnect, device number 2
[   82.178384][ T4369] fuse: Bad value for 'fd'
[   82.590335][ T4387] syz.2.23 (4387): /proc/4376/oom_adj is deprecated, please use /proc/4376/oom_score_adj instead.
[   83.995132][ T1110] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   84.385245][ T4406] sch_tbf: burst 1885 is lower than device lo mtu (65550) !
[   84.454978][ T4407] netlink: 12 bytes leftover after parsing attributes in process `syz.1.31'.
[   84.503301][ T1110] usb 3-1: Using ep0 maxpacket: 16
[   85.634033][ T1110] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   85.703696][ T1110] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.732334][ T1110] usb 3-1: Product: syz
[   85.752708][ T1110] usb 3-1: Manufacturer: syz
[   85.767827][ T1110] usb 3-1: SerialNumber: syz
[   86.634386][ T1110] r8152-cfgselector 3-1: config 0 descriptor??
[   86.673982][ T1110] r8152-cfgselector 3-1: can't set config #0, error -71
[   86.693815][ T1110] r8152-cfgselector 3-1: Unknown version 0x0000
[   86.717766][    T7] cfg80211: failed to load regulatory.db
[   86.754551][ T1110] r8152-cfgselector 3-1: USB disconnect, device number 2
[   88.011770][ T4448] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   90.915012][ T4484] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   91.233356][ T4494] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   93.733420][ T4239] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   94.103385][ T4239] usb 4-1: Using ep0 maxpacket: 32
[   94.243915][ T4239] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.296956][ T4239] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.367926][ T4239] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   94.438900][ T4239] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.764276][ T4239] usb 4-1: config 0 descriptor??
[   94.884387][ T4239] hub 4-1:0.0: USB hub found
[   95.105324][ T4239] hub 4-1:0.0: 1 port detected
[   95.926051][ T4239] hub 4-1:0.0: hub_hub_status failed (err = -71)
[   95.932787][ T4239] hub 4-1:0.0: config failed, can't get hub status (err -71)
[   96.043704][ T4239] usbhid 4-1:0.0: can't add hid device: -71
[   96.049760][ T4239] usbhid: probe of 4-1:0.0 failed with error -71
[   96.277106][ T4544] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   96.288432][ T4544] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   96.305847][ T4239] usb 4-1: USB disconnect, device number 2
[   97.403352][ T4555] capability: warning: `syz.3.77' uses deprecated v2 capabilities in a way that may be insecure
[  101.289487][ T4606] netlink: 'syz.2.93': attribute type 39 has an invalid length.
[  104.066536][ T4630] netlink: 17 bytes leftover after parsing attributes in process `syz.3.97'.
[  105.844481][    T7] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  105.889356][ T4659] =======================================================
[  105.889356][ T4659] WARNING: The mand mount option has been deprecated and
[  105.889356][ T4659]          and is ignored by this kernel. Remove the mand
[  105.889356][ T4659]          option from the mount to silence this warning.
[  105.889356][ T4659] =======================================================
[  106.534425][    T7] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  106.603040][    T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.699799][    T7] usb 1-1: Product: syz
[  106.738037][    T7] usb 1-1: Manufacturer: syz
[  106.912423][    T7] usb 1-1: SerialNumber: syz
[  107.360200][ T4650] crypto_alloc_aead failed rc=-2
[  107.844356][ T4690] overlayfs: failed to clone lowerpath
[  108.463744][    T7] (unnamed net_device) (uninitialized): Assigned a random MAC address: 96:eb:20:bf:1e:f4
[  108.540079][    T7] rtl8150 1-1:1.0: eth1: rtl8150 is detected
[  110.538919][ T4173] usb 1-1: USB disconnect, device number 2
[  119.033661][ T4251] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  119.334341][ T4251] usb 1-1: Using ep0 maxpacket: 32
[  119.463631][ T4251] usb 1-1: New USB device found, idVendor=056a, idProduct=00ed, bcdDevice= 0.00
[  119.493403][ T4251] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.545511][ T4251] usb 1-1: config 0 descriptor??
[  120.074608][ T4251] wacom 0003:056A:00ED.0001: unknown main item tag 0x5
[  120.146785][ T4829] Zero length message leads to an empty skb
[  120.157107][ T4829] netlink: 124 bytes leftover after parsing attributes in process `syz.4.138'.
[  120.322740][ T4251] wacom 0003:056A:00ED.0001: hidraw0: USB HID v0.04 Device [HID 056a:00ed] on usb-dummy_hcd.0-1/input0
[  120.604088][ T4251] usb 1-1: USB disconnect, device number 3
[  120.845179][ T4173] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  120.997170][ T4830] fido_id[4830]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  121.105286][ T4837] device vlan2 entered promiscuous mode
[  121.131124][ T4837] device bridge0 entered promiscuous mode
[  121.170723][ T4837] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  121.203651][ T4173] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  121.222494][ T4366] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  121.242156][ T4173] usb 2-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[  121.272607][ T4173] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.291662][ T4173] usb 2-1: config 0 descriptor??
[  121.332452][ T4842] process 'syz.4.151' launched './file0' with NULL argv: empty string added
[  121.463742][    T7] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  122.208016][ T4173] lenovo 0003:17EF:6009.0002: hidraw0: USB HID v0.00 Device [HID 17ef:6009] on usb-dummy_hcd.1-1/input0
[  122.630369][ T4173] usb 2-1: USB disconnect, device number 3
[  122.840530][ T4855] fido_id[4855]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  123.723474][    T7] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  123.870708][    T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.906878][    T7] usb 1-1: Product: syz
[  123.911113][    T7] usb 1-1: Manufacturer: syz
[  123.993404][    T7] usb 1-1: SerialNumber: syz
[  124.005980][    T7] usb 1-1: config 0 descriptor??
[  124.997770][ T4869] netlink: 124 bytes leftover after parsing attributes in process `syz.1.158'.
[  126.383708][ T4887] ufs: You didn't specify the type of your ufs filesystem
[  126.383708][ T4887] 
[  126.383708][ T4887] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  126.383708][ T4887] 
[  126.383708][ T4887] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  126.659487][ T4887] ufs: ufstype=old is supported read-only
[  126.689978][ T4887] ufs: ufs_fill_super(): bad magic number
[  127.424908][   T13] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  127.713739][ T4900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.170'.
[  128.253803][   T13] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.296489][   T13] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.394630][    T7] usb 1-1: can't set config #0, error -71
[  128.424566][    T7] usb 1-1: USB disconnect, device number 4
[  128.446273][   T13] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  128.526981][   T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.580296][   T13] usb 4-1: config 0 descriptor??
[  128.923590][    T7] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  129.085377][   T13] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  129.092415][   T13] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  129.120238][   T13] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  129.132780][   T13] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  129.142313][   T13] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  129.156314][   T13] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  129.166835][   T13] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  129.180633][   T13] cp2112 0003:10C4:EA90.0003: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0
[  129.283942][    T7] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  129.303481][   T13] cp2112 0003:10C4:EA90.0003: Part Number: 0x00 Device Version: 0x00
[  129.312898][    T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.329652][    T7] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  129.349576][    T7] usb 1-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00
[  129.367987][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.391197][    T7] usb 1-1: config 0 descriptor??
[  129.890327][    T7] elecom 0003:056E:010C.0004: hidraw1: USB HID v0.02 Device [HID 056e:010c] on usb-dummy_hcd.0-1/input0
[  130.182543][   T13] usb 1-1: USB disconnect, device number 5
[  130.453775][ T1110] usb 4-1: reset high-speed USB device number 3 using dummy_hcd
[  130.701666][ T4927] fido_id[4927]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  130.734523][   T21] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  131.113345][   T21] usb 3-1: Using ep0 maxpacket: 32
[  131.213542][ T4254] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  131.264835][   T21] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  131.306810][   T21] usb 3-1: config 0 has no interface number 0
[  131.402822][   T21] usb 3-1: config 0 interface 184 has no altsetting 0
[  131.634576][ T4254] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.684463][   T21] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  131.872869][ T4254] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.890186][   T21] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.961772][   T21] usb 3-1: Product: syz
[  131.968580][ T4254] usb 1-1: New USB device found, idVendor=04f2, idProduct=0418, bcdDevice= 0.00
[  131.981175][   T21] usb 3-1: Manufacturer: syz
[  131.986428][   T21] usb 3-1: SerialNumber: syz
[  131.991371][ T4254] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.012956][   T21] usb 3-1: config 0 descriptor??
[  132.020467][ T4254] usb 1-1: config 0 descriptor??
[  132.116091][   T21] smsc75xx v1.0.0
[  132.188417][    T7] usb 4-1: USB disconnect, device number 3
[  132.308106][   T26] audit: type=1326 audit(1769089779.539:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4945 comm="syz.4.184" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x0
[  132.576759][ T4254] chicony 0003:04F2:0418.0005: item fetching failed at offset 3/7
[  132.586566][ T4254] chicony 0003:04F2:0418.0005: Chicony hid parse failed: -22
[  132.594574][ T4254] chicony: probe of 0003:04F2:0418.0005 failed with error -22
[  132.784581][ T4239] usb 1-1: USB disconnect, device number 6
[  132.799298][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  132.812377][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  132.833741][   T21] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  132.844367][ T1110] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  132.845298][   T21] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  133.224112][ T1110] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.279130][ T1110] usb 4-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  133.375970][ T1110] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.532852][ T1110] usb 4-1: config 0 descriptor??
[  133.601940][ T4958] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  133.685398][   T21] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[  133.708517][   T21] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[  133.719431][   T21] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  133.738367][   T21] smsc75xx: probe of 3-1:0.184 failed with error -71
[  133.889552][ T4962] IPVS: stopping backup sync thread 4958 ...
[  133.931318][   T21] usb 3-1: USB disconnect, device number 3
[  134.133331][ T4964] netlink: 28 bytes leftover after parsing attributes in process `syz.0.189'.
[  134.461725][ T1110] hid-generic 0003:1038:12B6.0006: item fetching failed at offset 5/7
[  134.659995][ T1110] hid-generic: probe of 0003:1038:12B6.0006 failed with error -22
[  134.780266][ T1110] usb 4-1: USB disconnect, device number 4
[  136.845352][ T5012] netlink: 28 bytes leftover after parsing attributes in process `syz.3.204'.
[  137.347621][ T5016] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  139.406960][ T5042] binder: 5041:5042 ioctl 4018620d 0 returned -22
[  141.723489][ T1110] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  144.364988][ T1110] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30
[  144.445500][ T1110] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[  144.521747][ T1110] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 33
[  144.856904][ T1110] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  145.059443][ T1110] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.270910][ T5104] 9p: Unknown Cache mode readahead
[  145.290590][ T1110] usb 3-1: config 0 descriptor??
[  145.407488][ T1110] usb 3-1: can't set config #0, error -71
[  145.438672][ T1110] usb 3-1: USB disconnect, device number 4
[  146.538683][ T4254] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  148.233870][ T4254] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  148.436702][ T4254] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  148.486226][ T4254] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  148.570272][ T4254] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.803769][ T4254] usb 1-1: config 0 descriptor??
[  149.043426][ T4254] usb 1-1: can't set config #0, error -71
[  149.050629][ T4254] usb 1-1: USB disconnect, device number 7
[  155.631293][ T5246] netlink: 'syz.4.277': attribute type 16 has an invalid length.
[  155.723501][ T4254] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  155.821263][ T5249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.276'.
[  155.917501][ T5249] vivid-003: kernel_thread() failed
[  156.298917][ T5253] netlink: 'syz.0.278': attribute type 10 has an invalid length.
[  156.323621][ T5253] netlink: 40 bytes leftover after parsing attributes in process `syz.0.278'.
[  156.332663][ T5253] device dummy0 entered promiscuous mode
[  156.463450][ T4254] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.488835][ T4254] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  156.583428][ T4254] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  156.592721][ T4254] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  156.636689][ T5261] siw: device registration error -23
[  156.828892][ T4254] usb 4-1: SerialNumber: syz
[  157.823418][ T4254] usb 4-1: can't set config #1, error -71
[  157.831883][ T4254] usb 4-1: USB disconnect, device number 5
[  157.937099][ T5279] netlink: 24 bytes leftover after parsing attributes in process `syz.4.287'.
[  158.113332][ T4251] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  158.393686][ T4251] usb 3-1: Using ep0 maxpacket: 16
[  158.645290][ T4251] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.657890][ T4251] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  158.674609][ T4251] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  158.684161][ T4251] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.721113][ T4251] usb 3-1: config 0 descriptor??
[  159.613485][ T4251] usbhid 3-1:0.0: can't add hid device: -71
[  159.623333][ T4251] usbhid: probe of 3-1:0.0 failed with error -71
[  159.673272][ T4251] usb 3-1: USB disconnect, device number 5
[  159.769845][ T5312] siw: device registration error -23
[  163.273498][ T5348] binder: BINDER_SET_CONTEXT_MGR bad uid 0 != 255
[  163.283613][ T5348] binder: 5347:5348 ioctl 4018620d 200000000100 returned -1
[  163.397296][ T5351] overlayfs: overlapping lowerdir path
[  163.476980][ T5348] binder: BINDER_SET_CONTEXT_MGR bad uid 0 != 255
[  163.555515][ T5348] binder: 5347:5348 ioctl 4018620d 200000004a80 returned -1
[  163.920972][ T5381] siw: device registration error -23
[  165.114526][ T5394] binder: 5388:5394 ioctl 4018620d 0 returned -22
[  165.226439][ T4320] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  165.261519][ T5402] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  165.564398][ T5409] IPVS: stopping backup sync thread 5402 ...
[  165.856545][ T4320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.869544][ T4320] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.882668][ T4320] usb 2-1: New USB device found, idVendor=056a, idProduct=030c, bcdDevice= 0.00
[  165.892158][ T4320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.912055][ T4320] usb 2-1: config 0 descriptor??
[  166.241083][ T5425] siw: device registration error -23
[  166.524342][ T4320] hid (null): nested delimiters
[  166.535904][ T4320] wacom 0003:056A:030C.0007: nested delimiters
[  166.549725][ T4320] wacom 0003:056A:030C.0007: item 0 1 2 10 parsing failed
[  166.565646][ T4320] wacom 0003:056A:030C.0007: parse failed
[  166.981496][ T4320] wacom: probe of 0003:056A:030C.0007 failed with error -22
[  167.053610][ T4320] usb 2-1: USB disconnect, device number 4
[  167.341214][ T5449] netlink: 24 bytes leftover after parsing attributes in process `syz.4.339'.
[  167.365487][ T5450] binder: 5443:5450 ioctl 4018620d 0 returned -22
[  167.573351][ T1110] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  167.823716][ T1110] usb 4-1: Using ep0 maxpacket: 16
[  167.944300][ T1110] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.441632][ T1110] usb 4-1: New USB device found, idVendor=17ef, idProduct=60a4, bcdDevice= 0.00
[  168.726363][ T1110] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.744446][ T1110] usb 4-1: config 0 descriptor??
[  169.369103][ T1110] lenovo 0003:17EF:60A4.0008: unknown main item tag 0x2
[  169.676169][ T1110] lenovo 0003:17EF:60A4.0008: hidraw0: USB HID v0.80 Device [HID 17ef:60a4] on usb-dummy_hcd.3-1/input0
[  169.775541][ T1110] usb 4-1: USB disconnect, device number 6
[  170.277617][ T5495] netlink: 4 bytes leftover after parsing attributes in process `syz.1.351'.
[  170.528393][ T5485] fido_id[5485]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  171.011301][ T5512] binder: 5505:5512 ioctl 4018620d 0 returned -22
[  171.524412][ T5521] netlink: 24 bytes leftover after parsing attributes in process `syz.3.362'.
[  172.401901][ T5525] device vlan2 entered promiscuous mode
[  172.408104][ T5525] device bridge0 entered promiscuous mode
[  172.417493][ T5525] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  172.433950][ T5109] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  172.814660][ T4191] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  173.423717][ T5551] netlink: 'syz.3.373': attribute type 16 has an invalid length.
[  173.949811][ T5551] netlink: 'syz.3.373': attribute type 2 has an invalid length.
[  173.983912][ T5551] netlink: 64086 bytes leftover after parsing attributes in process `syz.3.373'.
[  174.163489][ T4191] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  174.203397][ T4191] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.255811][ T4191] usb 3-1: Product: syz
[  174.272903][ T5561] netlink: 12 bytes leftover after parsing attributes in process `syz.4.378'.
[  174.282977][ T4191] usb 3-1: Manufacturer: syz
[  174.295328][ T4191] usb 3-1: SerialNumber: syz
[  174.362185][ T4191] usb 3-1: config 0 descriptor??
[  174.435379][ T4191] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  175.165445][ T4191] gspca_sunplus: reg_w_riv err -110
[  175.170829][ T4191] sunplus: probe of 3-1:0.0 failed with error -110
[  175.331530][ T5572] device syzkaller0 entered promiscuous mode
[  175.432402][ T5584] binder: 5578:5584 ioctl 4018620d 0 returned -22
[  176.136606][ T4191] usb 3-1: USB disconnect, device number 6
[  179.645228][ T5599] netlink: 12 bytes leftover after parsing attributes in process `syz.3.390'.
[  179.961791][ T5606] comedi: No check for data length of config insn id 6 is implemented
[  179.970113][ T5606] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  179.979584][ T5606] comedi: Assuming n=419 is correct
[  180.660588][ T5632] netlink: 'syz.1.397': attribute type 10 has an invalid length.
[  180.700089][ T5632] netlink: 40 bytes leftover after parsing attributes in process `syz.1.397'.
[  181.723343][ T1110] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  181.784202][ T5632] device dummy0 entered promiscuous mode
[  181.795182][ T5642] netlink: 12 bytes leftover after parsing attributes in process `syz.4.404'.
[  181.849030][ T5636] device syzkaller0 entered promiscuous mode
[  182.243433][ T1110] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  182.278259][ T1110] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.331249][ T1110] usb 3-1: Product: syz
[  182.369950][ T1110] usb 3-1: Manufacturer: syz
[  182.392893][ T1110] usb 3-1: SerialNumber: syz
[  182.460839][ T1110] usb 3-1: config 0 descriptor??
[  182.536009][ T1110] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  183.048528][ T5671] netlink: 4 bytes leftover after parsing attributes in process `syz.4.415'.
[  183.333394][ T1110] gspca_sunplus: reg_w_riv err -110
[  183.833870][ T1110] sunplus: probe of 3-1:0.0 failed with error -110
[  184.193513][ T5678] comedi: No check for data length of config insn id 6 is implemented
[  184.202172][ T5678] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  184.211572][ T5678] comedi: Assuming n=419 is correct
[  186.378643][ T5706] netlink: 4 bytes leftover after parsing attributes in process `syz.0.426'.
[  186.471666][ T5706] vivid-001: kernel_thread() failed
[  187.801032][ T4320] usb 3-1: USB disconnect, device number 7
[  189.240635][ T5724] comedi: No check for data length of config insn id 6 is implemented
[  189.249009][ T5724] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  189.258558][ T5724] comedi: Assuming n=419 is correct
[  189.964454][ T5722] device dummy0 left promiscuous mode
[  191.275847][ T4320] Bluetooth: hci2: command 0x0406 tx timeout
[  191.286868][ T1110] Bluetooth: hci3: command 0x0406 tx timeout
[  191.991681][ T1110] Bluetooth: hci1: command 0x0406 tx timeout
[  192.018844][ T1110] Bluetooth: hci0: command 0x0406 tx timeout
[  192.483707][ T1110] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  193.704139][ T5769] device dummy0 left promiscuous mode
[  193.953377][ T5771] Bluetooth: hci0: invalid length 0, exp 2 for type 13
[  194.239789][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  194.246259][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  195.486403][ T1110] usb 3-1: device descriptor read/all, error -71
[  198.406835][ T5834] netlink: 'syz.4.473': attribute type 1 has an invalid length.
[  198.647209][ T5834] 8021q: adding VLAN 0 to HW filter on device bond1
[  198.666603][ T5836] device vlan2 entered promiscuous mode
[  198.672340][ T5836] device bridge0 entered promiscuous mode
[  198.688230][ T5836] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  199.442030][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  199.457145][ T5844] netlink: 'syz.4.473': attribute type 10 has an invalid length.
[  199.490207][ T5844] netlink: 40 bytes leftover after parsing attributes in process `syz.4.473'.
[  199.499571][ T1110] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  199.575046][ T5844] device dummy0 entered promiscuous mode
[  200.034056][ T1110] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  200.053372][ T1110] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.111860][ T1110] usb 2-1: Product: syz
[  200.128192][ T1110] usb 2-1: Manufacturer: syz
[  200.151052][ T1110] usb 2-1: SerialNumber: syz
[  200.474900][ T1110] usb 2-1: config 0 descriptor??
[  202.413072][ T5882] netlink: 'syz.4.489': attribute type 1 has an invalid length.
[  202.474995][ T5882] 8021q: adding VLAN 0 to HW filter on device bond2
[  202.489131][ T5886] device dummy0 left promiscuous mode
[  202.574968][ T5882] netlink: 'syz.4.489': attribute type 10 has an invalid length.
[  202.627415][ T5882] netlink: 40 bytes leftover after parsing attributes in process `syz.4.489'.
[  202.653739][ T5882] device dummy0 entered promiscuous mode
[  205.653698][ T1110] usb 2-1: can't set config #0, error -110
[  205.917031][ T4251] usb 2-1: USB disconnect, device number 5
[  207.139929][ T5963] device vlan2 entered promiscuous mode
[  207.709064][ T5963] device bridge0 entered promiscuous mode
[  207.762167][ T5963] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  207.788798][ T1287] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  209.261184][ T5986] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  213.645080][ T6024] device vlan2 entered promiscuous mode
[  213.655710][ T6024] device bridge0 entered promiscuous mode
[  213.677582][ T6024] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  213.693647][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  213.738858][ T4254] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  213.904114][ T1110] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  213.983386][ T4240] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  213.993369][ T4254] usb 3-1: Using ep0 maxpacket: 8
[  214.193363][ T4254] usb 3-1: unable to get BOS descriptor or descriptor too short
[  214.273444][ T1110] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  214.287269][ T1110] usb 2-1: config 0 has no interface number 0
[  214.303368][ T4254] usb 3-1: config index 0 descriptor too short (expected 172, got 36)
[  214.306758][ T1110] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.313356][ T4254] usb 3-1: config 9 has an invalid interface number: 5 but max is 1
[  214.330876][ T4254] usb 3-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  214.341722][ T4254] usb 3-1: config 9 has 1 interface, different from the descriptor's value: 2
[  214.351215][ T4254] usb 3-1: config 9 has no interface number 0
[  214.357646][ T1110] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  214.359102][ T4254] usb 3-1: config 9 interface 5 altsetting 9 has an invalid endpoint with address 0xFF, skipping
[  214.378828][ T4254] usb 3-1: config 9 interface 5 has no altsetting 0
[  214.396060][ T1110] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[  214.485420][ T1110] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.524708][ T1110] usb 2-1: config 0 descriptor??
[  214.534368][ T4240] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  214.557247][ T4240] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.576779][ T4240] usb 4-1: Product: syz
[  214.578822][ T4254] usb 3-1: New USB device found, idVendor=06f8, idProduct=b000, bcdDevice=5d.a8
[  214.581291][ T4240] usb 4-1: Manufacturer: syz
[  214.599149][ T4240] usb 4-1: SerialNumber: syz
[  214.626514][ T4254] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.628361][ T4240] usb 4-1: config 0 descriptor??
[  214.666402][ T4254] usb 3-1: Product: syz
[  214.670963][ T4254] usb 3-1: Manufacturer: syz
[  214.689377][ T4254] usb 3-1: SerialNumber: syz
[  214.695792][ T4240] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  215.041056][ T1110] input: HID 04d9:a055 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.1/0003:04D9:A055.0009/input/input8
[  215.062046][ T4254] usb 3-1: USB disconnect, device number 10
[  215.143487][ T4240] gspca_sunplus: reg_w_riv err -71
[  215.149572][ T4240] sunplus: probe of 4-1:0.0 failed with error -71
[  215.165494][ T4240] usb 4-1: USB disconnect, device number 7
[  215.191585][ T1110] holtek_kbd 0003:04D9:A055.0009: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.1-1/input1
[  215.254054][ T1110] usb 2-1: USB disconnect, device number 6
[  215.327733][ T6039] fido_id[6039]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  217.303631][ T4254] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  217.323564][    T7] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  217.694166][ T4254] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.733450][ T4254] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.798841][ T4254] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  217.872692][ T4254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.973036][ T4254] usb 3-1: config 0 descriptor??
[  218.333784][    T7] usb 2-1: too many configurations: 13, using maximum allowed: 8
[  218.443624][    T7] usb 2-1: config 0 has no interfaces?
[  218.464778][ T6053] udc-core: couldn't find an available UDC or it's busy
[  218.472060][ T6053] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  218.523503][    T7] usb 2-1: config 0 has no interfaces?
[  218.603730][    T7] usb 2-1: config 0 has no interfaces?
[  218.683647][    T7] usb 2-1: config 0 has no interfaces?
[  218.693491][ T4254] usb 3-1: language id specifier not provided by device, defaulting to English
[  218.763391][    T7] usb 2-1: config 0 has no interfaces?
[  218.875976][    T7] usb 2-1: config 0 has no interfaces?
[  219.053759][    T7] usb 2-1: config 0 has no interfaces?
[  220.313534][ T4254] uclogic 0003:256C:006D.000A: interface is invalid, ignoring
[  220.369275][ T6085] loop3: detected capacity change from 0 to 512
[  220.555196][ T6085] EXT4-fs (loop3): mounted filesystem without journal. Opts: user_xattr,mb_optimize_scan=0x0000000000000001,stripe=0x0000000000000006,,errors=continue. Quota mode: writeback.
[  220.594085][ T6085] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.609369][ T1110] usb 3-1: USB disconnect, device number 11
[  220.643414][    T7] usb 2-1: unable to read config index 7 descriptor/all
[  220.665779][    T7] usb 2-1: can't read configurations, error -71
[  220.953852][ T4173] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  221.135557][    T7] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  221.203606][ T4173] usb 1-1: Using ep0 maxpacket: 32
[  221.423468][ T4173] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  221.433376][ T4173] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  221.443086][ T4173] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  221.452967][ T4173] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  221.466307][ T4173] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  221.476971][ T1110] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  221.485817][ T4173] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  221.501353][ T4173] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  221.511970][ T4173] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.595184][ T4173] usb 1-1: config 0 descriptor??
[  221.723403][    T7] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  221.733334][ T1110] usb 4-1: Using ep0 maxpacket: 32
[  221.761811][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.808645][    T7] usb 2-1: Product: syz
[  221.842173][    T7] usb 2-1: Manufacturer: syz
[  221.853557][ T1110] usb 4-1: config 0 has an invalid interface number: 151 but max is 0
[  221.869256][    T7] usb 2-1: SerialNumber: syz
[  221.892631][ T1110] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  221.918005][ T4173] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  221.953954][    T7] usb 2-1: config 0 descriptor??
[  221.978650][ T1110] usb 4-1: config 0 has no interface number 0
[  222.021637][ T1110] usb 4-1: config 0 interface 151 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  222.101649][    T7] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  222.115864][ T4173] usb 1-1: USB disconnect, device number 8
[  222.127282][ T4173] usblp0: removed
[  222.283453][ T1110] usb 4-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[  222.300015][ T1110] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.325673][ T1110] usb 4-1: Product: syz
[  222.337940][ T1110] usb 4-1: Manufacturer: syz
[  222.349438][ T1110] usb 4-1: SerialNumber: syz
[  222.394842][ T1110] usb 4-1: config 0 descriptor??
[  222.513659][ T4173] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  222.593384][    T7] gspca_sunplus: reg_w_riv err -71
[  222.598713][    T7] sunplus: probe of 2-1:0.0 failed with error -71
[  222.620016][    T7] usb 2-1: USB disconnect, device number 8
[  222.766332][ T4173] usb 1-1: Using ep0 maxpacket: 32
[  222.935159][ T4178] udevd[4178]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.151/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  223.780213][ T4173] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  223.833306][ T4173] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  223.841991][ T4173] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  223.848476][ T4254] usb 4-1: USB disconnect, device number 8
[  223.857004][ T4173] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  223.867902][ T4173] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  223.892015][ T4173] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  223.943266][ T4173] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  223.957511][ T6120] loop0: detected capacity change from 0 to 1024
[  223.964418][ T4173] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.975155][ T4173] usb 1-1: config 0 descriptor??
[  223.995239][ T4173] usb 1-1: can't set config #0, error -71
[  224.013268][ T4173] usb 1-1: USB disconnect, device number 9
[  224.100895][ T6120] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  224.118051][ T6120] ext4 filesystem being mounted at /111/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.185718][ T6128] netlink: 'syz.1.577': attribute type 10 has an invalid length.
[  224.196170][ T6128] netlink: 40 bytes leftover after parsing attributes in process `syz.1.577'.
[  224.206427][ T6128] device dummy0 entered promiscuous mode
[  226.063777][ T4255] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  226.403588][ T4255] usb 2-1: Using ep0 maxpacket: 8
[  226.603877][ T4255] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  226.611557][ T4255] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  226.687593][ T4255] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  226.715486][ T4255] usb 2-1: config 168 interface 0 altsetting 188 has an invalid endpoint with address 0xFF, skipping
[  226.733495][ T4255] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  226.753910][ T4255] usb 2-1: config 168 interface 0 has no altsetting 0
[  226.834820][ T4255] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  226.849645][ T4255] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  226.900000][ T4255] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  226.926422][ T4255] usb 2-1: config 168 interface 0 altsetting 188 has an invalid endpoint with address 0xFF, skipping
[  226.941996][ T4255] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  226.961656][ T4255] usb 2-1: config 168 interface 0 has no altsetting 0
[  227.053725][ T4255] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  227.069744][ T4255] usb 2-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  227.100540][ T4255] usb 2-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  227.120869][ T4255] usb 2-1: config 168 interface 0 altsetting 188 has an invalid endpoint with address 0xFF, skipping
[  227.141171][ T4255] usb 2-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  227.170650][ T4255] usb 2-1: config 168 interface 0 has no altsetting 0
[  227.474324][ T4255] usb 2-1: string descriptor 0 read error: -22
[  227.489510][ T4255] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  227.699487][ T4255] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.765080][ T4255] adutux 2-1:168.0: interrupt endpoints not found
[  228.718010][ T4254] usb 2-1: USB disconnect, device number 9
[  229.636732][ T6185] loop0: detected capacity change from 0 to 512
[  229.781171][ T6185] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback.
[  229.801467][ T6185] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.831597][ T6185] EXT4-fs error (device loop0): ext4_xattr_block_get:543: inode #12: comm syz.0.597: corrupted xattr block 6
[  229.880881][ T6192] xt_hashlimit: size too large, truncated to 1048576
[  229.883828][ T4254] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  230.459866][ T6214] binder: 6206:6214 ioctl 4018620d 0 returned -22
[  230.468102][ T6214] binder: BINDER_SET_CONTEXT_MGR bad uid 0 != 255
[  230.475195][ T6214] binder: 6206:6214 ioctl 4018620d 200000000180 returned -1
[  231.752574][ T6233] netlink: 'syz.4.612': attribute type 1 has an invalid length.
[  231.783257][ T6233] netlink: 64475 bytes leftover after parsing attributes in process `syz.4.612'.
[  232.203324][   T26] audit: type=1326 audit(1769089879.419:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6239 comm="syz.4.614" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x0
[  234.291856][ T6263] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  235.126223][ T6274] IPVS: stopping backup sync thread 6263 ...
[  235.576462][ T6275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.624'.
[  237.075479][ T6290] netlink: 32 bytes leftover after parsing attributes in process `syz.2.630'.
[  237.083669][ T4251] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  238.013887][ T6293] comedi: No check for data length of config insn id -38843711 is implemented
[  238.022948][ T6293] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  238.032367][ T6293] comedi: Assuming n=419 is correct
[  238.047634][ T6293] netlink: 32 bytes leftover after parsing attributes in process `syz.0.631'.
[  238.063295][ T4251] usb 2-1: Using ep0 maxpacket: 32
[  238.843506][ T4251] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  238.855856][ T4251] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  238.865976][ T4251] usb 2-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  238.876283][ T4251] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.894267][ T4251] usb 2-1: config 0 descriptor??
[  239.386934][ T4251] hid-u2fzero 0003:10C4:8ACF.000B: unknown main item tag 0x1
[  239.421053][ T4251] hid-u2fzero 0003:10C4:8ACF.000B: item fetching failed at offset 3/5
[  241.490508][ T4251] hid-u2fzero: probe of 0003:10C4:8ACF.000B failed with error -22
[  241.614353][ T4251] usb 2-1: USB disconnect, device number 11
[  242.891209][ T6326] netlink: 124 bytes leftover after parsing attributes in process `syz.1.641'.
[  244.322774][ T6339] binder: 6335:6339 ioctl 4018620d 0 returned -22
[  245.022873][ T6334] comedi: No check for data length of config insn id -38843711 is implemented
[  245.032568][ T6334] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  245.042285][ T6334] comedi: Assuming n=419 is correct
[  245.058635][ T6334] netlink: 32 bytes leftover after parsing attributes in process `syz.1.644'.
[  245.105657][ T6341] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  246.116163][ T6358] netlink: 'syz.2.650': attribute type 10 has an invalid length.
[  246.142113][ T6358] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.150044][ T6358] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.170436][ T6362] loop1: detected capacity change from 0 to 512
[  246.246168][ T6358] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.253356][ T6358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.261846][ T6358] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.269031][ T6358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.289434][ T6362] EXT4-fs (loop1): Unrecognized mount option "seclabel" or missing value
[  246.339372][ T6358] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  247.038287][ T5109] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  247.102971][ T6361] netlink: 12 bytes leftover after parsing attributes in process `syz.3.651'.
[  247.318872][ T6387] 9pnet: Insufficient options for proto=fd
[  249.438892][ T6426] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  250.009654][ T6436] loop1: detected capacity change from 0 to 512
[  250.116023][ T6436] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  250.251637][ T6436] EXT4-fs (loop1): Errors on filesystem, clearing orphan list.
[  250.293400][ T6436] EXT4-fs (loop1): mounted filesystem without journal. Opts: resgid=0x0000000000000000,grpid,noblock_validity,,errors=continue. Quota mode: none.
[  250.330310][ T6449] IPVS: stopping backup sync thread 6426 ...
[  250.509450][ T6453] loop0: detected capacity change from 0 to 512
[  250.647968][ T6453] EXT4-fs (loop0): Ignoring removed bh option
[  250.953125][ T6453] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  251.520762][ T6453] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  251.639124][ T6469] loop1: detected capacity change from 0 to 512
[  253.053081][ T6488] tmpfs: Bad value for 'size'
[  253.260833][ T6496] loop1: detected capacity change from 0 to 512
[  253.335786][ T6496] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.693: bad orphan inode 15
[  253.462527][ T6496] ext4_test_bit(bit=14, block=5) = 0
[  253.478880][ T6496] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,init_itable,journal_dev=0x0000000000000003,grpid,journal_ioprio=0x0000000000000002,journal_ioprio=0x0000000000000003,nolazytime,noload,,errors=continue. Quota mode: none.
[  253.502775][    C0] vkms_vblank_simulate: vblank timer overrun
[  253.622532][   T26] audit: type=1326 audit(1769089900.849:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  253.661227][ T6496] EXT4-fs error (device loop1): __ext4_new_inode:1076: comm syz.1.693: reserved inode found cleared - inode=1
[  253.707749][   T26] audit: type=1326 audit(1769089900.879:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  253.730226][    C0] vkms_vblank_simulate: vblank timer overrun
[  253.835621][   T26] audit: type=1326 audit(1769089900.879:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  253.983296][   T26] audit: type=1326 audit(1769089900.879:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  254.076631][   T26] audit: type=1326 audit(1769089900.879:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  254.329047][   T26] audit: type=1326 audit(1769089900.879:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  254.825421][   T26] audit: type=1326 audit(1769089900.879:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  254.919624][   T26] audit: type=1326 audit(1769089900.879:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  255.675918][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  255.682508][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  255.809283][   T26] audit: type=1326 audit(1769089900.879:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  255.833979][   T26] audit: type=1326 audit(1769089900.889:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6507 comm="syz.4.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c7441dcb9 code=0x7ffc0000
[  255.894656][ T6532] af_packet: tpacket_rcv: packet too big, clamped from 60 to 4294967272. macoff=96
[  255.947193][ T6536] loop3: detected capacity change from 0 to 1024
[  256.009538][ T6536] EXT4-fs (loop3): Ignoring removed orlov option
[  256.018991][ T6536] EXT4-fs (loop3): inline encryption not supported
[  256.049324][ T6538] loop2: detected capacity change from 0 to 128
[  256.080434][ T6536] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  256.113644][ T6536] EXT4-fs error (device loop3): ext4_get_journal_inode:5185: comm syz.3.704: inode #102: comm syz.3.704: iget: illegal inode #
[  256.218473][ T6536] EXT4-fs (loop3): no journal found
[  256.224032][ T6536] EXT4-fs (loop3): can't get journal size
[  256.308557][ T6536] EXT4-fs (loop3): failed to initialize system zone (-22)
[  256.364168][ T6536] EXT4-fs (loop3): mount failed
[  256.445763][ T6549] netlink: 124 bytes leftover after parsing attributes in process `syz.4.707'.
[  257.320505][ T6562] siw: device registration error -23
[  258.256178][ T6573] loop1: detected capacity change from 0 to 2048
[  258.433286][ T6573] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  261.559641][ T6634] device syzkaller0 entered promiscuous mode
[  263.661368][ T6657] loop1: detected capacity change from 0 to 512
[  263.828852][ T6657] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  264.951610][ T6674] netlink: 124 bytes leftover after parsing attributes in process `syz.1.743'.
[  266.983188][ T6691] binder: 6686:6691 ioctl 4018620d 0 returned -22
[  267.544216][ T6693] loop1: detected capacity change from 0 to 128
[  267.835043][ T6704] comedi: No check for data length of config insn id -38843711 is implemented
[  267.845477][ T6704] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  267.855414][ T6704] comedi: Assuming n=419 is correct
[  269.806200][ T4366] attempt to access beyond end of device
[  269.806200][ T4366] loop1: rw=1048577, want=385, limit=128
[  273.711826][ T6753] comedi: No check for data length of config insn id -38843711 is implemented
[  273.720935][ T6753] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  273.730285][ T6753] comedi: Assuming n=419 is correct
[  273.743015][ T6753] netlink: 32 bytes leftover after parsing attributes in process `syz.1.765'.
[  274.616302][ T6756] loop3: detected capacity change from 0 to 512
[  274.854897][ T6756] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  275.802712][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  275.802728][   T26] audit: type=1326 audit(1769089923.029:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.238972][   T26] audit: type=1326 audit(1769089923.029:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.263037][   T26] audit: type=1326 audit(1769089923.029:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.285807][   T26] audit: type=1326 audit(1769089923.029:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.309779][   T26] audit: type=1326 audit(1769089923.029:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.332203][   T26] audit: type=1326 audit(1769089923.039:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.355823][   T26] audit: type=1326 audit(1769089923.039:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.378403][   T26] audit: type=1326 audit(1769089923.229:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.626934][   T26] audit: type=1326 audit(1769089923.229:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.835081][   T26] audit: type=1326 audit(1769089923.539:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6770 comm="syz.3.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fa2c3787cb9 code=0x7ffc0000
[  276.857441][    C1] vkms_vblank_simulate: vblank timer overrun
[  277.328705][ T6796] netlink: 32 bytes leftover after parsing attributes in process `syz.3.776'.
[  278.214694][ T6802] comedi: No check for data length of config insn id -38843711 is implemented
[  278.223692][ T6802] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  278.233208][ T6802] comedi: Assuming n=419 is correct
[  278.246281][ T6802] netlink: 32 bytes leftover after parsing attributes in process `syz.0.777'.
[  278.411971][ T4240] Bluetooth: hci4: command 0x0406 tx timeout
[  279.412024][ T6818] loop3: detected capacity change from 0 to 512
[  279.477949][ T6818] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  279.690077][ T6818] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  279.878113][ T6818] EXT4-fs error (device loop3): ext4_orphan_get:1400: comm syz.3.783: inode #15: comm syz.3.783: iget: illegal inode #
[  279.893001][ T6818] EXT4-fs (loop3): Remounting filesystem read-only
[  279.904695][ T6818] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.783: couldn't read orphan inode 15 (err -117)
[  279.964678][ T6818] EXT4-fs (loop3): Remounting filesystem read-only
[  280.034776][ T6818] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,. Quota mode: writeback.
[  280.344359][ T6818] EXT4-fs error (device loop3): ext4_empty_dir:3145: inode #12: block 13: comm syz.3.783: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=12, rec_len=32769, size=4096 fake=0
[  280.409956][ T6818] EXT4-fs (loop3): Remounting filesystem read-only
[  280.553543][ T6818] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #12: comm syz.3.783: directory missing '.'
[  280.655363][ T6836] option changes via remount are deprecated (pid=6835 comm=syz.2.788)
[  281.473128][ T6842] loop2: detected capacity change from 0 to 1024
[  281.704307][ T6848] netlink: 4 bytes leftover after parsing attributes in process `syz.3.789'.
[  282.053441][ T6842] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  282.882614][ T6842] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000080,nodelalloc,grpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  285.069878][ T6863] comedi: No check for data length of config insn id 6 is implemented
[  285.078382][ T6863] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  285.087927][ T6863] comedi: Assuming n=419 is correct
[  286.970023][   T21] hid-generic 0000:0009:0000.000C: unknown main item tag 0x1
[  287.452565][   T21] hid-generic 0000:0009:0000.000C: hidraw0: <UNKNOWN> HID vffffff.97 Device [syz0] on syz0
[  288.931088][ T6884] fido_id[6884]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  291.914095][ T6938] netlink: 104 bytes leftover after parsing attributes in process `syz.0.813'.
[  293.815887][ T6942] loop1: detected capacity change from 0 to 1024
[  294.148671][ T6942] EXT4-fs (loop1): Ignoring removed orlov option
[  296.202412][ T6942] EXT4-fs warning (device loop1): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop1.
[  296.720509][ T6976] netlink: 4 bytes leftover after parsing attributes in process `syz.4.819'.
[  297.331324][ T6982] netlink: 12 bytes leftover after parsing attributes in process `syz.1.823'.
[  300.090698][ T7008] siw: device registration error -23
[  301.432756][ T7026] netlink: 124 bytes leftover after parsing attributes in process `syz.3.836'.
[  302.403362][ T4255] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  303.949666][ T7044] loop3: detected capacity change from 0 to 1024
[  303.965244][ T7045] netlink: 8 bytes leftover after parsing attributes in process `syz.2.837'.
[  304.404769][ T7044] EXT4-fs (loop3): Ignoring removed nobh option
[  304.444251][ T7044] EXT4-fs (loop3): Ignoring removed bh option
[  304.473328][ T7044] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  304.741870][ T7044] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,errors=remount-ro,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004005b1,auto_da_alloc=0x0000000000000000,grpquota,nobh,barrier,bh,dioread_nolock,. Quota mode: writeback.
[  307.314182][ T7072] netlink: 124 bytes leftover after parsing attributes in process `syz.3.849'.
[  308.589922][ T4255] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  308.601507][ T4255] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.765351][ T4255] usb 1-1: Product: syz
[  308.805476][ T4255] usb 1-1: Manufacturer: syz
[  309.304390][ T7087] loop1: detected capacity change from 0 to 512
[  309.680248][ T4255] usb 1-1: config 0 descriptor??
[  309.713535][ T4255] usb 1-1: can't set config #0, error -71
[  309.832638][ T4255] usb 1-1: USB disconnect, device number 10
[  309.862501][ T7087] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  309.900321][ T7087] EXT4-fs warning (device loop1): ext4_resize_fs:1981: can't read last block, resize aborted
[  309.919207][ T7093] netlink: 28 bytes leftover after parsing attributes in process `syz.0.855'.
[  310.024870][ T7093] device dummy0 left promiscuous mode
[  310.064700][ T7096] netlink: 'syz.0.855': attribute type 10 has an invalid length.
[  310.111556][ T7096] netlink: 40 bytes leftover after parsing attributes in process `syz.0.855'.
[  310.144216][ T7096] device dummy0 entered promiscuous mode
[  310.185559][ T7098] siw: device registration error -23
[  310.259648][ T7102] netlink: 4 bytes leftover after parsing attributes in process `syz.4.856'.
[  310.743768][ T7114] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  311.042332][ T7119] IPVS: stopping backup sync thread 7114 ...
[  312.133500][ T4298] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  314.181171][ T7141] netlink: 28 bytes leftover after parsing attributes in process `syz.1.871'.
[  314.259640][ T7141] device dummy0 left promiscuous mode
[  314.302428][ T7142] netlink: 'syz.1.871': attribute type 10 has an invalid length.
[  314.310900][ T4255] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  314.325157][ T7142] netlink: 40 bytes leftover after parsing attributes in process `syz.1.871'.
[  314.336275][ T7142] device dummy0 entered promiscuous mode
[  314.635763][ T7146] netlink: 4 bytes leftover after parsing attributes in process `syz.4.872'.
[  315.466410][ T7157] netlink: 8 bytes leftover after parsing attributes in process `syz.3.869'.
[  317.233755][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  317.240262][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  317.444396][ T4298] usb 3-1: unable to read config index 0 descriptor/all
[  317.453105][ T4298] usb 3-1: can't read configurations, error -71
[  317.801408][ T7186] netlink: 28 bytes leftover after parsing attributes in process `syz.4.884'.
[  317.827754][ T7186] device dummy0 left promiscuous mode
[  318.486631][ T7188] netlink: 'syz.4.884': attribute type 10 has an invalid length.
[  318.494845][ T7188] netlink: 40 bytes leftover after parsing attributes in process `syz.4.884'.
[  318.505013][ T7188] device dummy0 entered promiscuous mode
[  318.834151][ T7192] loop2: detected capacity change from 0 to 512
[  319.056598][ T7200] netlink: 4 bytes leftover after parsing attributes in process `syz.1.885'.
[  319.243202][ T7200] vivid-003: kernel_thread() failed
[  319.364277][ T7192] EXT4-fs (loop2): Ignoring removed nobh option
[  319.374455][ T7192] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  319.434462][ T7192] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  319.479741][ T7192] EXT4-fs (loop2): 1 truncate cleaned up
[  319.515289][ T7192] EXT4-fs (loop2): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none.
[  320.034382][ T7214] siw: device registration error -23
[  320.792997][ T7227] comedi: No check for data length of config insn id -38843711 is implemented
[  320.802587][ T7227] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  320.812135][ T7227] comedi: Assuming n=419 is correct
[  320.826786][ T7227] netlink: 24 bytes leftover after parsing attributes in process `syz.2.893'.
[  323.308056][ T7253] capability: warning: `syz.3.903' uses 32-bit capabilities (legacy support in use)
[  323.803631][ T7261] siw: device registration error -23
[  325.713268][ T7278] comedi: No check for data length of config insn id 6 is implemented
[  325.721633][ T7278] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  325.731059][ T7278] comedi: Assuming n=419 is correct
[  325.841627][ T1107] hid-generic 0000:0009:0000.000D: unknown main item tag 0x1
[  326.062513][ T1107] hid-generic 0000:0009:0000.000D: hidraw0: <UNKNOWN> HID vffffff.97 Device [syz0] on syz0
[  326.656663][ T7282] fido_id[7282]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  328.563104][ T7297] netlink: 4 bytes leftover after parsing attributes in process `syz.1.914'.
[  328.660152][ T7297] vivid-003: kernel_thread() failed
[  328.901333][ T7294] loop3: detected capacity change from 0 to 1024
[  328.957438][ T7294] EXT4-fs (loop3): Ignoring removed orlov option
[  329.339797][ T7294] EXT4-fs (loop3): mounted filesystem without journal. Opts: block_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,norecovery,,errors=continue. Quota mode: none.
[  330.474037][ T7323] device team_slave_0 entered promiscuous mode
[  330.480866][ T7323] device team_slave_1 entered promiscuous mode
[  330.546512][ T7323] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  330.594847][ T7323] device team_slave_0 left promiscuous mode
[  330.601018][ T7323] device team_slave_1 left promiscuous mode
[  330.886660][ T7329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.922'.
[  330.895922][ T7329] device bridge_slave_1 left promiscuous mode
[  330.902861][ T7329] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.941954][ T7329] device bridge_slave_0 left promiscuous mode
[  330.950980][ T7329] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.011095][ T7338] binder: 7332:7338 ioctl 4018620d 0 returned -22
[  336.039602][ T7382] binder: 7376:7382 ioctl 4018620d 0 returned -22
[  336.047697][ T7382] binder: BINDER_SET_CONTEXT_MGR bad uid 0 != 255
[  336.054427][ T7382] binder: 7376:7382 ioctl 4018620d 200000000180 returned -1
[  341.382362][ T7438] 8021q: adding VLAN 0 to HW filter on device bond1
[  342.277332][ T7438] netlink: 'syz.1.963': attribute type 10 has an invalid length.
[  342.329185][ T7438] netlink: 40 bytes leftover after parsing attributes in process `syz.1.963'.
[  345.659393][ T7471] comedi: No check for data length of config insn id -38843711 is implemented
[  345.668536][ T7471] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  345.678433][ T7471] comedi: Assuming n=419 is correct
[  348.098572][ T7489] 8021q: adding VLAN 0 to HW filter on device bond1
[  348.202002][ T7491] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  348.279179][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  348.295373][ T7489] netlink: 'syz.2.976': attribute type 10 has an invalid length.
[  348.331361][ T7489] netlink: 40 bytes leftover after parsing attributes in process `syz.2.976'.
[  348.371374][ T7489] device dummy0 entered promiscuous mode
[  348.401026][ T7489] bond1: (slave dummy0): Releasing backup interface
[  348.560170][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.2.980'.
[  348.630627][ T7501] netlink: 176 bytes leftover after parsing attributes in process `syz.2.980'.
[  348.691762][ T7501] netlink: 16 bytes leftover after parsing attributes in process `syz.2.980'.
[  351.214446][ T7516] siw: device registration error -23
[  351.477299][ T7521] syz.2.987 uses obsolete (PF_INET,SOCK_PACKET)
[  353.479807][ T7524] chnl_net:caif_netlink_parms(): no params data found
[  353.753390][ T4239] Bluetooth: hci5: command 0x0409 tx timeout
[  354.135438][ T7524] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.237709][ T7552] comedi: No check for data length of config insn id 6 is implemented
[  354.246129][ T7552] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  354.255469][ T7552] comedi: Assuming n=419 is correct
[  354.284691][ T4254] hid-generic 0000:0009:0000.000E: unknown main item tag 0x1
[  354.306582][ T7524] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.445775][ T4254] hid-generic 0000:0009:0000.000E: hidraw0: <UNKNOWN> HID vffffff.97 Device [syz0] on syz0
[  354.494035][ T7524] device bridge_slave_0 entered promiscuous mode
[  354.738028][ T7524] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.895261][ T7524] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.991143][ T7524] device bridge_slave_1 entered promiscuous mode
[  355.016449][ T7524] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  355.045967][ T7524] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  355.071266][ T7553] fido_id[7553]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  355.162367][ T7524] team0: Port device team_slave_0 added
[  355.322717][ T7524] team0: Port device team_slave_1 added
[  355.538085][ T7524] batman_adv: batadv0: Adding interface: batadv_slave_0
[  355.773019][ T7524] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  355.833997][ T4239] Bluetooth: hci5: command 0x041b tx timeout
[  356.163883][ T7524] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  356.229294][ T7524] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.236620][ T7524] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.283322][ T7524] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  356.335315][ T7567] siw: device registration error -23
[  356.982745][ T7524] device hsr_slave_0 entered promiscuous mode
[  357.290101][ T7524] device hsr_slave_1 entered promiscuous mode
[  357.315543][ T7524] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  357.333395][ T7524] Cannot create hsr debugfs directory
[  357.923294][ T1110] Bluetooth: hci5: command 0x040f tx timeout
[  358.767336][ T7524] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  358.865334][ T7593] comedi: No check for data length of config insn id 6 is implemented
[  358.873828][ T7593] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  358.884029][ T7593] comedi: Assuming n=419 is correct
[  358.947337][ T1110] hid-generic 0000:0009:0000.000F: unknown main item tag 0x1
[  359.121508][ T1110] hid-generic 0000:0009:0000.000F: hidraw0: <UNKNOWN> HID vffffff.97 Device [syz0] on syz0
[  359.645966][ T7524] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  360.116693][ T7524] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  360.264298][ T7597] fido_id[7597]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  360.281956][ T7524] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  360.553559][ T4240] Bluetooth: hci5: command 0x0419 tx timeout
[  360.963756][ T7625] siw: device registration error -23
[  361.629868][ T7524] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.711857][ T6710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  361.728308][ T6710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  361.769683][ T7524] 8021q: adding VLAN 0 to HW filter on device team0
[  361.812282][ T6710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  361.842266][ T6710] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  361.872356][ T6710] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.879563][ T6710] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.958515][ T6710] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  362.011123][ T6710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  362.031451][ T6710] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  362.048868][ T6710] bridge0: port 2(bridge_slave_1) entered blocking state
[  362.056195][ T6710] bridge0: port 2(bridge_slave_1) entered forwarding state
[  362.081718][ T6710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  362.197289][ T7648] comedi: No check for data length of config insn id 6 is implemented
[  362.205687][ T7648] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  362.215119][ T7648] comedi: Assuming n=419 is correct
[  364.445114][ T4251] hid-generic 0000:0009:0000.0010: unknown main item tag 0x1
[  364.491795][ T4251] hid-generic 0000:0009:0000.0010: hidraw0: <UNKNOWN> HID vffffff.97 Device [syz0] on syz0
[  364.706616][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  364.731562][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  365.494502][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  365.536716][ T7649] fido_id[7649]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  365.604474][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  365.624782][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  365.730930][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  365.744372][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  365.775976][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  365.805857][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  365.842424][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  368.212425][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  368.229470][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  368.255034][ T7524] 8021q: adding VLAN 0 to HW filter on device batadv0
[  368.906435][ T7716] loop2: detected capacity change from 0 to 1024
[  369.145155][ T7716] EXT4-fs (loop2): Ignoring removed oldalloc option
[  369.203683][ T7716] EXT4-fs (loop2): Ignoring removed bh option
[  369.209946][ T7716] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  369.350926][ T7716] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier=0x00000000000000ff,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  371.112449][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  371.131891][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  371.284707][ T7758] device v entered promiscuous mode
[  371.291255][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  371.320963][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  371.336264][ T7524] device veth0_vlan entered promiscuous mode
[  371.369422][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  371.377831][ T7370] syz.3.938 (7370) used greatest stack depth: 19952 bytes left
[  371.388386][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  371.414934][ T7524] device veth1_vlan entered promiscuous mode
[  371.473292][ T4328] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.421570][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  372.437240][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  372.616263][ T7774] loop0: detected capacity change from 0 to 256
[  372.629902][ T4328] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.661194][ T7524] device veth0_macvtap entered promiscuous mode
[  372.688423][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  372.701220][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  372.754369][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  372.802072][ T4328] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.865124][ T7524] device veth1_macvtap entered promiscuous mode
[  372.903697][ T4328] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.110293][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.125785][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.182415][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  373.979333][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  373.989550][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.013908][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.033223][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.055005][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.070662][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  374.092165][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.111753][ T7524] batman_adv: batadv0: Interface activated: batadv_slave_0
[  374.298210][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  374.346228][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  374.504658][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  374.519046][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  374.551331][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  374.768779][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.059269][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.095631][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.132595][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.285517][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.318897][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.335925][ T7524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.353197][ T7524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.377009][ T7524] batman_adv: batadv0: Interface activated: batadv_slave_1
[  375.406117][ T7801] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  375.430324][ T7801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  375.451640][ T7801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  375.517359][ T7801] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  375.577902][ T7801] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  375.606403][ T7801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  375.631677][ T7801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  375.687371][ T7801] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  375.708769][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  375.723414][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  375.747028][ T7524] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  375.767605][ T7524] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  375.808989][ T7524] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  375.854405][ T7524] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.191708][ T4400] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.213520][ T4400] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.290081][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  376.342772][ T4275] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.383233][ T4275] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.426116][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  379.245844][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  379.252342][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  379.338550][ T7865] loop5: detected capacity change from 0 to 512
[  379.488431][ T7865] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.1077: inode has both inline data and extents flags
[  379.562729][ T7865] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.1077: couldn't read orphan inode 15 (err -117)
[  379.648301][ T7874] 9pnet: Insufficient options for proto=fd
[  379.661722][ T7865] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,bsdgroups,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[  380.335852][ T7890] loop1: detected capacity change from 0 to 1024
[  380.369623][ T4328] device hsr_slave_0 left promiscuous mode
[  380.402294][ T4328] device hsr_slave_1 left promiscuous mode
[  380.443552][ T4328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.451206][ T4328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  380.479734][ T7890] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  380.497279][ T7890] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  380.532751][ T4328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.554112][ T4328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.574069][ T7890] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  380.600149][ T7890] System zones: 0-1, 3-36
[  380.674003][ T7890] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  380.703736][ T4328] device veth1_macvtap left promiscuous mode
[  380.711743][ T4328] device veth0_macvtap left promiscuous mode
[  380.771010][ T4328] device veth1_vlan left promiscuous mode
[  380.803839][ T4328] device veth0_vlan left promiscuous mode
[  382.405265][ T4328] team0 (unregistering): Port device team_slave_1 removed
[  382.484401][ T4328] team0 (unregistering): Port device team_slave_0 removed
[  382.550198][ T4328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  382.611109][ T4328] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  382.817489][ T4328] bond0 (unregistering): Released all slaves
[  382.865789][ T7889] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1085'.
[  382.898588][ T7894] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  382.932525][ T7898] netlink: 'syz.5.1085': attribute type 10 has an invalid length.
[  382.951342][ T7898] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1085'.
[  382.960789][ T7898] device dummy0 entered promiscuous mode
[  382.974774][ T7898] bond0: (slave dummy0): Releasing backup interface
[  383.000546][ T7909] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1089'.
[  383.022528][ T7909] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  383.258224][ T7934] loop1: detected capacity change from 0 to 512
[  383.369182][ T7938] loop5: detected capacity change from 0 to 512
[  383.390256][ T7934] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[  383.422789][ T7934] EXT4-fs (loop1): Ignoring removed bh option
[  383.548125][ T7934] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  383.548884][ T7938] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  383.562154][ T7934] ext4 filesystem being mounted at /225/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  383.683420][ T7938] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  383.713273][ T7938] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1097: Corrupt directory, running e2fsck is recommended
[  383.792471][ T7938] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  383.850606][ T7938] EXT4-fs error (device loop5): ext4_iget_extra_inode:4566: inode #15: comm syz.5.1097: corrupted in-inode xattr
[  383.915682][ T7938] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.1097: couldn't read orphan inode 15 (err -117)
[  384.028573][ T7938] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,auto_da_alloc=0x0000000000000004,jqfmt=vfsold,nolazytime,grpjquota=.journal_async_commit,resuid=0x0000000000000000,barrier=0x0000000000001000,grpid,,,errors=continue. Quota mode: writeback.
[  384.594178][ T7972] siw: device registration error -23
[  386.399675][ T8011] netlink: 4595 bytes leftover after parsing attributes in process `syz.1.1113'.
[  388.254565][ T8039] loop1: detected capacity change from 0 to 8192
[  388.880392][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805fac3000: rx timeout, send abort
[  389.390321][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805fac3000: abort rx timeout. Force session deactivation
[  391.219668][ T8095] loop5: detected capacity change from 0 to 512
[  391.324275][ T8095] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  391.392837][ T8095] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2806: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  391.456358][ T8095] EXT4-fs (loop5): 1 truncate cleaned up
[  391.471836][ T8095] EXT4-fs (loop5): mounted filesystem without journal. Opts: nogrpid,errors=remount-ro,debug_want_extra_isize=0x0000000000000066,nodioread_nolock,nodiscard,noquota,. Quota mode: none.
[  391.661269][ T8106] EXT4-fs error (device loop5): ext4_lookup:1858: inode #16: comm syz.5.1135: iget: bad i_size value: 5497558147880
[  391.681261][ T8106] EXT4-fs (loop5): Remounting filesystem read-only
[  391.848745][ T8066] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.856422][ T8066] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.029719][ T8111] loop5: detected capacity change from 0 to 512
[  392.211749][ T8111] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpjquota=,errors=continue,abort,bsdgroups,,errors=continue. Quota mode: writeback.
[  392.227684][ T8111] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  392.451746][ T8116] loop5: detected capacity change from 0 to 256
[  392.736766][ T8066] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  392.792255][ T8066] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  393.275006][ T8066] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  393.285348][ T8066] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  393.296534][ T8066] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  393.305771][ T8066] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  393.484290][ T8097] device dummy0 left promiscuous mode
[  393.514081][ T8100] netlink: 'syz.0.1136': attribute type 10 has an invalid length.
[  393.522004][ T8100] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1136'.
[  393.532904][ T8100] device dummy0 entered promiscuous mode
[  393.812729][ T8130] netlink: 'syz.1.1146': attribute type 10 has an invalid length.
[  393.857447][ T8129] loop0: detected capacity change from 0 to 512
[  393.866658][ T8132] loop5: detected capacity change from 0 to 1024
[  394.627255][ T8132] EXT4-fs (loop5): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  394.674318][ T8129] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,max_dir_size_kb=0x0000000000000004,stripe=0x0000000000000005,,errors=continue. Quota mode: writeback.
[  394.694107][ T8132] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  394.728758][ T8130] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.814869][ T8129] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  394.830943][ T8130] team0: Port device bond0 added
[  394.876014][ T8132] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1145: bg 0: block 112: padding at end of block bitmap is not set
[  394.893414][ T8141] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1146'.
[  394.931323][ T8132] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 117
[  395.016502][ T8132] EXT4-fs (loop5): This should not happen!! Data will be lost
[  395.016502][ T8132] 
[  395.041230][ T8141] team0 (unregistering): Port device team_slave_0 removed
[  395.198148][ T8141] team0 (unregistering): Port device team_slave_1 removed
[  395.210858][ T8154] comedi: No check for data length of config insn id -38843711 is implemented
[  395.220133][ T8154] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  395.229528][ T8154] comedi: Assuming n=419 is correct
[  396.593533][ T8141] team0 (unregistering): Port device bond0 removed
[  396.695355][ T8165] loop5: detected capacity change from 0 to 512
[  396.763046][ T8165] EXT4-fs (loop5): Ignoring removed nobh option
[  396.772660][ T8167] device dummy0 left promiscuous mode
[  396.825054][ T8172] netlink: 'syz.2.1154': attribute type 10 has an invalid length.
[  396.832954][ T8172] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1154'.
[  396.872911][ T8172] device dummy0 entered promiscuous mode
[  396.885052][ T8165] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,nobh,,errors=continue. Quota mode: writeback.
[  396.903765][ T8165] ext4 filesystem being mounted at /18/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  397.010018][ T8184] loop2: detected capacity change from 0 to 512
[  397.086374][ T8184] EXT4-fs (loop2): Ignoring removed nobh option
[  397.160248][ T8184] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  397.291323][ T8184] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2002c018, mo2=0002]
[  397.318860][   T26] kauditd_printk_skb: 23 callbacks suppressed
[  397.318883][   T26] audit: type=1326 audit(1769090044.549:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60df31fcb9 code=0x7ffc0000
[  397.380480][ T8184] System zones: 1-12
[  397.389774][   T26] audit: type=1326 audit(1769090044.559:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60df31fcb9 code=0x7ffc0000
[  397.420208][ T8184] EXT4-fs (loop2): 1 truncate cleaned up
[  397.433544][   T26] audit: type=1326 audit(1769090044.559:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60df31fcb9 code=0x7ffc0000
[  397.456673][ T8184] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,noinit_itable,jqfmt=vfsold,debug,max_dir_size_kb=0x000000000000c456,nobh,,errors=continue. Quota mode: none.
[  397.540086][   T26] audit: type=1326 audit(1769090044.559:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f60df31fcb9 code=0x7ffc0000
[  397.567749][   T26] audit: type=1326 audit(1769090044.559:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60df31fcb9 code=0x7ffc0000
[  397.591457][   T26] audit: type=1326 audit(1769090044.559:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60df31fcb9 code=0x7ffc0000
[  397.637303][ T8211] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1164'.
[  397.707277][   T26] audit: type=1326 audit(1769090044.559:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f60df31fcb9 code=0x7ffc0000
[  397.730594][ T8211] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1164'.
[  397.782038][   T26] audit: type=1326 audit(1769090044.559:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8195 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f60df31fcb9 code=0x7ffc0000
[  400.030407][ T8252] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x3
[  400.409759][ T8265] device dummy0 left promiscuous mode
[  400.490658][ T8271] netlink: 'syz.5.1181': attribute type 10 has an invalid length.
[  400.523732][ T8271] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1181'.
[  400.533076][ T8271] device dummy0 entered promiscuous mode
[  400.657209][ T8275] loop1: detected capacity change from 0 to 512
[  400.807067][ T8275] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  401.011180][ T8275] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  401.234440][ T8275] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1183: invalid indirect mapped block 2683928664 (level 1)
[  401.791421][ T8275] EXT4-fs (loop1): Remounting filesystem read-only
[  401.884017][ T8275] EXT4-fs (loop1): 1 truncate cleaned up
[  401.890227][ T8275] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,dioread_nolock,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.". Quota mode: writeback.
[  405.760297][ T8354] comedi: No check for data length of config insn id -38843711 is implemented
[  405.770053][ T8354] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  405.779864][ T8354] comedi: Assuming n=419 is correct
[  406.509941][ T8355] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1202'.
[  406.567346][ T8355] device bridge_slave_1 left promiscuous mode
[  406.583038][ T8355] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.604973][ T8355] device bridge_slave_0 left promiscuous mode
[  406.609168][ T8363] Falling back ldisc for ttyS3.
[  406.623369][ T8355] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.721324][ T8367] netlink: 'syz.1.1208': attribute type 29 has an invalid length.
[  406.756115][ T8369] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1209'.
[  406.859572][ T8367] netlink: 'syz.1.1208': attribute type 29 has an invalid length.
[  406.881140][ T8370] netlink: 'syz.1.1208': attribute type 29 has an invalid length.
[  406.993799][ T8371] netlink: 'syz.1.1208': attribute type 29 has an invalid length.
[  410.599993][ T8408] comedi: No check for data length of config insn id -38843711 is implemented
[  410.609294][ T8408] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  410.618900][ T8408] comedi: Assuming n=419 is correct
[  411.508873][ T8419] loop0: detected capacity change from 0 to 2048
[  411.653133][ T8428] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  411.705349][ T8419] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  411.844794][ T8419] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000001,user_xattr,minixdf,mblk_io_submit,journal_ioprio=0x0000000000000007,inode_readahead_blks=0x0000000000002000,,errors=continue. Quota mode: none.
[  411.919052][ T8419] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  412.243717][ T8445] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1220: bg 0: block 345: padding at end of block bitmap is not set
[  412.297001][ T6710] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.360558][ T8445] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 58 with error 117
[  412.373664][ T8445] EXT4-fs (loop0): This should not happen!! Data will be lost
[  412.373664][ T8445] 
[  412.860564][ T4367] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 74 with max blocks 2 with error 117
[  412.887206][ T4367] EXT4-fs (loop0): This should not happen!! Data will be lost
[  412.887206][ T4367] 
[  413.109070][ T8459] IPVS: stopping backup sync thread 8428 ...
[  413.250832][ T8467] comedi: No check for data length of config insn id -38843711 is implemented
[  413.260524][ T8467] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  413.270208][ T8467] comedi: Assuming n=419 is correct
[  413.456185][ T6710] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.914598][ T4237] Bluetooth: hci2: command 0x0409 tx timeout
[  413.964799][ T8436] chnl_net:caif_netlink_parms(): no params data found
[  414.053554][ T6710] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.191938][ T8479] loop1: detected capacity change from 0 to 512
[  414.193855][ T6710] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.291228][ T8479] EXT4-fs (loop1): Ignoring removed nobh option
[  414.302110][ T8479] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  414.401092][ T8436] bridge0: port 1(bridge_slave_0) entered blocking state
[  414.418162][ T8436] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.435770][ T8479] EXT4-fs (loop1): 1 truncate cleaned up
[  414.437807][ T8436] device bridge_slave_0 entered promiscuous mode
[  414.450405][ T8436] bridge0: port 2(bridge_slave_1) entered blocking state
[  414.451104][ T8479] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,journal_dev=0x00000000000001f6,init_itable=0x0000000000000004,acl,,errors=continue. Quota mode: none.
[  414.457539][ T8436] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.461095][ T8436] device bridge_slave_1 entered promiscuous mode
[  414.531123][ T8436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  414.565809][ T8436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  414.674852][ T8436] team0: Port device team_slave_0 added
[  414.722062][ T4173] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  414.740609][ T8436] team0: Port device team_slave_1 added
[  414.757369][ T8496] netlink: 'syz.0.1237': attribute type 1 has an invalid length.
[  414.825647][ T8496] 8021q: adding VLAN 0 to HW filter on device bond1
[  414.896629][ T8498] bond1: (slave geneve2): making interface the new active one
[  414.908521][ T8498] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  414.943277][ T4173] usb 3-1: device descriptor read/64, error -71
[  414.978453][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  415.091723][ T8436] batman_adv: batadv0: Adding interface: batadv_slave_0
[  415.123253][ T8436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  415.196194][ T8436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  415.223305][ T4173] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  415.247152][ T8436] batman_adv: batadv0: Adding interface: batadv_slave_1
[  415.265451][ T8436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  415.352650][ T8436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  415.443772][ T4173] usb 3-1: device descriptor read/64, error -71
[  415.583814][ T4173] usb usb3-port1: attempt power cycle
[  415.662122][ T8436] device hsr_slave_0 entered promiscuous mode
[  415.685386][ T8436] device hsr_slave_1 entered promiscuous mode
[  415.982601][ T8528] loop1: detected capacity change from 0 to 764
[  415.993254][ T4251] Bluetooth: hci2: command 0x041b tx timeout
[  416.101804][ T8532] comedi: No check for data length of config insn id -38843711 is implemented
[  416.110854][ T8532] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  416.120376][ T8532] comedi: Assuming n=419 is correct
[  416.157567][ T4173] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  416.944007][ T4173] usb 3-1: device descriptor read/8, error -71
[  417.046589][ T8543] serio: Serial port ptm0
[  417.079819][ T8436] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  417.139234][ T8436] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  417.213585][ T4173] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  417.235119][ T8554] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 8, id = 0
[  417.393360][ T8436] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  417.453576][ T4173] usb 3-1: device not accepting address 17, error -71
[  417.468530][ T4173] usb usb3-port1: unable to enumerate USB device
[  417.469518][ T8436] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  418.117229][ T4320] Bluetooth: hci2: command 0x040f tx timeout
[  418.564653][ T8586] comedi: No check for data length of config insn id -38843711 is implemented
[  418.573822][ T8586] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  418.583495][ T8586] comedi: Assuming n=419 is correct
[  418.742772][ T6710] device hsr_slave_0 left promiscuous mode
[  419.116748][ T6710] device hsr_slave_1 left promiscuous mode
[  419.145781][ T6710] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  419.201369][ T6710] batman_adv: batadv0: Removing interface: batadv_slave_0
[  419.219788][ T6710] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  419.271773][ T6710] batman_adv: batadv0: Removing interface: batadv_slave_1
[  419.289354][ T8594] IPVS: stopping backup sync thread 8554 ...
[  419.298391][ T6710] device bridge_slave_1 left promiscuous mode
[  419.315599][ T6710] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.341744][ T6710] device bridge_slave_0 left promiscuous mode
[  419.353540][ T6710] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.386964][ T6710] device veth1_macvtap left promiscuous mode
[  419.400363][ T6710] device veth0_macvtap left promiscuous mode
[  419.406867][ T6710] device veth1_vlan left promiscuous mode
[  419.412777][ T6710] device veth0_vlan left promiscuous mode
[  419.623458][   T21] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  419.843510][   T21] usb 3-1: device descriptor read/64, error -71
[  420.133452][   T21] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  420.164168][ T4237] Bluetooth: hci2: command 0x0419 tx timeout
[  420.363262][   T21] usb 3-1: device descriptor read/64, error -71
[  420.494288][   T21] usb usb3-port1: attempt power cycle
[  420.867788][ T6710] bond2 (unregistering): Released all slaves
[  420.903577][   T21] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  420.921931][ T6710] bond1 (unregistering): Released all slaves
[  421.043317][   T21] usb 3-1: device descriptor read/8, error -71
[  421.182322][ T8612] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1264'.
[  421.196417][ T8612] netlink: 484 bytes leftover after parsing attributes in process `syz.5.1264'.
[  421.206712][ T8612] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1264'.
[  421.235844][ T6710] team0 (unregistering): Port device team_slave_1 removed
[  421.299426][ T6710] team0 (unregistering): Port device team_slave_0 removed
[  421.316058][ T6710] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  421.343193][   T21] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  421.418583][ T6710] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  421.446679][ T8617] comedi: No check for data length of config insn id -38843711 is implemented
[  421.457141][ T8617] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  421.466703][ T8617] comedi: Assuming n=419 is correct
[  421.892247][ T8619] loop0: detected capacity change from 0 to 164
[  422.298352][ T8626] loop7: detected capacity change from 0 to 16384
[  422.413300][   T21] usb 3-1: device not accepting address 21, error -71
[  422.438225][   T21] usb usb3-port1: unable to enumerate USB device
[  422.548125][ T6710] bond0 (unregistering): Released all slaves
[  423.323446][ T8628] loop_set_status: loop7 () has still dirty pages (nrpages=256)
[  423.718415][ T8436] 8021q: adding VLAN 0 to HW filter on device bond0
[  423.739044][ T8648] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  423.797534][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  423.817560][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  423.834741][    T9] Bluetooth: hci4: Frame reassembly failed (-84)
[  423.890646][ T8436] 8021q: adding VLAN 0 to HW filter on device team0
[  423.929426][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  423.946529][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  423.988824][ T4662] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.996113][ T4662] bridge0: port 1(bridge_slave_0) entered forwarding state
[  424.056602][ T8643] loop1: detected capacity change from 0 to 8192
[  424.058347][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  424.077330][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  424.116914][ T8655] loop5: detected capacity change from 0 to 2048
[  424.124682][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  424.154231][ T4662] bridge0: port 2(bridge_slave_1) entered blocking state
[  424.161407][ T4662] bridge0: port 2(bridge_slave_1) entered forwarding state
[  424.172602][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  424.189194][ T8643]  loop1: p1 p2 p4
[  424.253936][ T8643] loop1: p1 start 4294967280 is beyond EOD, truncated
[  424.265769][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  424.284178][ T8655] EXT4-fs (loop5): mounted filesystem without journal. Opts: init_itable,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  424.299478][ T8643] loop1: p2 size 590592 extends beyond EOD, truncated
[  424.307872][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  424.337196][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  424.346355][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  424.359212][ T8643] loop1: p4 size 33554432 extends beyond EOD, truncated
[  424.370171][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  424.379247][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  424.407328][   T26] audit: type=1800 audit(1769090071.639:65): pid=8655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1278" name="file1" dev="loop5" ino=15 res=0 errno=0
[  424.474837][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  424.492273][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  424.542508][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  424.592183][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  424.760064][ T8669] comedi: No check for data length of config insn id -38843711 is implemented
[  424.769252][ T8669] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  424.778968][ T8669] comedi: Assuming n=419 is correct
[  425.807073][ T8679] xt_hashlimit: size too large, truncated to 1048576
[  425.843319][ T4321] Bluetooth: hci4: command 0x1003 tx timeout
[  425.849548][ T4202] Bluetooth: hci4: sending frame failed (-49)
[  425.884261][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  425.897516][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  426.349163][ T8436] 8021q: adding VLAN 0 to HW filter on device batadv0
[  426.371255][ T8704] loop5: detected capacity change from 0 to 512
[  426.391294][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  426.403789][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  426.606598][ T8704] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  426.692017][ T8704] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  428.275275][ T4251] Bluetooth: hci4: command 0x1001 tx timeout
[  428.282469][ T4202] Bluetooth: hci4: sending frame failed (-49)
[  428.492921][ T8740] loop2: detected capacity change from 0 to 1024
[  428.679457][ T8740] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 2: comm syz.2.1289: lblock 2 mapped to illegal pblock 2 (length 1)
[  428.806723][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  428.848212][ T8740] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  428.881470][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  428.894616][ T8740] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 48: comm syz.2.1289: lblock 0 mapped to illegal pblock 48 (length 1)
[  428.923823][ T8740] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  429.252771][ T8740] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.1289: Failed to acquire dquot type 0
[  429.422359][ T8740] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5854: Corrupt filesystem
[  429.536655][ T8740] EXT4-fs error (device loop2): ext4_evict_inode:282: inode #11: comm syz.2.1289: mark_inode_dirty error
[  429.602357][ T8740] EXT4-fs warning (device loop2): ext4_evict_inode:285: couldn't mark inode dirty (err -117)
[  429.659492][ T8740] EXT4-fs (loop2): 1 orphan inode deleted
[  429.679453][ T5605] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:15: lblock 1 mapped to illegal pblock 1 (length 1)
[  429.709777][ T8436] device veth0_vlan entered promiscuous mode
[  429.733263][ T8740] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,data_err=ignore,max_batch_time=0x00000000000008c9,nodiscard,stripe=0x0000000000000004,noauto_da_alloc,,errors=continue. Quota mode: none.
[  429.796993][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  429.817859][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  429.880588][ T5605] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  429.911320][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  429.932398][ T5605] EXT4-fs error (device loop2): ext4_release_dquot:6270: comm kworker/u4:15: Failed to release dquot type 0
[  430.019946][ T8761] comedi: No check for data length of config insn id -38843711 is implemented
[  430.029482][ T8761] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  430.039098][ T8761] comedi: Assuming n=419 is correct
[  430.074221][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  430.310449][ T8436] device veth1_vlan entered promiscuous mode
[  430.323247][ T4237] Bluetooth: hci4: command 0x1009 tx timeout
[  430.707907][    T9] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  430.829707][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  430.841381][ T4326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  430.853302][    T9] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  430.861894][    T9] EXT4-fs error (device loop2): ext4_release_dquot:6270: comm kworker/u4:0: Failed to release dquot type 0
[  430.885122][ T4185] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz-executor: Invalid inode table block 1 in block_group 0
[  430.904493][ T8436] device veth0_macvtap entered promiscuous mode
[  430.921166][ T8436] device veth1_macvtap entered promiscuous mode
[  430.931394][ T4185] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5854: Corrupt filesystem
[  430.958544][ T4185] EXT4-fs error (device loop2): ext4_quota_off:6540: inode #3: comm syz-executor: mark_inode_dirty error
[  431.000017][ T8436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  431.042061][ T8436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  431.100180][ T8436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  431.113026][ T8436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  431.124777][ T8436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  431.142307][ T8436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  431.160404][ T8436] batman_adv: batadv0: Interface activated: batadv_slave_0
[  431.228288][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  431.241043][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  431.332740][ T4275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  431.877298][ T8436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  431.968509][ T8436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.202010][ T8436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  432.247770][ T8436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.400512][ T8436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  432.432408][ T8436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  432.465869][ T8436] batman_adv: batadv0: Interface activated: batadv_slave_1
[  433.375880][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  433.419095][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  433.450721][ T8436] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  433.476847][ T8436] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  433.488742][ T8436] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  433.501241][ T8436] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  433.640466][ T8790] loop5: detected capacity change from 0 to 512
[  433.738109][ T4326] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  433.755054][ T8790] EXT4-fs (loop5): mounted filesystem without journal. Opts: user_xattr,mb_optimize_scan=0x0000000000000001,stripe=0x0000000000000005,,errors=continue. Quota mode: writeback.
[  433.775047][ T8790] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  433.799080][ T4326] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  433.925643][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  433.971387][ T4326] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  433.992645][ T4326] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  434.113505][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  434.119487][ T8800] loop5: detected capacity change from 0 to 128
[  434.289088][ T8800] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  434.363638][ T8800] ext4 filesystem being mounted at /60/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  434.655690][ T8817] comedi: No check for data length of config insn id -38843711 is implemented
[  434.665643][ T8817] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  434.675180][ T8817] comedi: Assuming n=419 is correct
[  434.822425][ T8818] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1303'.
[  435.809813][ T8835] netlink: 'syz.1.1308': attribute type 39 has an invalid length.
[  435.897810][ T8840] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  435.935686][ T8840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  435.964584][ T8840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  436.017456][ T8840] device bridge_slave_0 left promiscuous mode
[  436.063569][ T8840] bridge0: port 1(bridge_slave_0) entered disabled state
[  436.151757][ T8856] loop2: detected capacity change from 0 to 128
[  436.186953][ T8840] device bridge_slave_1 left promiscuous mode
[  436.195718][ T8858] loop6: detected capacity change from 0 to 512
[  436.253617][ T8840] bridge0: port 2(bridge_slave_1) entered disabled state
[  436.380680][ T8840] bond0: (slave bond_slave_0): Releasing backup interface
[  436.396989][ T8858] EXT4-fs (loop6): 1 orphan inode deleted
[  436.404390][ T8858] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  436.415970][ T8858] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  436.494549][ T8840] bond0: (slave bond_slave_1): Releasing backup interface
[  436.552160][ T8840] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  436.583703][ T8840] batman_adv: batadv0: Removing interface: batadv_slave_0
[  436.649854][ T8840] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  436.735918][ T8840] batman_adv: batadv0: Removing interface: batadv_slave_1
[  436.758061][ T8840] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  436.906657][ T8879] netlink: 'syz.2.1316': attribute type 10 has an invalid length.
[  436.969394][ T8879] 8021q: adding VLAN 0 to HW filter on device team0
[  437.006602][ T8879] bond0: (slave team0): Enslaving as an active interface with an up link
[  437.183623][ T8895] loop0: detected capacity change from 0 to 512
[  437.412990][ T8895] EXT4-fs (loop0): Ignoring removed nobh option
[  438.200533][ T8911] comedi: No check for data length of config insn id -38843711 is implemented
[  438.200659][ T8911] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  438.200674][ T8911] comedi: Assuming n=419 is correct
[  438.405694][ T8895] 
[  438.408091][ T8895] ======================================================
[  438.415274][ T8895] WARNING: possible circular locking dependency detected
[  438.422331][ T8895] syzkaller #0 Not tainted
[  438.426767][ T8895] ------------------------------------------------------
[  438.433810][ T8895] syz.0.1319/8895 is trying to acquire lock:
[  438.439821][ T8895] ffff88805fe92bd8 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x20f/0x2df0
[  438.449981][ T8895] 
[  438.449981][ T8895] but task is already holding lock:
[  438.457379][ T8895] ffff88805fe94650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x44a/0x1090
[  438.466519][ T8895] 
[  438.466519][ T8895] which lock already depends on the new lock.
[  438.466519][ T8895] 
[  438.477040][ T8895] 
[  438.477040][ T8895] the existing dependency chain (in reverse order) is:
[  438.486103][ T8895] 
[  438.486103][ T8895] -> #1 (sb_internal){.+.+}-{0:0}:
[  438.493711][ T8895]        percpu_down_read+0x46/0x1b0
[  438.499010][ T8895]        ext4_evict_inode+0x44a/0x1090
[  438.504493][ T8895]        evict+0x4c9/0x8d0
[  438.508969][ T8895]        ext4_ext_migrate+0xc0c/0xe60
[  438.514387][ T8895]        ext4_ioctl+0x1a84/0x3820
[  438.519419][ T8895]        __se_sys_ioctl+0xfa/0x170
[  438.524539][ T8895]        do_syscall_64+0x4c/0xa0
[  438.529481][ T8895]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  438.535899][ T8895] 
[  438.535899][ T8895] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  438.544333][ T8895]        __lock_acquire+0x2c42/0x7d10
[  438.549720][ T8895]        lock_acquire+0x19e/0x400
[  438.554840][ T8895]        percpu_down_read+0x46/0x1b0
[  438.560154][ T8895]        ext4_writepages+0x20f/0x2df0
[  438.565525][ T8895]        do_writepages+0x476/0x6e0
[  438.570639][ T8895]        __writeback_single_inode+0x153/0xda0
[  438.576702][ T8895]        writeback_single_inode+0x3cb/0x8e0
[  438.582607][ T8895]        write_inode_now+0x23b/0x2c0
[  438.588114][ T8895]        iput+0x5ab/0x8a0
[  438.592462][ T8895]        ext4_xattr_set_entry+0x34f4/0x3ea0
[  438.598367][ T8895]        ext4_xattr_block_set+0x4fd/0x2d20
[  438.604184][ T8895]        ext4_expand_extra_isize_ea+0xf3f/0x19b0
[  438.610533][ T8895]        __ext4_expand_extra_isize+0x301/0x3e0
[  438.616887][ T8895]        __ext4_mark_inode_dirty+0x469/0x700
[  438.623005][ T8895]        ext4_evict_inode+0xa8d/0x1090
[  438.628504][ T8895]        evict+0x4c9/0x8d0
[  438.632956][ T8895]        ext4_orphan_cleanup+0xad2/0x1320
[  438.638708][ T8895]        ext4_fill_super+0x8e25/0x95a0
[  438.644194][ T8895]        mount_bdev+0x287/0x3c0
[  438.649090][ T8895]        legacy_get_tree+0xe6/0x180
[  438.654312][ T8895]        vfs_get_tree+0x88/0x270
[  438.659281][ T8895]        do_new_mount+0x24a/0xa40
[  438.664322][ T8895]        __se_sys_mount+0x2e3/0x3d0
[  438.669542][ T8895]        do_syscall_64+0x4c/0xa0
[  438.674497][ T8895]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  438.680947][ T8895] 
[  438.680947][ T8895] other info that might help us debug this:
[  438.680947][ T8895] 
[  438.691287][ T8895]  Possible unsafe locking scenario:
[  438.691287][ T8895] 
[  438.698749][ T8895]        CPU0                    CPU1
[  438.704330][ T8895]        ----                    ----
[  438.709715][ T8895]   lock(sb_internal);
[  438.713799][ T8895]                                lock(&sbi->s_writepages_rwsem);
[  438.721636][ T8895]                                lock(sb_internal);
[  438.728408][ T8895]   lock(&sbi->s_writepages_rwsem);
[  438.733640][ T8895] 
[  438.733640][ T8895]  *** DEADLOCK ***
[  438.733640][ T8895] 
[  438.741802][ T8895] 3 locks held by syz.0.1319/8895:
[  438.746928][ T8895]  #0: ffff88805fe940e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  438.757056][ T8895]  #1: ffff88805fe94650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x44a/0x1090
[  438.766591][ T8895]  #2: ffff88805ee0e478 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700
[  438.776889][ T8895] 
[  438.776889][ T8895] stack backtrace:
[  438.782806][ T8895] CPU: 1 PID: 8895 Comm: syz.0.1319 Not tainted syzkaller #0
[  438.790191][ T8895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  438.800271][ T8895] Call Trace:
[  438.803576][ T8895]  <TASK>
[  438.806548][ T8895]  dump_stack_lvl+0x188/0x250
[  438.811257][ T8895]  ? load_image+0x400/0x400
[  438.815781][ T8895]  ? show_regs_print_info+0x20/0x20
[  438.820999][ T8895]  ? print_circular_bug+0x12b/0x1a0
[  438.826225][ T8895]  check_noncircular+0x296/0x330
[  438.831179][ T8895]  ? add_chain_block+0x940/0x940
[  438.836133][ T8895]  ? __schedule+0x11f7/0x43c0
[  438.840842][ T8895]  ? _find_first_zero_bit+0xce/0xf0
[  438.846098][ T8895]  ? add_lock_to_list+0x18d/0x280
[  438.851148][ T8895]  __lock_acquire+0x2c42/0x7d10
[  438.856022][ T8895]  ? verify_lock_unused+0x140/0x140
[  438.861241][ T8895]  ? preempt_schedule+0xbc/0xd0
[  438.866115][ T8895]  ? schedule_preempt_disabled+0x20/0x20
[  438.871877][ T8895]  lock_acquire+0x19e/0x400
[  438.876423][ T8895]  ? ext4_writepages+0x20f/0x2df0
[  438.881529][ T8895]  ? swake_up_one+0x6d/0x130
[  438.886147][ T8895]  ? __might_sleep+0xf0/0xf0
[  438.890756][ T8895]  ? read_lock_is_recursive+0x10/0x10
[  438.896148][ T8895]  ? mark_lock+0x94/0x320
[  438.900494][ T8895]  ? __lock_acquire+0x13bc/0x7d10
[  438.905540][ T8895]  percpu_down_read+0x46/0x1b0
[  438.910318][ T8895]  ? ext4_writepages+0x20f/0x2df0
[  438.915367][ T8895]  ext4_writepages+0x20f/0x2df0
[  438.920236][ T8895]  ? rcu_is_watching+0x11/0xa0
[  438.925011][ T8895]  ? lock_release+0xb5/0x8a0
[  438.929720][ T8895]  ? rcu_lock_release+0x5/0x20
[  438.934585][ T8895]  ? verify_lock_unused+0x140/0x140
[  438.939803][ T8895]  ? mark_lock+0x94/0x320
[  438.944154][ T8895]  ? ext4_readpage+0x2e0/0x2e0
[  438.948933][ T8895]  ? __lock_acquire+0x13bc/0x7d10
[  438.953974][ T8895]  ? 0xffffffffa002c000
[  438.958153][ T8895]  ? __lock_acquire+0x7d10/0x7d10
[  438.963197][ T8895]  ? do_raw_spin_lock+0x128/0x2f0
[  438.968243][ T8895]  ? do_raw_spin_unlock+0x11d/0x230
[  438.973499][ T8895]  ? ext4_readpage+0x2e0/0x2e0
[  438.978452][ T8895]  do_writepages+0x476/0x6e0
[  438.983066][ T8895]  ? __writepage+0x130/0x130
[  438.987683][ T8895]  ? writeback_single_inode+0x3c0/0x8e0
[  438.993244][ T8895]  ? __lock_acquire+0x7d10/0x7d10
[  438.998411][ T8895]  ? do_raw_spin_lock+0x128/0x2f0
[  439.003460][ T8895]  __writeback_single_inode+0x153/0xda0
[  439.009042][ T8895]  writeback_single_inode+0x3cb/0x8e0
[  439.014553][ T8895]  ? write_inode_now+0x2c0/0x2c0
[  439.019517][ T8895]  write_inode_now+0x23b/0x2c0
[  439.024298][ T8895]  ? bdi_split_work_to_wbs+0x8a0/0x8a0
[  439.029778][ T8895]  ? do_raw_spin_unlock+0x11d/0x230
[  439.034991][ T8895]  iput+0x5ab/0x8a0
[  439.038833][ T8895]  ext4_xattr_set_entry+0x34f4/0x3ea0
[  439.044245][ T8895]  ? ext4_xattr_ibody_set+0x330/0x330
[  439.049660][ T8895]  ? __ext4_journal_get_write_access+0x2ea/0x6e0
[  439.056030][ T8895]  ? __might_sleep+0xf0/0xf0
[  439.060720][ T8895]  ? ext4_xattr_block_set+0xc2/0x2d20
[  439.066195][ T8895]  ext4_xattr_block_set+0x4fd/0x2d20
[  439.071560][ T8895]  ? ext4_get_inode_loc+0x120/0x120
[  439.076782][ T8895]  ? __ext4_xattr_check_block+0x7d8/0x8d0
[  439.082539][ T8895]  ? ext4_xattr_block_find+0x500/0x500
[  439.088015][ T8895]  ? ext4_xattr_block_find+0x433/0x500
[  439.093500][ T8895]  ext4_expand_extra_isize_ea+0xf3f/0x19b0
[  439.099353][ T8895]  __ext4_expand_extra_isize+0x301/0x3e0
[  439.105026][ T8895]  __ext4_mark_inode_dirty+0x469/0x700
[  439.110598][ T8895]  ext4_evict_inode+0xa8d/0x1090
[  439.115553][ T8895]  ? _raw_spin_unlock+0x24/0x40
[  439.120426][ T8895]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  439.126344][ T8895]  ? do_raw_spin_unlock+0x11d/0x230
[  439.131557][ T8895]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  439.137464][ T8895]  evict+0x4c9/0x8d0
[  439.141378][ T8895]  ? proc_nr_inodes+0x320/0x320
[  439.146243][ T8895]  ? do_raw_spin_unlock+0x11d/0x230
[  439.151537][ T8895]  ? _raw_spin_unlock+0x24/0x40
[  439.156495][ T8895]  ? iput+0x706/0x8a0
[  439.160675][ T8895]  ext4_orphan_cleanup+0xad2/0x1320
[  439.165892][ T8895]  ? ext4_orphan_del+0xbf0/0xbf0
[  439.170878][ T8895]  ? errseq_check_and_advance+0x62/0x120
[  439.176523][ T8895]  ext4_fill_super+0x8e25/0x95a0
[  439.181491][ T8895]  ? ext4_mount+0x40/0x40
[  439.185920][ T8895]  ? set_blocksize+0x1f3/0x370
[  439.190700][ T8895]  ? sb_set_blocksize+0xa5/0xe0
[  439.195563][ T8895]  mount_bdev+0x287/0x3c0
[  439.199924][ T8895]  ? ext4_mount+0x40/0x40
[  439.204280][ T8895]  legacy_get_tree+0xe6/0x180
[  439.208977][ T8895]  ? ext4_errno_to_code+0x160/0x160
[  439.214195][ T8895]  vfs_get_tree+0x88/0x270
[  439.218640][ T8895]  do_new_mount+0x24a/0xa40
[  439.223182][ T8895]  __se_sys_mount+0x2e3/0x3d0
[  439.227882][ T8895]  ? __x64_sys_mount+0xc0/0xc0
[  439.232679][ T8895]  ? lockdep_hardirqs_on+0x94/0x140
[  439.237902][ T8895]  ? __x64_sys_mount+0x1c/0xc0
[  439.242686][ T8895]  do_syscall_64+0x4c/0xa0
[  439.247311][ T8895]  ? clear_bhb_loop+0x30/0x80
[  439.252000][ T8895]  ? clear_bhb_loop+0x30/0x80
[  439.256688][ T8895]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  439.262693][ T8895] RIP: 0033:0x7f067720ff4a
[  439.267122][ T8895] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  439.286851][ T8895] RSP: 002b:00007f0675469e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  439.295488][ T8895] RAX: ffffffffffffffda RBX: 00007f0675469ee0 RCX: 00007f067720ff4a
[  439.303475][ T8895] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f0675469ea0
[  439.311463][ T8895] RBP: 0000200000000180 R08: 00007f0675469ee0 R09: 0000000000800718
[  439.319475][ T8895] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[  439.327461][ T8895] R13: 00007f0675469ea0 R14: 00000000000004a3 R15: 00002000000003c0
[  439.335572][ T8895]  </TASK>
[  439.468804][ T8895] ------------[ cut here ]------------
[  439.476071][ T8895] EA inode 11 i_nlink=1026
[  439.476332][ T8895] WARNING: CPU: 0 PID: 8895 at fs/ext4/xattr.c:1005 ext4_xattr_inode_update_ref+0x4bd/0x510
[  439.559114][ T8895] Modules linked in:
[  439.856139][ T8895] CPU: 1 PID: 8895 Comm: syz.0.1319 Not tainted syzkaller #0
[  440.156559][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  440.163987][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  440.574265][ T8895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  440.584457][ T8895] RIP: 0010:ext4_xattr_inode_update_ref+0x4bd/0x510
[  440.591146][ T8895] Code: 7c 24 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 14 e8 a1 ff 49 8b 37 48 c7 c7 00 9b 3d 8a 89 da e8 a3 bd 94 07 <0f> 0b 4c 8b 64 24 08 4c 8b 7c 24 10 e9 a9 fe ff ff e8 ed ac 9f 07
[  440.611705][ T8895] RSP: 0018:ffffc9000329f160 EFLAGS: 00010246
[  440.618096][ T8895] RAX: a756af47eddfa600 RBX: 0000000000000402 RCX: 0000000000080000
[  440.626174][ T8895] RDX: ffffc90003bf3000 RSI: 000000000007ffff RDI: 0000000000080000
[  440.634515][ T8895] RBP: ffffc9000329f250 R08: ffff8880b902795b R09: 1ffff11017204f2b
[  440.642540][ T8895] R10: dffffc0000000000 R11: ffffed1017204f2c R12: ffff888062c60c98
[  440.650628][ T8895] R13: 1ffff1100c58c1d2 R14: dffffc0000000000 R15: ffff888062c60cd8
[  440.658688][ T8895] FS:  00007f067546a6c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  440.676748][ T8895] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  440.693406][ T8895] CR2: 0000200000009000 CR3: 0000000078ca7000 CR4: 00000000003506f0
[  440.709150][ T8895] Call Trace:
[  440.720778][ T8895]  <TASK>
[  440.730785][ T8895]  ? ext4_xattr_block_csum+0x560/0x560
[  440.761396][ T8895]  ? ext4_xattr_inode_iget+0x3f0/0x600
[  440.787101][ T8895]  ? bit_wait+0xc0/0xc0
[  440.791346][ T8895]  ext4_xattr_set_entry+0xed9/0x3ea0
[  440.835254][ T8895]  ? __sync_dirty_buffer+0x32d/0x370
[  440.840625][ T8895]  ? __ext4_handle_dirty_metadata+0x39d/0x800
[  440.854454][ T8895]  ? ext4_xattr_block_set+0xda0/0x2d20
[  440.866703][ T8895]  ? ext4_xattr_ibody_set+0x330/0x330
[  440.872248][ T8895]  ? ext4_get_inode_loc+0x120/0x120
[  440.877796][ T8895]  ext4_xattr_ibody_set+0x112/0x330
[  440.883048][ T8895]  ext4_expand_extra_isize_ea+0x10d3/0x19b0
[  440.899450][ T8895]  __ext4_expand_extra_isize+0x301/0x3e0
[  440.915984][ T8895]  __ext4_mark_inode_dirty+0x469/0x700
[  440.921620][ T8895]  ext4_evict_inode+0xa8d/0x1090
[  440.929023][ T8895]  ? _raw_spin_unlock+0x24/0x40
[  440.934173][ T8895]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  440.940114][ T8895]  ? do_raw_spin_unlock+0x11d/0x230
[  440.947731][ T8895]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  440.954334][ T8895]  evict+0x4c9/0x8d0
[  440.958292][ T8895]  ? proc_nr_inodes+0x320/0x320
[  440.965600][ T8895]  ? do_raw_spin_unlock+0x11d/0x230
[  440.970948][ T8895]  ? _raw_spin_unlock+0x24/0x40
[  440.976190][ T8895]  ? iput+0x706/0x8a0
[  440.980374][ T8895]  ext4_orphan_cleanup+0xad2/0x1320
[  440.988147][ T8895]  ? ext4_orphan_del+0xbf0/0xbf0
[  440.993457][ T8895]  ? errseq_check_and_advance+0x62/0x120
[  441.001229][ T8895]  ext4_fill_super+0x8e25/0x95a0
[  441.010590][ T8895]  ? ext4_mount+0x40/0x40
[  441.015228][ T8895]  ? set_blocksize+0x1f3/0x370
[  441.020102][ T8895]  ? sb_set_blocksize+0xa5/0xe0
[  441.027524][ T8895]  mount_bdev+0x287/0x3c0
[  441.031981][ T8895]  ? ext4_mount+0x40/0x40
[  441.041056][ T8895]  legacy_get_tree+0xe6/0x180
[  441.056355][ T8895]  ? ext4_errno_to_code+0x160/0x160
[  441.069755][ T8895]  vfs_get_tree+0x88/0x270
[  441.078967][ T8895]  do_new_mount+0x24a/0xa40
[  441.094499][ T8895]  __se_sys_mount+0x2e3/0x3d0
[  441.100184][ T8895]  ? __x64_sys_mount+0xc0/0xc0
[  441.107556][ T8895]  ? lockdep_hardirqs_on+0x94/0x140
[  441.113878][ T8895]  ? __x64_sys_mount+0x1c/0xc0
[  441.118868][ T8895]  do_syscall_64+0x4c/0xa0
[  441.126197][ T8895]  ? clear_bhb_loop+0x30/0x80
[  441.131014][ T8895]  ? clear_bhb_loop+0x30/0x80
[  441.136120][ T8895]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  441.142343][ T8895] RIP: 0033:0x7f067720ff4a
[  441.147207][ T8895] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  441.167288][ T8895] RSP: 002b:00007f0675469e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  441.176082][ T8895] RAX: ffffffffffffffda RBX: 00007f0675469ee0 RCX: 00007f067720ff4a
[  441.184386][ T8895] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f0675469ea0
[  441.192580][ T8895] RBP: 0000200000000180 R08: 00007f0675469ee0 R09: 0000000000800718
[  441.203545][ T8895] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[  441.212420][ T8895] R13: 00007f0675469ea0 R14: 00000000000004a3 R15: 00002000000003c0
[  441.220945][ T8895]  </TASK>
[  441.226534][ T8895] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  441.233846][ T8895] CPU: 1 PID: 8895 Comm: syz.0.1319 Not tainted syzkaller #0
[  441.241249][ T8895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  441.251621][ T8895] Call Trace:
[  441.255021][ T8895]  <TASK>
[  441.258000][ T8895]  dump_stack_lvl+0x188/0x250
[  441.262713][ T8895]  ? show_regs_print_info+0x20/0x20
[  441.268035][ T8895]  ? load_image+0x400/0x400
[  441.272584][ T8895]  panic+0x2e5/0x810
[  441.276682][ T8895]  ? bpf_jit_dump+0xd0/0xd0
[  441.281338][ T8895]  ? ext4_xattr_inode_update_ref+0x4bd/0x510
[  441.287379][ T8895]  __warn+0x248/0x2b0
[  441.291434][ T8895]  ? ext4_xattr_inode_update_ref+0x4bd/0x510
[  441.297562][ T8895]  report_bug+0x1b7/0x2e0
[  441.301938][ T8895]  handle_bug+0x3a/0x70
[  441.306217][ T8895]  exc_invalid_op+0x16/0x40
[  441.310925][ T8895]  asm_exc_invalid_op+0x16/0x20
[  441.315814][ T8895] RIP: 0010:ext4_xattr_inode_update_ref+0x4bd/0x510
[  441.322474][ T8895] Code: 7c 24 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 14 e8 a1 ff 49 8b 37 48 c7 c7 00 9b 3d 8a 89 da e8 a3 bd 94 07 <0f> 0b 4c 8b 64 24 08 4c 8b 7c 24 10 e9 a9 fe ff ff e8 ed ac 9f 07
[  441.342118][ T8895] RSP: 0018:ffffc9000329f160 EFLAGS: 00010246
[  441.348322][ T8895] RAX: a756af47eddfa600 RBX: 0000000000000402 RCX: 0000000000080000
[  441.356442][ T8895] RDX: ffffc90003bf3000 RSI: 000000000007ffff RDI: 0000000000080000
[  441.364534][ T8895] RBP: ffffc9000329f250 R08: ffff8880b902795b R09: 1ffff11017204f2b
[  441.372662][ T8895] R10: dffffc0000000000 R11: ffffed1017204f2c R12: ffff888062c60c98
[  441.380770][ T8895] R13: 1ffff1100c58c1d2 R14: dffffc0000000000 R15: ffff888062c60cd8
[  441.389053][ T8895]  ? ext4_xattr_block_csum+0x560/0x560
[  441.394564][ T8895]  ? ext4_xattr_inode_iget+0x3f0/0x600
[  441.400064][ T8895]  ? bit_wait+0xc0/0xc0
[  441.404288][ T8895]  ext4_xattr_set_entry+0xed9/0x3ea0
[  441.409617][ T8895]  ? __sync_dirty_buffer+0x32d/0x370
[  441.414942][ T8895]  ? __ext4_handle_dirty_metadata+0x39d/0x800
[  441.421048][ T8895]  ? ext4_xattr_block_set+0xda0/0x2d20
[  441.426554][ T8895]  ? ext4_xattr_ibody_set+0x330/0x330
[  441.432009][ T8895]  ? ext4_get_inode_loc+0x120/0x120
[  441.437281][ T8895]  ext4_xattr_ibody_set+0x112/0x330
[  441.442529][ T8895]  ext4_expand_extra_isize_ea+0x10d3/0x19b0
[  441.448560][ T8895]  __ext4_expand_extra_isize+0x301/0x3e0
[  441.454330][ T8895]  __ext4_mark_inode_dirty+0x469/0x700
[  441.459829][ T8895]  ext4_evict_inode+0xa8d/0x1090
[  441.464809][ T8895]  ? _raw_spin_unlock+0x24/0x40
[  441.469718][ T8895]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  441.475654][ T8895]  ? do_raw_spin_unlock+0x11d/0x230
[  441.481233][ T8895]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  441.487162][ T8895]  evict+0x4c9/0x8d0
[  441.491107][ T8895]  ? proc_nr_inodes+0x320/0x320
[  441.495993][ T8895]  ? do_raw_spin_unlock+0x11d/0x230
[  441.501235][ T8895]  ? _raw_spin_unlock+0x24/0x40
[  441.506127][ T8895]  ? iput+0x706/0x8a0
[  441.510141][ T8895]  ext4_orphan_cleanup+0xad2/0x1320
[  441.515384][ T8895]  ? ext4_orphan_del+0xbf0/0xbf0
[  441.520359][ T8895]  ? errseq_check_and_advance+0x62/0x120
[  441.526066][ T8895]  ext4_fill_super+0x8e25/0x95a0
[  441.531061][ T8895]  ? ext4_mount+0x40/0x40
[  441.535440][ T8895]  ? set_blocksize+0x1f3/0x370
[  441.540240][ T8895]  ? sb_set_blocksize+0xa5/0xe0
[  441.545127][ T8895]  mount_bdev+0x287/0x3c0
[  441.549495][ T8895]  ? ext4_mount+0x40/0x40
[  441.553857][ T8895]  legacy_get_tree+0xe6/0x180
[  441.558564][ T8895]  ? ext4_errno_to_code+0x160/0x160
[  441.563876][ T8895]  vfs_get_tree+0x88/0x270
[  441.568326][ T8895]  do_new_mount+0x24a/0xa40
[  441.572870][ T8895]  __se_sys_mount+0x2e3/0x3d0
[  441.577577][ T8895]  ? __x64_sys_mount+0xc0/0xc0
[  441.582390][ T8895]  ? lockdep_hardirqs_on+0x94/0x140
[  441.587623][ T8895]  ? __x64_sys_mount+0x1c/0xc0
[  441.592421][ T8895]  do_syscall_64+0x4c/0xa0
[  441.596866][ T8895]  ? clear_bhb_loop+0x30/0x80
[  441.601582][ T8895]  ? clear_bhb_loop+0x30/0x80
[  441.606358][ T8895]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  441.612726][ T8895] RIP: 0033:0x7f067720ff4a
[  441.617198][ T8895] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  441.637305][ T8895] RSP: 002b:00007f0675469e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  441.645755][ T8895] RAX: ffffffffffffffda RBX: 00007f0675469ee0 RCX: 00007f067720ff4a
[  441.653767][ T8895] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f0675469ea0
[  441.661796][ T8895] RBP: 0000200000000180 R08: 00007f0675469ee0 R09: 0000000000800718
[  441.670028][ T8895] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[  441.678051][ T8895] R13: 00007f0675469ea0 R14: 00000000000004a3 R15: 00002000000003c0
[  441.686127][ T8895]  </TASK>
[  441.689450][ T8895] Kernel Offset: disabled
[  441.693805][ T8895] Rebooting in 86400 seconds..