last executing test programs:

14m47.835569662s ago: executing program 3 (id=461):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x80380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000380)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000400)=0xc)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f00000001c0)={r2, @in={{0x2, 0x4e23, @empty}}}, 0x90)

14m47.763163523s ago: executing program 3 (id=462):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="840000000002010400000000000000000a00000004000180300003802c00018014000300fc00000000000000000000100000000014004400fe800000001f610000000000000000bb3c0002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014"], 0x84}}, 0x0)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="05"], 0x1c}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r2, @ANYBLOB="0200000000008000800012000800010076746936740002"], 0xa0}}, 0x0)

14m47.668322604s ago: executing program 3 (id=463):
r0 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000007c0)={0x24, &(0x7f0000000440)={0x40, 0x13}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x40025b0c, 0x0)

14m47.034573764s ago: executing program 3 (id=466):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000", 0x2c}], 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, 0x0)
capset(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$loop(&(0x7f00000005c0), 0xffff, 0x109041)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x800, 0x0)

14m45.807462602s ago: executing program 3 (id=469):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = fanotify_init(0x200, 0x101000)
readv(r5, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/136, 0x88}], 0x1)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)

14m44.694511879s ago: executing program 3 (id=473):
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x810, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x40c0080)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r3}, 0x38)
syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x101000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000940)={0x60, 0x80, 0x0, 0x20, 0x0, 0x0, 0x8, 0x0, {}, {0x0, 0x1000}, {}, {0x4000}, 0x2, 0x100})

14m28.037617831s ago: executing program 32 (id=473):
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x810, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x40c0080)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r3}, 0x38)
syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x101000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000940)={0x60, 0x80, 0x0, 0x20, 0x0, 0x0, 0x8, 0x0, {}, {0x0, 0x1000}, {}, {0x4000}, 0x2, 0x100})

19.862905159s ago: executing program 0 (id=2872):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x4)
r0 = socket(0x40000000015, 0x5, 0x0)
r1 = syz_mount_image$hfs(&(0x7f0000000300), &(0x7f0000000000)='.\x02\x00', 0x4810, &(0x7f0000000180)=ANY=[], 0x3, 0x2e7, &(0x7f0000001900)="$eJzs3b1v004YwPHnnKRNf636c19QJcZCJSYEZUEsRah/BAMgShOkqlGR2iJRFipmhNh42RjYmBELI3sFM4KJib3djO45O3WpfU6aNm7g+5ESufHd+TnbsZ+L5J4A+GfdWPz+7spP+zIiFamIyDWRQETqIlUROSMz9YdrmyubrWbD11BFa9iXEVfTHCqzvNbMqmrraY1YaP+qylj6M5yMKIqiH18r/jL/9y0clES//RkCkeH426nr632P7GRslx1Aycye7MkjGS87DgBAuez9v+YSf3ufH4vz9yAQmYtv+wN2//dnrXv9C+RUSt3/dZQVGXt8dZeZ/fGeDuHs+iAZJXpazF0zJC6RPJBgmqJRpcYSjNxfaTUvLj9oNQJ5KguxVLFpfW+4UzdREO2sJ9gMxX3Poz0OarYP8znxTx1liy+7D6VtNzI75o4J5Y002vlfNdI9okcq1LjDdgUX/6X8FkftmzFaKqeXE7qRs/EW5OP7DnpZzx6RtOOcSE7dJ+7DMInzxZCn1qQc/FnB9e5yfu+01lRmrfmCWtPpWvGVMz6b82seXU63/2Cem5tmVn7JB1lM5f+B3dtzWiDZ7Z4gjZaMzwxvf6paMuwgsKCj8NGpmnftM7knV2V8Y+vx6lKr1VzvdOHTty4KH9fC67duodJLO0nPD62qSq8RRsOu6ZPaCb1H2MlCcsL08eAmx6TvZ1TJC9JzOxUZltXkmnlsgcWHY3t1qeWWshOlkV6uSzhFUpfHmVtlB4My2GuIceM/zeRdVndd19mvf6h5ek2y8vSoqHFt8dXtHTd8SI0N9pPVSX3/r6sR3Gj+CC7VB++Y69wFkfOeLX4+2GwYx/mXMIvyRe7y+z8AAAAAAAAAAAAAAAAAAMCgKXwwYDda39iKH2854pMhJXcRAAAAAAAAAAAAAAAAAAAAAICB55v/V+fILJj/N3kyIH/+39R/9S6e/3fBNpQz/69/kloAXfsdAAD//7rQb18=")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file5\x00', 0x42, 0x81)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
getresgid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000240))
ftruncate(r0, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x8925, 0x40000020001100)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000080)}, {&(0x7f0000001c00)="8b443bf06e6f83a013274b56903a55ebd66f701305e01627af5533fdca6f95b8396587107e4fe0d8b596abba55198d4a005c41d7ad0ce62376d2fad12052aa73e40638e085140073cbaef15e72e6c276586ac89d03f0030efeab8d672e91174b97f79b72eb9285aa7a536ef17049daa7f01661d032f721521c704d94b5bc9b180018c9f8b88a7516bd148c8798257b695d7db84091907ad924f5bfe112106a53224db4e2fd9bf999ac43152c39763558d270af53de938c670f39ca8d50e4a048d81ff67ffb95bb96514680d0b1672248e276415a542de7a6bfd5f817954f090822c8c63a1a70aeefb1ce582edccf0170b4b6dbcd79207cd51e3856fb03acf50616b18f8f393ab9a5a07210a14041c0b8352b1c0aeb21f96ccb57c8c2cd750b9ed9be10d3104a76ff76e32ff812c46aa2be9c3aa361e070d1d6ceb7b173b45ffb847a335f9bc9724fc76f9c1da7b2ce5ed935a7a47641b6ab4a52c3529036bedf9c897fd4e5487806b7ff608e32aeea85fa6452da74ee7c67be57eb4a6121f47adeb04d4bc08178124090f194a12920989ddae0756e74a714d90914a8677eb3e8c81668607cd29f2bd4b6350680e7f6d006184df1466882696cbf3c3e809b5275bc4acfd91b1ad7e7245ccde2de00439a2edfcad178e982c1ac4e4f3978c7396f60b8a9f22f27140751b7e3faca47b40a018c0b97ad6239ecb44db387f9e35f908a4000d663e704d177fd355c656888a63f1b05d4c249a65163c2d201c613730eeca04f908857d9b02050096ac79251aa76f92ece22d38473d09550f34be4eb7496a4b4ad93f6f04bd586a6d0accd39cb2c9c278bd16bce6855a8ca729ce2bc59a215261613fae2c9d395a9548de522954f0d9c84b4fb6f285ceafd2afdc76723eb8274d12954c732fd6a124163ee6cf5d71f88fb58a6a5efe43a6111e74c9c049ed5ba668a6ee872c2cb68878e29f40c5290b46b507fe09ed6621e639797338ec7a28b3884cc13fcbcdbb1ad875a43428b1e1a02d03c6df35872f0829f7a1944b3f8d7835ced003fd638d6e75ef43197ed19f93a82aa0039fd1098f50a359ad658b66f0932a6fbe530c97aedfd2f3b31003993df69ef4f130a428a864105b161c5359a006a7ee0f798e3938369e85c56852efaa3be6ffd998618679ebad19b74733c34483ed0c2364228c32dc34d559f2b72722dcd0fcb0e842b81aa7da1d3507cbc2c61c58a116fda664a0ab45d9af184be2011370c66ad219c5776ca9984fb5360e0adcf2bfae50b8ce310ee676a26c02525d5b19a269d00b51b85f6c2eaf06f0b7f24c4cbf56c5f805708c3b6aa763a467a30a7401a32c5861ef8bd4c099196d16599b4c986989d36f05012821d2df21a7cff270034d154a82612ce7cd521f3d969da84494fad83490792abbf12b61e936d45f70402d949eae03d6612dcf9ae5579750c21d5d5ef321718dd0105a1eea6a8b671b50f68a56d08fb894fa4f77bd012aefa40d77470d824698784a0df40900712eaed3f8c45e81d0b4aa358bd0e2e202acad2774f50691331e66edc9c017ed4e1aa78bd7784f6afbd1022dddfe02b48d515d2e0430cb987e7130648136b8191efaa6cdc7531ac68101e276c8791d34fa86911bd86fd2b061f091b43faf5812e0280549fcb7a5b7f2ff5dadc01cb75d2b8cca1e5fb24a786c752308e168d9796509093334b1529f3f4eb800f4c8c605c8d2a890aeec76edaabdedfe1599e3356199523f1e2829b61ee1879a608b067eba654ef32323b67e989013a71ad417cd4c2802a3833e8e55befdf48c4b18cd8f9f8b4df76c5a4b2716e665b1f2f8a62c1caf5edbfac370d96afb01090cc437ade2c8284b2cc44561a9056cc92301596d3e3eb67332fe6615ac4e4a0c853d818136400ea2c16c41ccf7b007b3a45d60869a2d4cb0c7460e85f1d678044345270870788a65dee41ffe3adec4c54de19730bb2c565e6eb859640c9ecc4670d490682fb6d8b647559c530d1f97a7ef1b58c770d1767aa439f65cac1f0a490b63729ca6cd3438be2f33e88437d4a7908733da2a0c898b06a26a551036826810ad3b9f85bdba1020db25f34a7528672940bac71949a91372c8a1fe5a44562db35b97fe026459009fc6e66ab5056839f662ed63d9c407a8c33e756ecdf4ceb2be1b8c0a0988d769698b43fed1fa589bffef70609a138cf113c4bc3ab2fbb70ecb501effb75937c855de3285ea931cd3e83e6c079062cb75507746a68e90c2ced860a7f71582d3a15b779edf40683f657e6e7455d0a6802c47600a559368edd75e89a507e76c4aaa0fba777013c1e6c2233dafa27f9bd980e025b49fa6cfc9044d0af2c2205f39cd957c3aa00c74e8da4a89e50196de8ad17aa5d76d17a7452388c20d5b641e08eb6faadb296b02fcc4091350b0b74e491ba10d8a2fb99665b2a5933bc13b873a8dbbc24ae8d6409b039ed8c64a8a3c8b81634ba1a7052cfbf0d04685a55daa557173557913eeec0885dd0b7e782617ae45b8358ee96a02a32846adb018f093d2675b1da6d1d3f10da02b8784e11302cc0c2acc1a734d99fb4d64b5e5394342b43bdd8aa256e8a0f9dc98be858099198855f08f845167623d7d5eeead266cdf55fe9906e5ef46a247ed92f02de41f282656dfd9cd4dcd34f47a8e3bfe13e12eadfc769287213c091ad0dff4b5c1a73638357d7093e26b14caf3865adb927aa7d6f65535976d951388fc15a6783100d6d27ccbfb91e6ee46816e07cc0b1b5195815c3dbc62df2d1f6af970f9489788b0dec0316e30dd0fe3173009302bd13941a427ffb0fbb50e7e5ba3944cd3f6fd81d599461536477792971be82f30e60152e2c2e70f9eaec6acd4db0c390df686d424f9bb79a21522e92503f94fa825455a406c64ec2e13113eba43af8a87ea257a1ee909c562c70866691e5d57171aaecd22fce740bf54f875f1149e1f8d0e72ec5636f48f890cab3edead3820ac87e4e21a182cd6ea4966cfac33e03c4276ea7488292d0e75b3e41564f5f92efa277ce6819fe223d8af4815d0e469feac88376e1fb1b122cd3a1cf307e620eef46d1aef0e9e13a0068e7577e8a321f2527bf5361d376d9bec15fe57d2615cbd9d8db3d4882de45adad25f2dbc0fdc8c21ebc1e1c1c8bc4811f6380af6b97325f12ff3c35ade8ab8de449ef6a53a7db8d29b6d02d2945db450a284c78298be970ef456274f6b1580b542cc607cd195dd30c7c49c246d68be6cb6560bc05dad099472149fcf849496a31d181fad3e274a005f639e75f169ff1be7a986e15fd6eb5bb3715007daab54ae4917a379f7e713a191573a4e964888e7c481f466d15b13c4dab8d85dd99c6d9367f8a3c4aba8b698c29f9337c25dabc0444c19f7e2e19045431accdbd336d3e049a4e1c5808d8e101d2a38f2ac5bfc971639436335aa4f37efcaeba9fd4c6389b5eb06df9094a66f9d76a334ff1da8016df0b2f54791df18cf5b5b34a64e537b32c8363565517aa1bca5ea3b6807a1a8a81743a83a4bcaa0030a6fee485b43694dff52ebc6be38f798663c08c85f2e9b496969ea3b95594b4d43440927d9e511e5b61dc3a83f26c80fdb28940b66a767a3895dce849d90e8926d45e86229cb9d89c5c0f54146f5a11d22e36ff0e2d563a2f02f5fb66e432b39a117b665b255a41a56052a859cbae2493556f94defe19c25dbaebf62271809a2f449fd2595e737ae6156cf631a690a4bbeddc219433e82c6411db7bdfb40dbee2cefffacbe8bcee182f65da77d698a6abd29a5e5a8a9aaf8b00df022e7a498ceda4d35d9ed1b518f8c3a67f155274dbacc11229e7cc57024f4b9b407c1412e547f90cb61d5f7e1683d9ce6d583e4460333d38461b4b4075f482d3c3e945ba21ea3277a1d8bd050e0cde8380228e842d7612a219f7b288d864107390cb5b296128774ca1c7855ad10b1521d1c2df7c54083507b66b3b60b004d887f1055dca48bd4535678663179c6c1355dab00bf7cba743f0ea4aa3bc1d594cc7a78773825a4d08db1eaa9c11a02a9a569cd6f40ee884c73bc142a030838e1e89de92cabaf387084c20ece952468865870453f67efde3f28a755e3f29d9dba31b47c7caedb2edb7e5266aff65b9ad5fe5bdf07fba03f7c92d1599bca63686874563492d91d0bcab4f4513a46e2b29c2a05d7468945fff928e37e62d4dfd383e31bb3151a02068329eabf0c103d68d8b9555cbe6a13cde7b753290da64c3d72358fc875c92750c01fb6bb4594fdac411dadb9bca468dc5795d3d60a12e68a24211dd24160c81dc31b177e02f4de689d10a7ddb325401cc5bc63d7c479c39dc3b699aeeb46b720abc806b9ca3ee8c33682fdd09b07894a660fbb5e2a0ed9810a797f9975a0b2771a527769f80389b138708338a17ed09bd0d9561109450a836c83d0ff26ba9e21cc459b85f93be8be46a580dd0fe4bb8a61049028a63648bdb654dd0dd6280a5d14278ac121817c535eaf82fb621dbbfe023b6f453c03a95bca35b4ba1223354157330883bf4fd4c97d9309e2ef75225252b402d442d67cce615b9c3cff403c3a39e65e7955aa73413a4356262c1f55b0d445333dfd8ed68e76907740ad8a4830ade75411b4dc87cf23dfecfd320033d48a75f55f64e08dadba3130955e556343298d7fc0e16ba272c49c2263099f1b842ee5b994437329c3124128691ee179cfbd811e39dfa5e2012aba8c2d833159eb042029bb6dc19e20e062b1823c4d162c71e02d473e7aff9769427ba881c87823914bf1e2827599cac8617d48fb47815800aaf5ce66b655cbe579a00ee6fbfb218247bc5f3c044c2646c5c5e6a9b4709fddc78cf66a2ffd19e3140fddbd52d28e8c12cc24fce357112fd9280a3397b29c8bc4261906560642f133f3140af0bb81b513472296b778c6b20b7c269e9ebd92e714b2c179673f0316d190cba4ef1e6b52e14c426be3382d72eecfc2c4f74e312f36bbd3244929bc7cd26f8f4c4dc9b4d38f30ffdc1844f0437a047fd65f0bfe998ed73fa647a329d7c018772e94455c7c0cfbd295c13f2655d04f377d0b959ebe1994b5b470dc028c779de6c322af618700ba2bd02bd35436aa7301e6ba9219fabadb6f506b7ddf3e9e2c6e26a5197dc255b6376a150523c88714cd0949d64b3eb8ba04e760ee26eb604f306e3b6447146482ba482a4429728f288b55ae1ca6e988f1769e24c772a9449660ee230ee6af9915b70543a1078362bd858e7fc9fce1038cc43876a48f81a311d97914239365d1d53f5e10e972d6d22329de992277c75099406e7f75cf7c42d88c1b4a191ea7774d6907b224f567f3ef76e3af4c3292eda26dc3e84686dcf5da31d080f5507c9e7be7e6cda4f3e2218c81a2819f20f7dc12e04fb0e1b2834d6cf3f4f8a15eb2ac531a1623160475640d17c75ade8f32ca76517d19027979ac067b56d2cc79e3e14782448aff529303b84b610b635d48eb226ef867fb073413a7b5022a8f1c9ff01a405fde0938107f338ab399e8330b3216a7930c87d9bffafa2e6c14de0520e85cfd781134006803c96e11e80b11d832ae52502a2b7ed40eacbbccaf8910c713445f382c45b7e56ad6c2ae045f80c6cce04431f4eb1a4a0f0b3f4e06936b38d2f61f49d2416cf10eec0d20fa7c243e5ba04be5b3dcceec76e11a15d9baa4bf73afd554aaa5cc85322982408be9f6d6347da788f4dc081977d1acc9c62dd8556f12af511af9666004f01dc9931d7114a2a78", 0xfe6}], 0x2)
getsockopt(r0, 0x200000000114, 0x2715, 0x0, &(0x7f0000000000))

18.461960961s ago: executing program 0 (id=2875):
lremovexattr(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="73656375726974792e25264c2980ac6f3bcf8a0c54d46cc6dbe4c8c7436f84216d86a44c927d63bac84a4ec2503154a6734cac0a7e0a5f5d71a4fbd6c8a32258ab890bc5f8d1ccaf255894d7bbc2041363f6fa689d8dfdc1a0b532ba71daa2645899d86dc6eab9ca827b7fa8c9a6debc7da94f0f6db55488c56c91317b2e2b52c3f8dc1c4ffaf8c07d9c23896d685075df7372cfd382dfd61224ed59e4c7e6ac044898118a7f0a01406efde9a8ba940d8a643cf728ec81c2b8d610f9310be6e92d8459"])
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000003380))
r1 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

17.80475812s ago: executing program 0 (id=2878):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4205, r3, 0x402, &(0x7f0000000240)={&(0x7f0000000180)=""/108, 0x6c})

16.759534106s ago: executing program 0 (id=2880):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000680)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610936dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84bb90577b8b405a48292eeca69f5275cb7b7027d4bf643bd69b034c0221a30"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x40942, 0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
write$cgroup_subtree(r2, 0x0, 0x24)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x8042, 0x1a4)
pwrite64(r3, &(0x7f00000000c0)='a', 0x1, 0x9000)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
copy_file_range(r1, 0x0, r0, 0x0, 0xfffffbffa003e458, 0x700000000000000)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x143042, 0x8d)
sendfile(r4, r4, 0x0, 0x7a680000)

15.605452084s ago: executing program 2 (id=2882):
lremovexattr(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="73656375726974792e25264c2980ac6f3bcf8a0c54d46cc6dbe4c8c7436f84216d86a44c927d63bac84a4ec2503154a6734cac0a7e0a5f5d71a4fbd6c8a32258ab890bc5f8d1ccaf255894d7bbc2041363f6fa689d8dfdc1a0b532ba71daa2645899d86dc6eab9ca827b7fa8c9a6debc7da94f0f6db55488c56c91317b2e2b52c3f8dc1c4ffaf8c07d9c23896d685075df7372cfd382dfd61224ed59e4c7e6ac044898118a7f0a01406efde9a8ba940d8a643cf728ec81c2b8d610f9310be6e92d8459"])
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000003380))
r1 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000080)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1})
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

15.370574358s ago: executing program 2 (id=2883):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4080c}, 0x2000c845)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)=ANY=[], 0x17)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000400)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000001580)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
read(r5, 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000001c0)={0x3, 0xa07, 0x2})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYRESOCT, @ANYRES32=r0, @ANYRES8=r5, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES8], 0x50)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), &(0x7f0000000880)="22cff58056ac", 0xffd7, 0x1)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/oss_mixer\x00', 0x1, 0x0)

15.17340946s ago: executing program 0 (id=2884):
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x4b, 0x1, 0xffffffff, 0x6, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000280)=0x2)
close(0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

14.142282326s ago: executing program 1 (id=2885):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000440)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000a80), 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, 0x0, 0x2c)

14.141437496s ago: executing program 2 (id=2886):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x149a82, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x14, &(0x7f0000001240)=""/3, &(0x7f0000001280)=0x3)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0xdfffffff, 0x800, 0x11c, 0x1}, 0x20)

13.20929156s ago: executing program 0 (id=2887):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000ffd000/0x1000)=nil)
keyctl$instantiate(0xc, 0x0, &(0x7f00000002c0)=ANY=[], 0x2d, 0xfffffffffffffff9)
r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r0, &(0x7f0000000040)=""/43, 0x1dab)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r2, &(0x7f0000000340)=ANY=[], 0xff2e)
r3 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
ioctl$TCXONC(r2, 0x540a, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r4, <r5=>0xffffffffffffffff}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x16, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000080010000b70800000000001000007b8af0ff64000000bf7300000000000007010000f8ffffff0000000007040000f0ffffffb7020000080000001823000000000000aa1171676483e257f66b49913fd53e8279e598587694fad01d0000000000000000000000000000a072ea77b8cd1c946212a1abe6eb3540f1e70f496221c1531b3c90cbbf318e7a087e50dcc3dfcc46a1fa7b632ab8cf36d3cf90717de8fcd115ed6f5b85546c15da545aa1e5f7f7ba3985d6dd9ba407a8906841e40179bd", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b6000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r6, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ftruncate(r1, 0x8000)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x310)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

11.90317248s ago: executing program 1 (id=2888):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r5, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@ipv6_newrule={0x58, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x20, 0x40, 0x0, 0x0, 0x0, 0x7}, [@FIB_RULE_POLICY=@FRA_OIFNAME={0x14, 0x11, 'veth0_to_bridge\x00'}, @FIB_RULE_POLICY=@FRA_IIFNAME={0x14, 0x3, 'veth1_vlan\x00'}, @FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x17}}]}, 0x58}, 0x1, 0x0, 0x0, 0x24040804}, 0x0)

10.792835187s ago: executing program 1 (id=2889):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)

9.432037897s ago: executing program 1 (id=2891):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/power/resume', 0x88102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, 0x0}], 0x1, 0x8, 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$FUSE_INIT(r2, &(0x7f0000000280)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000200), 0x4)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x3, 0x7, 0x2, 0x17d, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182})
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000045000000040000000fa2"], 0x45})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4841}, 0x20008800)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

9.052742983s ago: executing program 4 (id=2894):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x1, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000180), 0x0)

7.506396446s ago: executing program 4 (id=2895):
socket(0xb, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x800000, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r3, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, 0x0, 0x0)

7.350963399s ago: executing program 5 (id=2896):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)

6.112182777s ago: executing program 5 (id=2897):
mount$tmpfs(0x0, 0x0, 0x0, 0x2100800, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x28, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000003040)='./file1\x00', 0x1200001, &(0x7f0000000080)={[{@gid}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@codepage={'codepage', 0x3d, 'cp1251'}}]}, 0x2, 0x342, &(0x7f0000000100)="$eJzs3T1rFEEcBvBn9uWyZ0Jck0jASqIBq5DEQrExSLDxC1hIMCYXCFkjaAQNiNFaxE4QLO2sRb+CNuIX0CqFWGkTLFyZ2Z19u9nN5XLJ5sjzA4+93Zmd/9zM7M0kxAERHVvX5r+/u7gt/wkXgA3gCmAB8AAHwGmMew/XN9pzDuTf2smRQJRTtGVZWm+ZYvAQ54j58p2Doew5OhhhGIY/dk31+1BiofqI7AjOsKKB7ugR7h16ZAdjq+0BdgxkWljsYAePMFxnOEREVL/4+9+KvyWG4vm7ZQGT8Ty837//c/ObnfriOBKS738reh8K+fmcVJfkem91I2gtR0s42fqWXiWa7mXsE2H6cTcQ9Sx7MDPlypRipmKxmiurQWtqS93gOa7GMsnG1OsydEWUsmgbUaoJw9q0QlXdqw2qOriyDrMl8Y9WlWhcAH/6idfm4ha+mM4W6io+i69iQfh4g+Vk/ueEQjaTaim/MFSi+KcraqnDDFrTuVqm4Z9ShZyJS8DH92ktm2WfqwdbxpLXSOtRnL/7Os5XDfMN1ekR5H+sENVuprx2Ktco4Ai1asjmmk0S/TXmGiuW1Vxxg9bU0r2grNP3lnFFJ16Km2ICv/AB85n5vyVTT6J8ZOZGuVAp455RWR9HpWxrRwM1NO/uaWSScj0/XjvK8wJ3cBnDDx5vri0GQet+/Qd6qHSZ/WyP44k6Ytwd5RmoJ1ySBp48cAH0rNB/YRgaLzk4jCZwVVUvvU2rvLm2KOJn3v6KkE/OwqW58sQA5gDEZ/QToZvSnya5BtIb7pLLV2X9ka2tzuQ6pKsPdFTqku66B9M6uqjcJRsDHY2UZheF3niythh09SSiPpM2OsZv1R0M1UHOF0S0/susV6bVU0e++BXrHzf/ttmWIHPHmZIV0Ih6PdHZCi65bek8cVAf7LLmOncBOF8o0YIu8Vnxtn4cJ47ibyX3/qsMMY9vuM2f/xMRERERERERERERERERERERERER9Zu9/jVCN39OkC9x+xj+xxtERERERERERERERERERERERERERERERPuT2f8XsNWOMQ3T/r9VOzUpdrRDjNeL/X/tDvb/FVv9vBcZ0ZHwPwAA//+ekVe5")

5.802831592s ago: executing program 4 (id=2898):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x149a82, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x14, &(0x7f0000001240)=""/3, &(0x7f0000001280)=0x3)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0xdfffffff, 0x800, 0x11c, 0x1}, 0x20)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x200404, 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x3004e51, 0x0, 0x0, 0x0, &(0x7f00000000c0))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

4.787189137s ago: executing program 5 (id=2899):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x1000840, &(0x7f0000000f00)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c73686f72746e616d653d77696e6e742c636f6465706167653d3935302c757466383d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d302c756e695f786c6174653d302c696f636861727365743d63703836352c757466383d312c73686f72746e616d653d6c6f7765722c757466383d302c73686f72746e616d653d77696e6e742c001d46d61beb"], 0x3, 0x384, &(0x7f0000000b40)="$eJzs3T+IHFUYAPBvb/Z27yThrhCCgjDaCXokURFtvBAuENwmyuKfQlxMonJ7BnK4mBTZnI1YCpYKgpUWWlikE0RQxM7C1gghKhaaLmDIyOzM/rvdvYhy+YO/X7H58t73vfdm78HODey7l1dj/fh8nLxy5XIsLFSiunp4Na5WYjmS6Dsfk2rFPx9N6QIAbnNXsyz+zAoRX/6TksrurwoA2E29z/9X9460vP3NTvmZT38AuOOVv/8vjrYl23IWZhWf2rVlAQC7aPz5f0Q8MJFSG4bViXsDAODO8+wLLz59qBHxTJouRGy802l2mvHksP/QyXg92nEi9sdSXIsobhTyl0rv9cjRxtr+NE278ctyNPOKTjNio9tpFncKh5JefT0OxFIsl/Xl3UaWZcmRLxprB9KeiDjf7c0fG5VOcz4Wy/l/uitOxMFI4+6J+oijjbWDaTlAc6NfPx+xNXxuka9/JZbih1fiVLTjeOS1/duaxtq5A2l6OGvsqQzru51mvZdXmPkEBAAAAAAAAAAAAAAAAAAAAAAA/pWVdGB5cH5ONjy/Z2VlSn/vfJyivjwfaKs4HyirZ5Flf7z1cPPdJMbOB9p2Pk+306zG3K29dAAAAAAAAAAAAAAAAAAAALhtbJ6pRavdPnF688zZ9dGge3rzzFxE5C1vfPfZ14sxnrNYDjBeNRZUy5SRrnRYlSX95CwZyymDJJ+8Ui1aPr0wWPFoTn1wFVOXUZ/aVS3WvPf+Sx8Mu+5L+iNfHyYnMfW6zibbllEEC2Nv7Oy3ZYfg4A1yLmZZNqv83EuTVVGJqE5Z6n8Ksjz49vJr9zyyue+xXstXWeHBh5aeu/j+x7+tt9r5zLl2u3Z681q23ir/P32zzQ6S/v755NJgs1VGd0K19ej1Y3tmjLw13tJKfvz9+Xvf+75smdv5x5SNtrw50lUpq5Ji0s+3l9eKIF/moOupPMjfo8m55qds/mnB47Fzzg0uZ9+Hq60L537+dWr53OQmGdnLDuoAAAAAAAAAAAAAAAAAAICbYuS74qXyy77zO1U9cWz3VwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN8/w7/8Pgpjb2tYyO6iWw+Qtf3VjMqeeDxi1kRmXb9GVAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf/Z3AAAA//8HNl2q")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan1\x00'})
sendmsg$NL80211_CMD_DEL_STATION(r2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r3, &(0x7f0000000780)}, 0x20)
socket(0x10, 0x2, 0x0)

4.738555578s ago: executing program 1 (id=2900):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_open_dev$sndpcmc(&(0x7f0000000180), 0x1, 0x8080)
unshare(0x2040600)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r6, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x20000000000000d6, &(0x7f0000000040)=ANY=[@ANYRES8=r1, @ANYRESOCT=r0], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)

4.519884991s ago: executing program 2 (id=2901):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x149a82, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x14, &(0x7f0000001240)=""/3, &(0x7f0000001280)=0x3)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0xdfffffff, 0x800, 0x11c, 0x1}, 0x20)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x200404, 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x3004e51, 0x0, 0x0, 0x0, &(0x7f00000000c0))
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

3.721866523s ago: executing program 4 (id=2902):
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x4b, 0x1, 0xffffffff, 0x6, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000280)=0x2)
close(0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)

2.730123908s ago: executing program 1 (id=2903):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)

2.726677268s ago: executing program 5 (id=2904):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_procfs(0x0, &(0x7f0000000200)='net/protocols\x00')

2.224310806s ago: executing program 2 (id=2905):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x1000840, &(0x7f0000000f00)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c73686f72746e616d653d77696e6e742c636f6465706167653d3935302c757466383d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d302c756e695f786c6174653d302c696f636861727365743d63703836352c757466383d312c73686f72746e616d653d6c6f7765722c757466383d302c73686f72746e616d653d77696e6e742c001d46d61beb"], 0x3, 0x384, &(0x7f0000000b40)="$eJzs3T+IHFUYAPBvb/Z27yThrhCCgjDaCXokURFtvBAuENwmyuKfQlxMonJ7BnK4mBTZnI1YCpYKgpUWWlikE0RQxM7C1gghKhaaLmDIyOzM/rvdvYhy+YO/X7H58t73vfdm78HODey7l1dj/fh8nLxy5XIsLFSiunp4Na5WYjmS6Dsfk2rFPx9N6QIAbnNXsyz+zAoRX/6TksrurwoA2E29z/9X9460vP3NTvmZT38AuOOVv/8vjrYl23IWZhWf2rVlAQC7aPz5f0Q8MJFSG4bViXsDAODO8+wLLz59qBHxTJouRGy802l2mvHksP/QyXg92nEi9sdSXIsobhTyl0rv9cjRxtr+NE278ctyNPOKTjNio9tpFncKh5JefT0OxFIsl/Xl3UaWZcmRLxprB9KeiDjf7c0fG5VOcz4Wy/l/uitOxMFI4+6J+oijjbWDaTlAc6NfPx+xNXxuka9/JZbih1fiVLTjeOS1/duaxtq5A2l6OGvsqQzru51mvZdXmPkEBAAAAAAAAAAAAAAAAAAAAAAA/pWVdGB5cH5ONjy/Z2VlSn/vfJyivjwfaKs4HyirZ5Flf7z1cPPdJMbOB9p2Pk+306zG3K29dAAAAAAAAAAAAAAAAAAAALhtbJ6pRavdPnF688zZ9dGge3rzzFxE5C1vfPfZ14sxnrNYDjBeNRZUy5SRrnRYlSX95CwZyymDJJ+8Ui1aPr0wWPFoTn1wFVOXUZ/aVS3WvPf+Sx8Mu+5L+iNfHyYnMfW6zibbllEEC2Nv7Oy3ZYfg4A1yLmZZNqv83EuTVVGJqE5Z6n8Ksjz49vJr9zyyue+xXstXWeHBh5aeu/j+x7+tt9r5zLl2u3Z681q23ir/P32zzQ6S/v755NJgs1VGd0K19ej1Y3tmjLw13tJKfvz9+Xvf+75smdv5x5SNtrw50lUpq5Ji0s+3l9eKIF/moOupPMjfo8m55qds/mnB47Fzzg0uZ9+Hq60L537+dWr53OQmGdnLDuoAAAAAAAAAAAAAAAAAAICbYuS74qXyy77zO1U9cWz3VwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN8/w7/8Pgpjb2tYyO6iWw+Qtf3VjMqeeDxi1kRmXb9GVAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf/Z3AAAA//8HNl2q")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan1\x00'})
sendmsg$NL80211_CMD_DEL_STATION(r2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r5, &(0x7f0000000780)}, 0x20)
socket(0x10, 0x2, 0x0)

2.223716236s ago: executing program 5 (id=2906):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x1000840, &(0x7f0000000f00)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c73686f72746e616d653d77696e6e742c636f6465706167653d3935302c757466383d312c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d302c756e695f786c6174653d302c696f636861727365743d63703836352c757466383d312c73686f72746e616d653d6c6f7765722c757466383d302c73686f72746e616d653d77696e6e742c001d46d61beb"], 0x3, 0x384, &(0x7f0000000b40)="$eJzs3T+IHFUYAPBvb/Z27yThrhCCgjDaCXokURFtvBAuENwmyuKfQlxMonJ7BnK4mBTZnI1YCpYKgpUWWlikE0RQxM7C1gghKhaaLmDIyOzM/rvdvYhy+YO/X7H58t73vfdm78HODey7l1dj/fh8nLxy5XIsLFSiunp4Na5WYjmS6Dsfk2rFPx9N6QIAbnNXsyz+zAoRX/6TksrurwoA2E29z/9X9460vP3NTvmZT38AuOOVv/8vjrYl23IWZhWf2rVlAQC7aPz5f0Q8MJFSG4bViXsDAODO8+wLLz59qBHxTJouRGy802l2mvHksP/QyXg92nEi9sdSXIsobhTyl0rv9cjRxtr+NE278ctyNPOKTjNio9tpFncKh5JefT0OxFIsl/Xl3UaWZcmRLxprB9KeiDjf7c0fG5VOcz4Wy/l/uitOxMFI4+6J+oijjbWDaTlAc6NfPx+xNXxuka9/JZbih1fiVLTjeOS1/duaxtq5A2l6OGvsqQzru51mvZdXmPkEBAAAAAAAAAAAAAAAAAAAAAAA/pWVdGB5cH5ONjy/Z2VlSn/vfJyivjwfaKs4HyirZ5Flf7z1cPPdJMbOB9p2Pk+306zG3K29dAAAAAAAAAAAAAAAAAAAALhtbJ6pRavdPnF688zZ9dGge3rzzFxE5C1vfPfZ14sxnrNYDjBeNRZUy5SRrnRYlSX95CwZyymDJJ+8Ui1aPr0wWPFoTn1wFVOXUZ/aVS3WvPf+Sx8Mu+5L+iNfHyYnMfW6zibbllEEC2Nv7Oy3ZYfg4A1yLmZZNqv83EuTVVGJqE5Z6n8Ksjz49vJr9zyyue+xXstXWeHBh5aeu/j+x7+tt9r5zLl2u3Z681q23ir/P32zzQ6S/v755NJgs1VGd0K19ej1Y3tmjLw13tJKfvz9+Xvf+75smdv5x5SNtrw50lUpq5Ji0s+3l9eKIF/moOupPMjfo8m55qds/mnB47Fzzg0uZ9+Hq60L537+dWr53OQmGdnLDuoAAAAAAAAAAAAAAAAAAICbYuS74qXyy77zO1U9cWz3VwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN8/w7/8Pgpjb2tYyO6iWw+Qtf3VjMqeeDxi1kRmXb9GVAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf/Z3AAAA//8HNl2q")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r3, &(0x7f0000000780)}, 0x20)
socket(0x10, 0x2, 0x0)

1.31055837s ago: executing program 4 (id=2907):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x149a82, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x14, &(0x7f0000001240)=""/3, &(0x7f0000001280)=0x3)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0xdfffffff, 0x800, 0x11c, 0x1}, 0x20)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x200404, 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x3004e51, 0x0, 0x0, 0x0, &(0x7f00000000c0))
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

975.031565ms ago: executing program 5 (id=2908):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x1000, 0x7, &(0x7f0000ffd000/0x1000)=nil)
keyctl$instantiate(0xc, 0x0, &(0x7f00000002c0)=ANY=[], 0x2d, 0xfffffffffffffff9)
r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r0, &(0x7f0000000040)=""/43, 0x1dab)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r2, &(0x7f0000000340)=ANY=[], 0xff2e)
r3 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
ioctl$TCXONC(r2, 0x540a, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r4, <r5=>0xffffffffffffffff}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x16, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000080010000b70800000000001000007b8af0ff64000000bf7300000000000007010000f8ffffff0000000007040000f0ffffffb7020000080000001823000000000000aa1171676483e257f66b49913fd53e8279e598587694fad01d0000000000000000000000000000a072ea77b8cd1c946212a1abe6eb3540f1e70f496221c1531b3c90cbbf318e7a087e50dcc3dfcc46a1fa7b632ab8cf36d3cf90717de8fcd115ed6f5b85546c15da545aa1e5f7f7ba3985d6dd9ba407a8906841e40179bdbbb9", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b6000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r6, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ftruncate(r1, 0x8000)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x310)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

114.143088ms ago: executing program 2 (id=2909):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/power/resume', 0x88102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, 0x0}], 0x1, 0x8, 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$FUSE_INIT(r2, &(0x7f0000000280)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000200), 0x4)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x3, 0x7, 0x2, 0x17d, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182})
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000045000000040000000fa2"], 0x45})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, 0x0, 0x200, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4841}, 0x20008800)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

0s ago: executing program 4 (id=2910):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x20044000)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@ipv6_newrule={0x58, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x20, 0x40, 0x0, 0x0, 0x0, 0x7}, [@FIB_RULE_POLICY=@FRA_OIFNAME={0x14, 0x11, 'veth0_to_bridge\x00'}, @FIB_RULE_POLICY=@FRA_IIFNAME={0x14, 0x3, 'veth1_vlan\x00'}, @FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x17}}]}, 0x58}, 0x1, 0x0, 0x0, 0x24040804}, 0x0)

kernel console output (not intermixed with test programs):

5] device syzkaller1 entered promiscuous mode
[  176.087960][ T4365] usb 5-1: USB disconnect, device number 3
[  176.607153][ T5204] 9pnet_fd: Insufficient options for proto=fd
[  177.018090][ T5214] loop0: detected capacity change from 0 to 128
[  177.051060][ T5214] EXT4-fs: Ignoring removed orlov option
[  177.116054][ T5214] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.157099][ T5214] EXT4-fs (loop0): Test dummy encryption mode enabled
[  177.172808][ T5214] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  179.271706][ T5246] 9pnet_fd: Insufficient options for proto=fd
[  181.800749][ T5287] 9pnet_fd: Insufficient options for proto=fd
[  181.986675][ T5291] netlink: 1180 bytes leftover after parsing attributes in process `syz.0.282'.
[  182.331255][ T5301] loop3: detected capacity change from 0 to 8
[  182.402463][ T5301] SQUASHFS error: zstd decompression failed, data probably corrupt
[  182.410458][ T5301] SQUASHFS error: Failed to read block 0x4ec: -5
[  182.416927][ T5301] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  182.424360][ T5301] SQUASHFS error: Unable to read inode 0x2011f
[  182.451615][ T4367] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  182.771509][ T4367] usb 1-1: Using ep0 maxpacket: 16
[  182.778519][ T4367] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.823109][ T4367] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.855023][ T4367] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  182.871626][ T4367] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.901904][ T4367] usb 1-1: config 0 descriptor??
[  183.328930][ T4367] usbhid 1-1:0.0: can't add hid device: -71
[  183.337918][ T4367] usbhid: probe of 1-1:0.0 failed with error -71
[  183.368615][ T4367] usb 1-1: USB disconnect, device number 3
[  184.653263][ T5319] netlink: 8 bytes leftover after parsing attributes in process `syz.4.288'.
[  184.691767][ T5319] netlink: 8 bytes leftover after parsing attributes in process `syz.4.288'.
[  185.690513][ T5319] 8021q: adding VLAN 0 to HW filter on device bond1
[  185.797355][ T5328] netlink: 12 bytes leftover after parsing attributes in process `syz.0.289'.
[  186.257837][ T5332] netlink: 16 bytes leftover after parsing attributes in process `syz.0.292'.
[  187.071654][ T4303] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  187.521493][ T4303] usb 1-1: Using ep0 maxpacket: 16
[  187.578342][ T4303] usb 1-1: config 0 has no interfaces?
[  187.585677][ T4303] usb 1-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  187.621633][ T4303] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.670703][ T4303] usb 1-1: config 0 descriptor??
[  187.977982][ T5359] loop1: detected capacity change from 0 to 8
[  188.984189][ T5359] SQUASHFS error: zstd decompression failed, data probably corrupt
[  189.027635][ T5359] SQUASHFS error: Failed to read block 0x4ec: -5
[  189.090709][ T5359] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  189.146900][ T5359] SQUASHFS error: Unable to read inode 0x2011f
[  189.166484][   T27] kauditd_printk_skb: 58 callbacks suppressed
[  189.166496][   T27] audit: type=1326 audit(1750588401.868:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5345 comm="syz.3.296" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a4678e929 code=0x0
[  189.904821][ T5378] netlink: 4 bytes leftover after parsing attributes in process `syz.3.300'.
[  191.411647][ T4367] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  191.602194][ T4367] usb 5-1: Using ep0 maxpacket: 32
[  191.609511][ T4367] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  191.666102][ T4367] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  191.716944][ T4367] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  191.741279][ T4367] usb 5-1: Product: syz
[  191.755517][ T4367] usb 5-1: Manufacturer: syz
[  191.774387][ T4367] usb 5-1: SerialNumber: syz
[  191.794214][ T4367] usb 5-1: config 0 descriptor??
[  191.813095][ T5387] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  192.224786][ T4273] usb 5-1: USB disconnect, device number 4
[  192.520587][ T4273] usb 1-1: USB disconnect, device number 4
[  194.159798][ T5413] loop4: detected capacity change from 0 to 256
[  194.175336][ T5413] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  194.186284][ T5413] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  194.217747][ T5413] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  194.586080][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  194.592684][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  195.502358][ T4273] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  195.791505][ T4273] usb 2-1: Using ep0 maxpacket: 8
[  195.798741][ T4273] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  196.581498][ T4273] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  196.591494][ T4273] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  196.601326][ T4273] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  196.611341][ T4273] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  196.641518][ T4273] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  196.675634][ T4273] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.744762][ T5433] mmap: syz.4.317 (5433) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  196.930652][ T4273] usb 2-1: GET_CAPABILITIES returned 0
[  196.937358][ T4273] usbtmc 2-1:16.0: can't read capabilities
[  197.204689][ T4273] usb 2-1: USB disconnect, device number 4
[  197.633962][ T5447] netlink: 12 bytes leftover after parsing attributes in process `syz.3.321'.
[  201.814729][ T4271] Bluetooth: hci0: command 0x0406 tx timeout
[  201.823718][ T4270] Bluetooth: hci3: command 0x0406 tx timeout
[  201.829785][ T4270] Bluetooth: hci1: command 0x0406 tx timeout
[  201.836389][ T4271] Bluetooth: hci2: command 0x0406 tx timeout
[  201.848985][ T5488] delete_channel: no stack
[  204.541602][ T4303] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  205.587148][ T4303] usb 5-1: device descriptor read/64, error -71
[  205.966510][ T4303] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  206.280000][ T5570] device vlan2 entered promiscuous mode
[  206.304658][ T5570] device bridge0 entered promiscuous mode
[  206.340700][ T4431] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  208.989225][ T5567] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  208.996131][ T4270] Bluetooth: hci2: command 0x0c1a tx timeout
[  209.450104][ T5567] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  209.457186][ T5567] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  209.467587][ T5567] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  209.477962][ T5567] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  209.487784][ T5567] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  209.499706][ T5567] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  209.507393][ T5567] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  209.518660][ T5567] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  209.618337][ T5567] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  209.673467][ T5567] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  209.691746][ T5567] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  209.721784][ T5567] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  209.752093][ T5567] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  209.806417][ T5567] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  210.284870][ T5597] netlink: 'syz.0.369': attribute type 1 has an invalid length.
[  210.466531][ T5601] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  210.562994][ T5597] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  210.583687][ T5597] bond1 (unregistering): Released all slaves
[  210.801603][ T4365] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  210.881240][ T5611] loop4: detected capacity change from 0 to 128
[  210.903469][ T5611] EXT4-fs: Ignoring removed orlov option
[  210.909326][ T5611] EXT4-fs: Ignoring removed nomblk_io_submit option
[  211.006139][ T5611] EXT4-fs (loop4): Test dummy encryption mode enabled
[  211.037107][ T4365] usb 2-1: config 0 has no interfaces?
[  211.070707][ T4365] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  211.091206][ T4365] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.141617][ T4365] usb 2-1: Product: syz
[  211.145833][ T4365] usb 2-1: Manufacturer: syz
[  211.150427][ T4365] usb 2-1: SerialNumber: syz
[  211.188073][ T4365] usb 2-1: config 0 descriptor??
[  211.193179][ T5611] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  211.207471][ T5616] loop2: detected capacity change from 0 to 2048
[  211.463108][ T4270] Bluetooth: hci2: command 0x0406 tx timeout
[  211.541570][ T4266] Bluetooth: hci3: command 0x0c1a tx timeout
[  211.541581][ T4270] Bluetooth: hci1: command 0x0c1a tx timeout
[  211.621483][ T4266] Bluetooth: hci0: command 0x0c1a tx timeout
[  211.664590][ T5616] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.786334][ T4266] Bluetooth: hci4: command 0x0c1a tx timeout
[  212.391572][ T4304] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  212.581629][ T4304] usb 4-1: Using ep0 maxpacket: 8
[  212.591258][ T4304] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  212.658843][ T4304] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  212.812032][ T4304] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  212.830107][ T4304] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.869067][ T4304] usb 4-1: Product: syz
[  212.884416][ T4304] usb 4-1: Manufacturer: syz
[  212.901091][ T4304] usb 4-1: SerialNumber: syz
[  212.942089][ T4304] usb 4-1: bad CDC descriptors
[  212.987913][ T4304] usbtest 4-1:1.0: couldn't get endpoints, -22
[  213.037289][ T4304] usbtest: probe of 4-1:1.0 failed with error -22
[  213.621596][ T4271] Bluetooth: hci1: command 0x0406 tx timeout
[  213.621637][ T4266] Bluetooth: hci3: command 0x0406 tx timeout
[  213.703125][ T4271] Bluetooth: hci0: command 0x0406 tx timeout
[  213.861620][ T4271] Bluetooth: hci4: command 0x0406 tx timeout
[  214.120069][ T4365] usb 4-1: USB disconnect, device number 8
[  217.384881][ T5650] netlink: 24 bytes leftover after parsing attributes in process `syz.4.381'.
[  217.771560][ T5655] loop8: detected capacity change from 0 to 8
[  217.797733][ T5655] Dev loop8: unable to read RDB block 8
[  217.841764][ T5655]  loop8: unable to read partition table
[  217.858004][ T5655] loop8: partition table beyond EOD, truncated
[  218.258364][ T5655] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  218.812278][ T4365] usb 2-1: USB disconnect, device number 5
[  219.019710][ T5662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.385'.
[  220.241632][ T5676] netlink: 120 bytes leftover after parsing attributes in process `syz.4.389'.
[  221.378730][ T5687] loop2: detected capacity change from 0 to 2048
[  221.535796][ T5687] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  221.577547][   T27] audit: type=1800 audit(1750588434.278:74): pid=5686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.391" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  221.666759][ T5686] sg_read: process 281 (syz.0.391) changed security contexts after opening file descriptor, this is not allowed.
[  222.152109][ T4365] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  222.342250][ T4365] usb 2-1: Using ep0 maxpacket: 32
[  222.357638][ T4365] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.398451][ T4365] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  222.503740][ T4341] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  222.561976][ T4365] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  222.591555][ T4365] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.626994][ T4365] usb 2-1: config 0 descriptor??
[  222.657623][ T4365] hub 2-1:0.0: bad descriptor, ignoring hub
[  222.675999][ T4365] hub: probe of 2-1:0.0 failed with error -5
[  222.693330][ T4365] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  222.731944][ T4341] usb 4-1: config 0 has no interfaces?
[  222.812158][ T4341] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  222.846768][ T4341] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.887696][ T4341] usb 4-1: Product: syz
[  222.919059][ T4341] usb 4-1: Manufacturer: syz
[  222.951097][ T4341] usb 4-1: SerialNumber: syz
[  222.968625][ T4341] usb 4-1: config 0 descriptor??
[  223.210851][ T4271] Bluetooth: hci1: SCO packet for unknown connection handle 1
[  223.451482][ T4341] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  223.691491][ T4341] usb 1-1: Using ep0 maxpacket: 16
[  223.703089][ T4341] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  223.716451][ T4341] usb 1-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  223.728048][ T4341] usb 1-1: Product: syz
[  223.735395][ T4341] usb 1-1: Manufacturer: syz
[  223.741323][ T4341] usb 1-1: SerialNumber: syz
[  223.760408][ T4341] usb 1-1: config 0 descriptor??
[  223.779475][ T4341] usb 1-1: selecting invalid altsetting 1
[  223.825334][ T4341] snd-usb-audio: probe of 1-1:0.0 failed with error -22
[  223.840885][ T4340] udevd[4340]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  224.030335][ T5716] netlink: 4 bytes leftover after parsing attributes in process `syz.0.400'.
[  224.041025][ T5716] device bridge_slave_1 left promiscuous mode
[  224.050314][ T5716] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.065358][ T5716] device bridge_slave_0 left promiscuous mode
[  224.075145][ T5716] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.396890][ T4341] usb 1-1: USB disconnect, device number 5
[  225.121748][   T14] usb 2-1: USB disconnect, device number 6
[  225.246143][ T5727] binder: 5726:5727 unknown command 1074553619
[  225.282966][ T5727] binder: 5726:5727 ioctl c0306201 200000000540 returned -22
[  225.472212][ T5734] binder: 5726:5734 ioctl c038943b 200000000140 returned -22
[  226.675209][ T5746] loop4: detected capacity change from 0 to 8
[  227.398730][ T5746] SQUASHFS error: zstd decompression failed, data probably corrupt
[  227.408427][ T5746] SQUASHFS error: Failed to read block 0x4ec: -5
[  227.414990][ T5746] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  227.422367][ T5746] SQUASHFS error: Unable to read inode 0x2011f
[  227.540626][ T5749] loop2: detected capacity change from 0 to 256
[  228.021603][ T5749] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  228.032576][ T5749] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  228.841513][ T5749] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  229.414349][ T4367] usb 4-1: USB disconnect, device number 9
[  229.591247][ T5765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.415'.
[  231.056023][ T5775] loop1: detected capacity change from 0 to 2048
[  231.609731][ T5775] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  231.908161][ T5783] netlink: 'syz.3.420': attribute type 4 has an invalid length.
[  232.024207][ T5784] fuse: Unknown parameter 'user_i'
[  232.446285][ T5793] input: syz1 as /devices/virtual/input/input5
[  233.200389][ T5807] netlink: 4 bytes leftover after parsing attributes in process `syz.1.427'.
[  233.225926][ T5807] device bridge_slave_1 left promiscuous mode
[  233.237442][ T5807] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.992292][ T5807] device bridge_slave_0 left promiscuous mode
[  234.013638][ T5807] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.250475][ T5818] loop4: detected capacity change from 0 to 128
[  234.273311][ T5818] EXT4-fs: Ignoring removed orlov option
[  234.298253][ T5818] EXT4-fs: Ignoring removed nomblk_io_submit option
[  234.361886][ T5818] EXT4-fs (loop4): Test dummy encryption mode enabled
[  234.399597][ T5818] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  234.837768][ T4273] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  235.051443][ T4273] usb 4-1: Using ep0 maxpacket: 32
[  235.058571][ T4273] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  235.088456][ T4273] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.114500][ T4273] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  235.123956][ T4273] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.137819][ T4273] usb 4-1: config 0 descriptor??
[  235.362708][ T4273] hub 4-1:0.0: bad descriptor, ignoring hub
[  235.368724][ T4273] hub: probe of 4-1:0.0 failed with error -5
[  235.401320][ T4273] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  235.662609][ T5840] loop1: detected capacity change from 0 to 256
[  235.675075][ T5840] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  235.685946][ T5840] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  235.777298][ T4271] Bluetooth: hci2: SCO packet for unknown connection handle 1
[  236.356375][ T5840] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  237.168849][ T5843] netlink: 'syz.2.440': attribute type 10 has an invalid length.
[  237.255514][ T5843] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  237.424774][ T5847] netlink: 11 bytes leftover after parsing attributes in process `syz.4.442'.
[  237.621505][ T4271] Bluetooth: hci4: command 0x0406 tx timeout
[  237.969394][ T5854] loop0: detected capacity change from 0 to 2048
[  238.811213][ T5854] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  238.842680][   T26] usb 4-1: USB disconnect, device number 10
[  239.893215][ T5876] loop2: detected capacity change from 0 to 256
[  239.911025][ T5876] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  239.921775][ T5876] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  240.247974][ T5876] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  241.442653][ T5880] loop3: detected capacity change from 0 to 128
[  241.490737][ T5880] EXT4-fs: Ignoring removed orlov option
[  241.527789][ T5880] EXT4-fs: Ignoring removed nomblk_io_submit option
[  241.586778][ T5880] EXT4-fs (loop3): Test dummy encryption mode enabled
[  241.682807][ T5880] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  241.889151][ T5886] loop4: detected capacity change from 0 to 8
[  241.909350][ T4273] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  241.960555][ T5886] SQUASHFS error: zstd decompression failed, data probably corrupt
[  241.968943][ T5886] SQUASHFS error: Failed to read block 0x4ec: -5
[  241.975463][ T5886] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  241.982866][ T5886] SQUASHFS error: Unable to read inode 0x2011f
[  242.274377][ T4273] usb 2-1: Using ep0 maxpacket: 16
[  242.315632][ T4273] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.640338][ T4273] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  242.766261][ T4273] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.834915][ T4273] usb 2-1: config 0 descriptor??
[  243.267259][ T4273] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  243.289959][ T4273] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  243.304428][ T4273] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  243.317325][ T4273] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  243.337133][ T4273] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0
[  243.372544][ T4273] mcp2221 0003:04D8:00DD.0002: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  243.492475][ T5909] netlink: 56 bytes leftover after parsing attributes in process `syz.3.462'.
[  243.520087][ T4273] usb 2-1: USB disconnect, device number 7
[  243.681681][ T4367] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  243.861914][ T4367] usb 1-1: Using ep0 maxpacket: 32
[  243.868952][ T4367] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  243.882322][ T4367] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  243.897213][ T4367] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  243.908112][ T4367] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.919349][ T4367] usb 1-1: config 0 descriptor??
[  243.928094][ T4367] hub 1-1:0.0: bad descriptor, ignoring hub
[  243.934547][ T4367] hub: probe of 1-1:0.0 failed with error -5
[  243.943306][ T4367] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  244.134945][ T4271] Bluetooth: hci3: hardware error 0x02
[  245.486246][   T27] audit: type=1326 audit(1750588458.188:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  245.628928][   T27] audit: type=1326 audit(1750588458.218:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  245.656933][ T5929] loop4: detected capacity change from 0 to 2048
[  245.712817][ T5929] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  245.779458][   T27] audit: type=1326 audit(1750588458.218:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  245.849490][   T27] audit: type=1326 audit(1750588458.218:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  245.972807][   T27] audit: type=1326 audit(1750588458.218:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  246.112954][   T27] audit: type=1326 audit(1750588458.218:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  246.181697][ T4271] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  246.321250][   T27] audit: type=1326 audit(1750588458.218:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  246.492988][   T27] audit: type=1326 audit(1750588458.218:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  246.514212][ T5939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.471'.
[  246.627446][   T27] audit: type=1326 audit(1750588458.218:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  246.662913][ T4367] usb 1-1: USB disconnect, device number 6
[  246.711239][   T27] audit: type=1326 audit(1750588458.218:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz.1.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7faee2f2ab19 code=0x7ffc0000
[  246.945140][ T5952] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  249.181585][   T14] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  249.391432][   T14] usb 5-1: Using ep0 maxpacket: 32
[  249.398886][   T14] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  249.415221][   T14] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  249.426420][   T14] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  249.454645][   T14] usb 5-1: Product: syz
[  249.474336][   T14] usb 5-1: Manufacturer: syz
[  249.488976][   T14] usb 5-1: SerialNumber: syz
[  249.533358][   T14] usb 5-1: config 0 descriptor??
[  249.636750][ T5979] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  249.661588][ T4273] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  249.884470][ T4273] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  249.934258][ T4273] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  249.945708][ T4303] usb 5-1: USB disconnect, device number 7
[  249.999479][ T4273] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  250.021687][ T4273] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.720515][   T27] kauditd_printk_skb: 149 callbacks suppressed
[  250.720532][   T27] audit: type=1326 audit(1750588463.418:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faee2f8e929 code=0x7ffc0000
[  250.940860][   T27] audit: type=1326 audit(1750588463.468:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faee2f8e929 code=0x7ffc0000
[  250.978277][   T27] audit: type=1326 audit(1750588463.638:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7faee2f8e929 code=0x7ffc0000
[  251.041262][   T27] audit: type=1326 audit(1750588463.638:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faee2f8e929 code=0x7ffc0000
[  251.140748][   T27] audit: type=1326 audit(1750588463.638:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faee2f8e929 code=0x7ffc0000
[  251.389117][   T27] audit: type=1326 audit(1750588463.638:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faee2f8e929 code=0x7ffc0000
[  251.451543][   T27] audit: type=1326 audit(1750588463.638:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faee2f8e929 code=0x7ffc0000
[  251.477360][   T27] audit: type=1326 audit(1750588463.638:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faee2f8e929 code=0x7ffc0000
[  251.499842][   T27] audit: type=1326 audit(1750588463.638:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7faee2f907bc code=0x7ffc0000
[  251.522694][   T27] audit: type=1326 audit(1750588463.668:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.1.488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7faee2f906f4 code=0x7ffc0000
[  254.515330][ T4367] usb 2-1: USB disconnect, device number 8
[  255.033776][ T6045] netlink: 8 bytes leftover after parsing attributes in process `syz.2.501'.
[  255.060475][ T6045] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.067853][ T6045] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.651304][ T6046] syz.1.499 uses obsolete (PF_INET,SOCK_PACKET)
[  256.023999][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  256.030399][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  256.667005][ T6068] netlink: 40 bytes leftover after parsing attributes in process `syz.2.508'.
[  263.709609][ T6127] loop2: detected capacity change from 0 to 8
[  264.523237][ T6127] SQUASHFS error: zstd decompression failed, data probably corrupt
[  264.531229][ T6127] SQUASHFS error: Failed to read block 0x4ec: -5
[  264.537708][ T6127] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  264.545097][ T6127] SQUASHFS error: Unable to read inode 0x2011f
[  265.512992][ T4271] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  265.527466][ T4271] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  265.535925][ T4271] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  265.556766][ T4271] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  265.565625][ T4271] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  265.573994][ T4271] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  266.683077][ T6156] 8021q: adding VLAN 0 to HW filter on device bond1
[  267.134462][ T5887] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.239148][ T6148] chnl_net:caif_netlink_parms(): no params data found
[  267.324643][ T5887] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.552910][ T5887] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.629311][ T4271] Bluetooth: hci5: command 0x0409 tx timeout
[  267.809172][ T5887] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.137801][ T6148] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.161684][ T6148] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.291419][ T6148] device bridge_slave_0 entered promiscuous mode
[  268.311700][ T4273] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  268.356080][ T6148] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.387820][ T6148] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.551524][ T4273] usb 5-1: Using ep0 maxpacket: 32
[  268.567096][ T4273] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.823492][ T4273] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  268.842635][ T6148] device bridge_slave_1 entered promiscuous mode
[  268.853333][ T4273] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  268.862969][ T4273] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.102777][ T4273] usb 5-1: config 0 descriptor??
[  269.133680][ T4273] hub 5-1:0.0: bad descriptor, ignoring hub
[  269.168611][ T4273] hub: probe of 5-1:0.0 failed with error -5
[  269.189901][ T4273] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  269.293286][ T6148] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  269.334236][ T4271] Bluetooth: hci4: hardware error 0x02
[  269.477867][ T6148] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.711745][ T4266] Bluetooth: hci5: command 0x041b tx timeout
[  269.800886][ T6148] team0: Port device team_slave_0 added
[  269.853046][ T6148] team0: Port device team_slave_1 added
[  270.096854][ T6201] loop1: detected capacity change from 0 to 128
[  270.129238][ T6201] EXT4-fs: Ignoring removed orlov option
[  270.169926][ T6201] EXT4-fs: Ignoring removed nomblk_io_submit option
[  270.208411][ T6201] EXT4-fs (loop1): Test dummy encryption mode enabled
[  270.268816][ T6201] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  270.295757][ T6148] batman_adv: batadv0: Adding interface: batadv_slave_0
[  270.308443][ T6148] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  270.622394][ T6148] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.103476][ T6148] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.121120][ T6148] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.237735][ T6148] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.281949][ T4367] usb 5-1: USB disconnect, device number 8
[  271.388868][ T6148] device hsr_slave_0 entered promiscuous mode
[  271.447807][ T6148] device hsr_slave_1 entered promiscuous mode
[  271.460353][ T6148] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  271.511435][ T6148] Cannot create hsr debugfs directory
[  271.541715][ T4271] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  271.609468][ T6217] loop4: detected capacity change from 0 to 8
[  272.666163][ T4271] Bluetooth: hci5: command 0x040f tx timeout
[  273.159811][ T6217] SQUASHFS error: zstd decompression failed, data probably corrupt
[  273.168001][ T6217] SQUASHFS error: Failed to read block 0x4ec: -5
[  273.174478][ T6217] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  273.181875][ T6217] SQUASHFS error: Unable to read inode 0x2011f
[  273.211581][ T4341] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  273.239838][ T4340] blk_print_req_error: 60 callbacks suppressed
[  273.239859][ T4340] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  273.465775][ T4341] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  273.506893][ T4341] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.616772][ T4341] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.711803][ T4341] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  273.789350][ T4341] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  273.859323][ T4341] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  273.889021][ T4341] usb 1-1: Manufacturer: syz
[  273.917717][ T4341] usb 1-1: config 0 descriptor??
[  275.331683][ T4271] Bluetooth: hci5: command 0x0419 tx timeout
[  275.536218][ T4341] usbhid 1-1:0.0: can't add hid device: -71
[  275.547636][ T4341] usbhid: probe of 1-1:0.0 failed with error -71
[  275.637537][ T4341] usb 1-1: USB disconnect, device number 7
[  275.646176][ T6238] netlink: 20 bytes leftover after parsing attributes in process `syz.2.552'.
[  276.147636][ T6224] device vxcan1 entered promiscuous mode
[  276.420683][ T6245] device syzkaller1 entered promiscuous mode
[  276.546742][   T26] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  276.782851][   T26] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  276.823074][   T26] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  276.826443][ T6258] netlink: 24 bytes leftover after parsing attributes in process `syz.4.557'.
[  276.842399][ T6262] loop0: detected capacity change from 0 to 128
[  276.848840][   T26] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  276.857902][ T6148] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  276.884964][ T6262] EXT4-fs: Ignoring removed orlov option
[  276.892246][ T6262] EXT4-fs: Ignoring removed nomblk_io_submit option
[  276.902987][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.934397][ T6262] EXT4-fs (loop0): Test dummy encryption mode enabled
[  276.947696][ T6249] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  276.967555][ T6262] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  277.323544][ T6148] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  277.486976][ T6148] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  277.670359][ T6148] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  278.316314][ T5887] device hsr_slave_0 left promiscuous mode
[  278.387319][ T5887] device hsr_slave_1 left promiscuous mode
[  278.453832][ T5887] device bridge_slave_1 left promiscuous mode
[  278.462113][ T5887] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.707873][ T5887] device bridge_slave_0 left promiscuous mode
[  278.724704][ T5887] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.731753][ T4303] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[  278.930482][ T4303] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  278.963313][ T4303] usb 5-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00
[  279.003137][ T4303] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.907452][ T4303] usb 5-1: config 0 descriptor??
[  280.370614][ T4273] usb 2-1: USB disconnect, device number 9
[  282.312496][ T5887] device veth1_macvtap left promiscuous mode
[  282.415571][ T5887] device veth0_macvtap left promiscuous mode
[  282.533972][ T5887] device veth1_vlan left promiscuous mode
[  282.540244][ T5887] device veth0_vlan left promiscuous mode
[  284.700370][ T6386] hub 9-0:1.0: USB hub found
[  284.705329][ T6386] hub 9-0:1.0: 1 port detected
[  284.849045][ T4303] usb 5-1: string descriptor 0 read error: -71
[  284.875306][ T4303] usb 5-1: USB disconnect, device number 9
[  284.932469][ T6390] netlink: 12 bytes leftover after parsing attributes in process `syz.4.577'.
[  285.503212][ T5887] team0 (unregistering): Port device team_slave_1 removed
[  285.574994][ T5887] team0 (unregistering): Port device team_slave_0 removed
[  285.663339][ T5887] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  285.724483][ T5887] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  285.973028][ T4300] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  286.248740][ T6397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.276038][ T6397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.543091][ T5887] bond0 (unregistering): Released all slaves
[  287.085812][ T6148] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.740545][ T4431] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  287.883206][ T4431] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  287.919050][ T6148] 8021q: adding VLAN 0 to HW filter on device team0
[  287.954638][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  288.036114][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  288.096823][ T6348] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.104085][ T6348] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.214789][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  289.226525][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  289.291231][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  289.312656][ T6348] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.319813][ T6348] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.400904][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  289.462530][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  289.558032][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  289.599978][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  289.654632][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  289.673482][ T6424] loop2: detected capacity change from 0 to 128
[  289.687403][ T4300] usb 1-1: unable to get BOS descriptor or descriptor too short
[  289.714050][ T6424] EXT4-fs: Ignoring removed orlov option
[  289.720203][ T6424] EXT4-fs: Ignoring removed nomblk_io_submit option
[  289.731922][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  289.735128][ T4300] usb 1-1: unable to read config index 0 descriptor/start: -71
[  289.774722][ T4300] usb 1-1: can't read configurations, error -71
[  289.809538][ T6148] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  289.825257][ T6424] EXT4-fs (loop2): Test dummy encryption mode enabled
[  289.871466][ T6148] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  289.887573][ T6424] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  289.937811][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  289.952427][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  290.078148][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  290.148436][  T125] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  290.157672][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  290.222335][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  290.511452][  T125] usb 2-1: Using ep0 maxpacket: 16
[  290.610657][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  292.352545][ T6453] fuse: Bad value for 'fd'
[  293.487884][ T4300] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  293.653178][ T6466] syz.2.596 sent an empty control message without MSG_MORE.
[  293.693704][ T4300] usb 1-1: Using ep0 maxpacket: 16
[  294.499929][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  294.518377][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  294.590372][ T6148] 8021q: adding VLAN 0 to HW filter on device batadv0
[  294.687456][ T6484] TCP: tcp_parse_options: Illegal window scaling value 254 > 14 received
[  295.609006][  T125] usb 2-1: unable to get BOS descriptor or descriptor too short
[  295.637077][  T125] usb 2-1: unable to read config index 0 descriptor/start: -71
[  295.699999][  T125] usb 2-1: can't read configurations, error -71
[  296.908331][ T6496] capability: warning: `syz.4.604' uses deprecated v2 capabilities in a way that may be insecure
[  298.075716][ T4300] usb 1-1: unable to get BOS descriptor or descriptor too short
[  298.110023][ T4300] usb 1-1: unable to read config index 0 descriptor/start: -71
[  298.133331][ T4300] usb 1-1: can't read configurations, error -71
[  298.364182][ T6534] loop8: detected capacity change from 0 to 8
[  298.446277][ T6534] Dev loop8: unable to read RDB block 8
[  298.527659][ T6534]  loop8: unable to read partition table
[  298.648482][ T6534] loop8: partition table beyond EOD, truncated
[  298.762289][ T6534] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  299.223743][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  299.284836][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  299.988292][ T6148] device veth0_vlan entered promiscuous mode
[  299.999690][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  300.170449][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  301.113236][ T6556] loop2: detected capacity change from 0 to 8
[  301.665762][ T6148] device veth1_vlan entered promiscuous mode
[  301.684836][ T6556] SQUASHFS error: zstd decompression failed, data probably corrupt
[  301.693023][ T6556] SQUASHFS error: Failed to read block 0x4ec: -5
[  301.699888][ T6556] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  301.707313][ T6556] SQUASHFS error: Unable to read inode 0x2011f
[  301.722952][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  301.732402][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  301.741185][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  301.820022][ T6558] hub 9-0:1.0: USB hub found
[  301.825203][ T6558] hub 9-0:1.0: 1 port detected
[  301.831983][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  301.928945][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  301.995627][ T6148] device veth0_macvtap entered promiscuous mode
[  302.019371][ T6148] device veth1_macvtap entered promiscuous mode
[  302.250743][ T6148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.310973][ T6148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.360166][ T6148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.399514][ T6148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.444927][ T6148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.498216][ T6148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.538806][ T6148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.580314][ T6148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.668017][ T6148] batman_adv: batadv0: Interface activated: batadv_slave_0
[  302.746041][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  302.765451][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  302.818244][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  302.854959][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  302.885477][ T6148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.905022][ T6148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.951473][ T6148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  302.990157][ T6148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.009991][ T6148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.040949][ T6148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.057090][ T6148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.077961][ T6148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.110113][ T6148] batman_adv: batadv0: Interface activated: batadv_slave_1
[  303.150188][ T6350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  303.192430][ T6350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  303.225343][ T6148] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.272608][ T6148] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.300335][ T6148] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  303.319742][ T6148] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.505037][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.590932][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.656336][ T6348] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.709599][ T6348] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.722056][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  304.738345][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  304.887382][ T6598] loop1: detected capacity change from 0 to 8
[  305.005023][ T6598] SQUASHFS error: zstd decompression failed, data probably corrupt
[  305.013596][ T6598] SQUASHFS error: Failed to read block 0x4ec: -5
[  305.020202][ T6598] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  305.027641][ T6598] SQUASHFS error: Unable to read inode 0x2011f
[  305.413069][ T6599] support for cryptoloop has been removed.  Use dm-crypt instead.
[  305.464317][ T4340] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  306.796655][ T6626] netlink: 'syz.0.640': attribute type 4 has an invalid length.
[  307.080350][ T6630] netlink: 'syz.0.640': attribute type 4 has an invalid length.
[  307.998151][ T6664] loop0: detected capacity change from 0 to 128
[  308.026323][ T6664] EXT4-fs: Ignoring removed orlov option
[  308.083957][ T6664] EXT4-fs: Ignoring removed nomblk_io_submit option
[  308.124828][ T6664] EXT4-fs (loop0): Test dummy encryption mode enabled
[  308.211513][ T6664] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  311.947471][ T6696] netlink: 104 bytes leftover after parsing attributes in process `syz.1.657'.
[  313.016670][ T6714] hub 9-0:1.0: USB hub found
[  313.022351][ T6714] hub 9-0:1.0: 1 port detected
[  313.041555][ T6713] netlink: 88 bytes leftover after parsing attributes in process `syz.2.663'.
[  313.071594][ T6713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.663'.
[  314.376049][ T6739] loop5: detected capacity change from 0 to 128
[  314.422441][ T6739] EXT4-fs: Ignoring removed orlov option
[  314.428305][ T6739] EXT4-fs: Ignoring removed nomblk_io_submit option
[  314.504947][ T6739] EXT4-fs (loop5): Test dummy encryption mode enabled
[  314.560106][ T6739] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  314.875007][ T6348] Bluetooth: hci2: Frame reassembly failed (-84)
[  315.531482][ T4263] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  315.731407][ T4263] usb 2-1: Using ep0 maxpacket: 8
[  315.738207][ T4263] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  315.761520][ T4263] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  315.778437][ T4263] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  315.804650][ T4263] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  315.820534][ T4263] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.838533][ T4263] usbtmc 2-1:16.0: bulk endpoints not found
[  316.903372][ T4266] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  316.909933][ T4271] Bluetooth: hci2: command 0x1003 tx timeout
[  317.466063][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  317.473706][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  318.464285][ T4365] usb 2-1: USB disconnect, device number 12
[  318.728958][ T6816] loop1: detected capacity change from 0 to 128
[  318.759766][ T6816] EXT4-fs: Ignoring removed orlov option
[  318.790390][ T6816] EXT4-fs: Ignoring removed nomblk_io_submit option
[  318.832416][ T6816] EXT4-fs (loop1): Test dummy encryption mode enabled
[  318.839255][ T6816] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  321.246465][ T6846] netlink: 20 bytes leftover after parsing attributes in process `syz.1.695'.
[  322.125757][ T5887] tipc: Subscription rejected, illegal request
[  322.161592][ T4263] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  322.381615][ T4263] usb 2-1: Using ep0 maxpacket: 8
[  322.452075][ T4263] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  322.476175][ T4263] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  322.490055][ T4263] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  322.511759][ T4263] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  322.521704][ T4263] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.613927][ T4263] usbtmc 2-1:16.0: bulk endpoints not found
[  323.405064][ T6880] overlayfs: failed to clone upperpath
[  325.013602][    T7] usb 2-1: USB disconnect, device number 13
[  325.474719][ T6918] loop2: detected capacity change from 0 to 256
[  325.490410][ T6918] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  325.501445][ T6918] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  325.547276][ T6918] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  326.020323][ T6911] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  326.076768][ T6911] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  326.188357][ T6911] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  326.256209][ T6911] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  326.262675][ T6911] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  326.269863][ T6911] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  326.277550][ T6911] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  326.283708][ T6911] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  326.289727][ T6911] Bluetooth: hci5: Suspend notifier action (1) failed: -4
[  327.311642][ T4271] Bluetooth: hci1: command 0x0c1a tx timeout
[  328.266686][ T4271] Bluetooth: hci0: command 0x0c1a tx timeout
[  328.347652][ T4271] Bluetooth: hci5: command 0x0c1a tx timeout
[  328.411494][  T125] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  328.621601][  T125] usb 6-1: Using ep0 maxpacket: 8
[  328.630076][  T125] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  328.669279][  T125] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  328.687551][  T125] usb 6-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  328.728871][  T125] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  328.747639][  T125] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.776274][  T125] usbtmc 6-1:16.0: bulk endpoints not found
[  329.381603][ T4271] Bluetooth: hci1: command 0x0406 tx timeout
[  330.351447][ T4271] Bluetooth: hci0: command 0x0406 tx timeout
[  330.421527][ T4271] Bluetooth: hci5: command 0x0406 tx timeout
[  331.051390][ T4299] usb 6-1: USB disconnect, device number 2
[  331.094888][ T7025] device batadv_slave_1 entered promiscuous mode
[  331.112515][ T7030] device batadv_slave_1 left promiscuous mode
[  332.531600][  T125] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  332.763266][  T125] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  332.792355][  T125] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  332.838291][  T125] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  332.847750][  T125] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.886307][  T125] usb 6-1: config 0 descriptor??
[  332.943549][  T125] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  333.370050][ T1077] Bluetooth: hci2: Frame reassembly failed (-84)
[  334.404484][ T7109] netlink: 'syz.1.769': attribute type 4 has an invalid length.
[  334.481746][ T7109] netlink: 'syz.1.769': attribute type 7 has an invalid length.
[  334.529680][ T7109] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.769'.
[  335.326971][  T125] usb 6-1: USB disconnect, device number 3
[  335.381802][ T4266] Bluetooth: hci2: command 0x1003 tx timeout
[  335.389119][ T4271] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  336.179782][ T7154] binder: 7144:7154 ioctl c0306201 0 returned -14
[  339.122060][   T27] kauditd_printk_skb: 25 callbacks suppressed
[  339.122075][   T27] audit: type=1326 audit(1750588551.828:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz.1.795" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faee2f8e929 code=0x0
[  339.218542][ T7196] tipc: Started in network mode
[  339.288628][ T7196] tipc: Node identity ac1414aa, cluster identity 4711
[  339.466502][ T7196] tipc: Enabled bearer <udp:s>, priority 10
[  340.308152][ T7210] device batadv_slave_1 entered promiscuous mode
[  340.332264][ T7209] device batadv_slave_1 left promiscuous mode
[  340.452189][   T26] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  340.483627][    T7] tipc: Node number set to 2886997162
[  340.653095][   T26] usb 1-1: config 1 interface 0 has no altsetting 0
[  340.673266][   T26] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  340.756467][   T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.786764][   T26] usb 1-1: Product: syz
[  340.790995][   T26] usb 1-1: Manufacturer: syz
[  340.821384][   T26] usb 1-1: SerialNumber: syz
[  341.500803][   T26] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  343.249679][   T26] usb 1-1: USB disconnect, device number 12
[  343.282598][   T26] usblp0: removed
[  345.376679][ T7317] af_packet: tpacket_rcv: packet too big, clamped from 1 to 4294967272. macoff=96
[  345.558465][ T7322] tipc: Started in network mode
[  345.578887][ T7322] tipc: Node identity 7f000001, cluster identity 4711
[  345.607352][ T7322] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  346.960946][ T7365] netlink: 'syz.4.848': attribute type 12 has an invalid length.
[  347.800153][ T7396] netlink: 104 bytes leftover after parsing attributes in process `syz.1.860'.
[  350.191708][ T4266] Bluetooth: hci2: command 0x1003 tx timeout
[  350.200207][ T4271] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  353.665559][ T7539] hub 9-0:1.0: USB hub found
[  353.715767][ T7539] hub 9-0:1.0: 1 port detected
[  355.594398][ T7585] netlink: 8 bytes leftover after parsing attributes in process `syz.1.902'.
[  356.418773][ T7606] loop2: detected capacity change from 0 to 2048
[  356.450236][ T7606] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  356.761732][   T27] audit: type=1800 audit(1750588569.458:270): pid=7598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.907" name="/" dev="fuse" ino=0 res=0 errno=0
[  358.252840][ T7637] ptrace attach of "./syz-executor exec"[7638] was attempted by "./syz-executor exec"[7637]
[  358.831423][ T4299] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  359.031507][ T4299] usb 6-1: Using ep0 maxpacket: 16
[  359.047937][ T4299] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  359.079471][ T4299] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.120139][ T4299] usb 6-1: New USB device found, idVendor=056a, idProduct=033b, bcdDevice= 0.00
[  359.155834][ T7661] loop2: detected capacity change from 0 to 2048
[  359.165367][ T4299] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.191928][ T4299] usb 6-1: config 0 descriptor??
[  359.228476][ T7661] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  359.657004][ T4299] wacom 0003:056A:033B.0003: unknown main item tag 0x0
[  359.682458][ T4299] wacom 0003:056A:033B.0003: unknown main item tag 0x0
[  359.721514][ T4299] wacom 0003:056A:033B.0003: unknown main item tag 0x0
[  359.728503][ T4299] wacom 0003:056A:033B.0003: unknown main item tag 0x0
[  359.766249][ T4299] wacom 0003:056A:033B.0003: unknown main item tag 0x0
[  359.782264][ T4299] wacom 0003:056A:033B.0003: Unknown device_type for 'HID 056a:033b'. Assuming pen.
[  359.854414][ T4299] wacom 0003:056A:033B.0003: hidraw0: USB HID v20.00 Device [HID 056a:033b] on usb-dummy_hcd.5-1/input0
[  359.910718][ T4299] input: Wacom Intuos S 2 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:033B.0003/input/input6
[  360.026897][ T4299] usb 6-1: USB disconnect, device number 4
[  360.048540][ T7672] netlink: 'syz.0.933': attribute type 12 has an invalid length.
[  360.317245][ T7676] fido_id[7676]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  361.103515][ T4303] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  361.320716][ T4303] usb 1-1: config 9 has an invalid interface number: 89 but max is 0
[  361.345525][ T4303] usb 1-1: config 9 has no interface number 0
[  361.367535][ T4303] usb 1-1: config 9 interface 89 altsetting 6 bulk endpoint 0x6 has invalid maxpacket 1024
[  361.378847][ T4303] usb 1-1: config 9 interface 89 has no altsetting 0
[  361.418592][ T4303] usb 1-1: New USB device found, idVendor=17ef, idProduct=480b, bcdDevice=72.65
[  361.430471][ T4303] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.439161][ T4303] usb 1-1: Product: syz
[  361.443534][ T4303] usb 1-1: Manufacturer: syz
[  361.448187][ T4303] usb 1-1: SerialNumber: syz
[  361.465194][ T7698] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  361.697692][ T4303] usb 1-1: Found UVC 0.00 device syz (17ef:480b)
[  361.716091][ T4303] usb 1-1: No valid video chain found.
[  361.736553][ T4303] usb 1-1: USB disconnect, device number 13
[  362.953854][ T7739] 9pnet_fd: Insufficient options for proto=fd
[  363.155262][ T7746] netlink: 5 bytes leftover after parsing attributes in process `syz.4.959'.
[  363.288700][ T7753] netlink: 8 bytes leftover after parsing attributes in process `syz.1.962'.
[  363.528694][ T7762] kvm: MWAIT instruction emulated as NOP!
[  364.951198][ T7789] netlink: 'syz.1.974': attribute type 12 has an invalid length.
[  365.330526][ T7802] overlayfs: failed to set xattr on upper
[  365.342417][ T7802] overlayfs: ...falling back to index=off,metacopy=off.
[  366.447858][ T7816] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  368.421525][ T4271] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  368.883546][ T7873] tipc: New replicast peer: 0.0.0.0
[  368.889821][ T7873] tipc: Enabled bearer <udp:syz2>, priority 10
[  368.902297][ T7873] netlink: 'syz.1.1006': attribute type 4 has an invalid length.
[  368.910175][ T7873] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1006'.
[  368.937446][ T7873] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa
[  369.787319][ T7900] netlink: 'syz.1.1018': attribute type 4 has an invalid length.
[  370.073024][  T125] tipc: Node number set to 2130706433
[  373.937116][ T7961] loop0: detected capacity change from 0 to 2048
[  374.025123][ T7961] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  374.294585][ T7987] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1048'.
[  375.016241][ T7987] syz.5.1048 (7987) used greatest stack depth: 17216 bytes left
[  376.266760][ T8016] netlink: 'syz.0.1057': attribute type 4 has an invalid length.
[  376.281558][ T8016] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1057'.
[  376.520194][ T8018] loop2: detected capacity change from 0 to 8
[  376.530162][ T8018] SQUASHFS error: zstd decompression failed, data probably corrupt
[  376.538269][ T8018] SQUASHFS error: Failed to read block 0x4ec: -5
[  376.544662][ T8018] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  376.552386][ T8018] SQUASHFS error: Unable to read inode 0x2011f
[  376.591920][ T4340] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  376.821185][ T8031] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1062'.
[  378.638511][ T8061] hub 9-0:1.0: USB hub found
[  378.643850][ T8061] hub 9-0:1.0: 1 port detected
[  378.906140][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  378.912554][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  379.524258][ T8083] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  379.802722][ T8089] overlayfs: failed to clone upperpath
[  381.693086][ T8108] loop0: detected capacity change from 0 to 128
[  381.731163][ T8108] EXT4-fs: Ignoring removed orlov option
[  381.764989][ T8108] EXT4-fs: Ignoring removed nomblk_io_submit option
[  381.812395][ T8108] EXT4-fs (loop0): Test dummy encryption mode enabled
[  381.819262][ T8108] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  382.227821][ T8118] netlink: 'syz.1.1094': attribute type 4 has an invalid length.
[  382.234097][ T8106] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  382.321780][ T8106] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  382.338033][ T8106] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  382.418822][ T8106] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  382.425566][ T8106] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  382.432882][ T8106] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  382.443467][ T8106] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  382.445240][ T8122] netlink: 'syz.1.1094': attribute type 4 has an invalid length.
[  382.453581][ T8106] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  382.466065][ T8106] Bluetooth: hci5: Suspend notifier action (1) failed: -4
[  383.631375][ T4271] Bluetooth: hci1: command 0x0c1a tx timeout
[  384.663850][ T4266] Bluetooth: hci0: command 0x0c1a tx timeout
[  384.672619][ T4266] Bluetooth: hci5: command 0x0c1a tx timeout
[  385.701398][ T4271] Bluetooth: hci1: command 0x0406 tx timeout
[  386.882233][ T4266] Bluetooth: hci5: command 0x0406 tx timeout
[  386.882767][ T4271] Bluetooth: hci0: command 0x0406 tx timeout
[  391.260581][ T4266] Bluetooth: hci5: command 0x0406 tx timeout
[  391.293944][ T8273] loop0: detected capacity change from 0 to 256
[  391.629608][ T8273] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  391.640614][ T8273] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  391.697229][ T8273] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  392.546658][ T8293] overlayfs: failed to clone upperpath
[  392.781459][ T4304] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  393.174014][ T4304] usb 1-1: Using ep0 maxpacket: 16
[  393.187550][ T4304] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  393.204229][ T8305] loop5: detected capacity change from 0 to 8
[  393.224190][ T8305] SQUASHFS error: zstd decompression failed, data probably corrupt
[  393.232410][ T8305] SQUASHFS error: Failed to read block 0x4ec: -5
[  393.238796][ T8305] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  393.246832][ T8305] SQUASHFS error: Unable to read inode 0x2011f
[  393.593077][ T4304] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  393.603675][ T4304] usb 1-1: config 0 has no interface number 0
[  393.619434][ T4304] usb 1-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  393.640820][ T4304] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.680167][ T4304] usb 1-1: Product: syz
[  393.689904][ T4304] usb 1-1: Manufacturer: syz
[  393.702702][ T4304] usb 1-1: SerialNumber: syz
[  393.716076][ T4304] usb 1-1: config 0 descriptor??
[  393.935171][ T4303] usb 1-1: USB disconnect, device number 14
[  394.544675][ T8322] loop2: detected capacity change from 0 to 2048
[  394.620007][ T8322] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  395.171612][    T7] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  395.363564][    T7] usb 6-1: config 4 has an invalid interface number: 95 but max is 0
[  395.382871][    T7] usb 6-1: config 4 has no interface number 0
[  395.410422][    T7] usb 6-1: config 4 interface 95 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 8
[  395.449287][    T7] usb 6-1: New USB device found, idVendor=7725, idProduct=b0a8, bcdDevice= 7.46
[  395.489259][    T7] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.538945][    T7] usb 6-1: Product: syz
[  395.576777][    T7] usb 6-1: Manufacturer: syz
[  395.603867][    T7] usb 6-1: SerialNumber: syz
[  395.656772][ T8332] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  395.750450][ T8343] loop2: detected capacity change from 0 to 8
[  395.771843][ T8343] SQUASHFS error: zstd decompression failed, data probably corrupt
[  395.779882][ T8343] SQUASHFS error: Failed to read block 0x4ec: -5
[  395.786365][ T8343] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  395.793755][ T8343] SQUASHFS error: Unable to read inode 0x2011f
[  395.923020][    T7] usb 6-1: MIDIStreaming interface descriptor not found
[  396.035103][    T7] usb 6-1: USB disconnect, device number 5
[  396.399046][ T8356] netlink: 'syz.1.1173': attribute type 12 has an invalid length.
[  396.776798][ T8371] fuse: Bad value for 'fd'
[  398.216823][ T8403] fuse: Bad value for 'fd'
[  401.455411][ T8442] fuse: Bad value for 'fd'
[  403.072661][ T8464] overlayfs: unrecognized mount option "verity=on" or missing value
[  404.360390][ T8476] overlayfs: failed to clone upperpath
[  404.738280][ T8481] hub 9-0:1.0: USB hub found
[  404.745429][ T8481] hub 9-0:1.0: 1 port detected
[  409.214530][ T8541] 9pnet: p9_errstr2errno: server reported unknown error MB.rsvd.us
[  409.248888][ T8543] raw_sendmsg: syz.0.1240 forgot to set AF_INET. Fix it!
[  410.487755][ T8560] can: request_module (can-proto-0) failed.
[  414.111161][ T8607] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1261'.
[  415.201994][ T8598] trusted_key: encrypted_key: insufficient parameters specified
[  415.235847][ T8614] loop2: detected capacity change from 0 to 128
[  415.413136][ T8614] FAT-fs (loop2): Unrecognized mount option "ut" or missing value
[  420.603705][ T8642] ptrace attach of "./syz-executor exec"[4261] was attempted by ""[8642]
[  426.933215][ T8677] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1277'.
[  426.942760][ T8677] device bridge_slave_1 left promiscuous mode
[  426.953238][ T8677] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.968030][ T8677] device bridge_slave_0 left promiscuous mode
[  426.975538][ T8677] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.001364][ T4299] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[  427.268323][ T4299] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  427.335455][ T8681] ptrace attach of "./syz-executor exec"[4253] was attempted by ""[8681]
[  428.239651][ T4299] usb 6-1: config 0 has no interface number 0
[  428.262692][ T4299] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  428.282138][ T4299] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  428.304714][ T4299] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  428.313939][ T4299] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.324944][ T4299] usb 6-1: config 0 descriptor??
[  428.332627][ T8675] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  428.354626][ T4299] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  429.396959][ T8675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  429.513816][ T8675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  429.726503][ T4304] usb 6-1: USB disconnect, device number 6
[  431.279538][ T8699] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1282'.
[  431.648090][ T8708] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1285'.
[  431.658642][ T8708] device bridge_slave_1 left promiscuous mode
[  431.677898][ T8708] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.798002][ T8708] device bridge_slave_0 left promiscuous mode
[  431.806154][ T8708] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.255827][ T8717] loop2: detected capacity change from 0 to 128
[  432.432272][ T8717] FAT-fs (loop2): Unrecognized mount option "ut" or missing value
[  438.422949][ T8750] loop2: detected capacity change from 0 to 128
[  438.496235][ T8750] FAT-fs (loop2): Unrecognized mount option "ut" or missing value
[  440.346406][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  440.352884][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  443.622680][ T8780] 9pnet_virtio: no channels available for device syz
[  445.923354][ T8798] loop2: detected capacity change from 0 to 8
[  447.421820][ T8798] SQUASHFS error: zstd decompression failed, data probably corrupt
[  447.429859][ T8798] SQUASHFS error: Failed to read block 0x4ec: -5
[  447.436406][ T8798] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  447.443813][ T8798] SQUASHFS error: Unable to read inode 0x2011f
[  447.488888][ T8793] trusted_key: encrypted_key: insufficient parameters specified
[  447.822056][ T8806] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1310'.
[  451.198648][ T8849] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1323'.
[  452.835316][ T8856] loop5: detected capacity change from 0 to 2048
[  456.397327][ T8903] fuse: Bad value for 'fd'
[  459.378215][ T8928] hub 9-0:1.0: USB hub found
[  459.384616][ T8928] hub 9-0:1.0: 1 port detected
[  460.597995][ T8940] loop5: detected capacity change from 0 to 8
[  461.324488][ T8940] SQUASHFS error: zstd decompression failed, data probably corrupt
[  461.332736][ T8940] SQUASHFS error: Failed to read block 0x4ec: -5
[  461.339634][ T8940] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  461.347076][ T8940] SQUASHFS error: Unable to read inode 0x2011f
[  466.467341][ T8981] hub 9-0:1.0: USB hub found
[  466.472497][ T8981] hub 9-0:1.0: 1 port detected
[  470.987039][ T9046] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1377'.
[  473.474534][ T9074] loop2: detected capacity change from 0 to 128
[  473.481361][ T4263] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  473.533804][ T9074] EXT4-fs: Ignoring removed orlov option
[  473.571545][ T9074] EXT4-fs: Ignoring removed nomblk_io_submit option
[  473.605008][ T9074] EXT4-fs (loop2): Test dummy encryption mode enabled
[  473.640095][ T9074] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  473.697881][ T4263] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  473.738441][ T4263] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  473.782870][ T4263] usb 6-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  473.829039][ T4263] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  473.957643][ T4263] usb 6-1: config 0 descriptor??
[  475.011144][ T9085] fuse: Bad value for 'fd'
[  475.026084][ T9086] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1389'.
[  475.355099][ T9097] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1392'.
[  475.448469][ T4263] hid-led 0003:27B8:01ED.0004: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.5-1/input0
[  475.702067][ T4263] hid-led 0003:27B8:01ED.0004: ThingM blink(1) initialized
[  475.751794][ T4263] usb 6-1: USB disconnect, device number 7
[  475.917517][ T9106] hub 9-0:1.0: USB hub found
[  475.923399][ T9106] hub 9-0:1.0: 1 port detected
[  476.636811][ T9103] fido_id[9103]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  479.760344][ T9133] fuse: Bad value for 'fd'
[  479.985033][ T9136] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1401'.
[  480.072227][ T9139] loop2: detected capacity change from 0 to 128
[  480.097790][ T9139] EXT4-fs: Ignoring removed orlov option
[  480.111442][ T9139] EXT4-fs: Ignoring removed nomblk_io_submit option
[  480.171988][ T9139] EXT4-fs (loop2): Test dummy encryption mode enabled
[  480.210358][ T9139] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  480.504354][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1406'.
[  480.513814][ T9148] device bridge_slave_1 left promiscuous mode
[  480.520653][ T9148] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.617586][ T9148] device bridge_slave_0 left promiscuous mode
[  480.655904][ T9148] bridge0: port 1(bridge_slave_0) entered disabled state
[  482.433976][ T9162] hub 9-0:1.0: USB hub found
[  482.439848][ T9162] hub 9-0:1.0: 1 port detected
[  482.933485][ T4304] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  484.528639][ T4304] usb 6-1: Using ep0 maxpacket: 32
[  484.602980][ T4304] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  484.631546][ T4304] usb 6-1: config 0 has no interface number 0
[  484.659560][ T4304] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  484.684910][ T4304] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.693586][ T4304] usb 6-1: Product: syz
[  484.697798][ T4304] usb 6-1: Manufacturer: syz
[  484.703625][ T9177] fuse: Bad value for 'fd'
[  484.708754][ T4304] usb 6-1: SerialNumber: syz
[  484.732676][ T4304] usb 6-1: config 0 descriptor??
[  484.744300][ T4304] smsc95xx v2.0.0
[  485.550027][ T9184] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1416'.
[  485.598700][ T4304] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  485.707347][ T4304] smsc95xx: probe of 6-1:0.67 failed with error -71
[  485.761646][ T4304] usb 6-1: USB disconnect, device number 8
[  485.947831][ T9190] loop5: detected capacity change from 0 to 128
[  485.990744][ T9190] EXT4-fs: Ignoring removed orlov option
[  486.008113][ T9190] EXT4-fs: Ignoring removed nomblk_io_submit option
[  486.024058][ T9190] EXT4-fs (loop5): Test dummy encryption mode enabled
[  486.030934][ T9190] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  487.143127][ T9199] fuse: Invalid rootmode
[  490.828642][ T9222] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1429'.
[  495.507350][ T9254] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1435'.
[  495.646258][ T9257] loop2: detected capacity change from 0 to 2048
[  495.679823][ T9257] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  496.624630][ T9265] loop5: detected capacity change from 0 to 128
[  496.707091][ T9265] EXT4-fs: Ignoring removed orlov option
[  496.751581][ T9265] EXT4-fs: Ignoring removed nomblk_io_submit option
[  496.823863][ T9265] EXT4-fs (loop5): Test dummy encryption mode enabled
[  496.830804][ T9265] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  496.897452][ T9268] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1440'.
[  501.046182][ T9306] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1450'.
[  501.797588][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  501.804105][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  501.990313][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1452'.
[  503.151918][ T9324] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1455'.
[  505.911147][ T9363] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1463'.
[  507.347469][ T9377] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1468'.
[  507.621930][ T9381] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1469'.
[  507.835208][ T9384] fuse: Bad value for 'rootmode'
[  511.043215][ T9404] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1476'.
[  512.185378][ T9417] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1481'.
[  513.193729][ T9427] fuse: Unknown parameter 'use00000000000000000000'
[  515.650559][ T9462] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1491'.
[  516.468750][ T9468] fuse: Unknown parameter 'use00000000000000000000'
[  519.031367][    T7] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  519.323475][    T7] usb 6-1: Using ep0 maxpacket: 8
[  519.344656][    T7] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  519.393905][    T7] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  519.434925][    T7] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  519.471912][    T7] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  519.503051][    T7] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  519.598234][    T7] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  519.659370][    T7] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.964836][    T7] usb 6-1: usb_control_msg returned -32
[  519.970521][    T7] usbtmc 6-1:16.0: can't read capabilities
[  520.705918][ T9509] usbtmc 6-1:16.0: usb_control_msg returned -32
[  520.745008][ T9504] 9pnet_virtio: no channels available for device syz
[  522.105087][    T7] usb 6-1: USB disconnect, device number 9
[  523.304087][ T9525] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1510'.
[  523.393078][ T9529] loop5: detected capacity change from 0 to 8
[  523.846726][ T9529] SQUASHFS error: zstd decompression failed, data probably corrupt
[  523.855364][ T9529] SQUASHFS error: Failed to read block 0x4ec: -5
[  523.861818][ T9529] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  523.869122][ T9529] SQUASHFS error: Unable to read inode 0x2011f
[  524.382257][ T9537] loop5: detected capacity change from 0 to 128
[  524.402394][ T9537] EXT4-fs: Ignoring removed orlov option
[  524.408298][ T9537] EXT4-fs: Ignoring removed nomblk_io_submit option
[  524.432578][ T9537] EXT4-fs (loop5): Test dummy encryption mode enabled
[  524.439441][ T9537] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  525.178856][ T9550] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1516'.
[  527.376512][ T9565] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1522'.
[  535.819897][ T9612] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1531'.
[  540.501642][ T9649] loop5: detected capacity change from 0 to 128
[  540.992243][ T9654] syz.5.1542: attempt to access beyond end of device
[  540.992243][ T9654] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  552.229421][ T9723] loop5: detected capacity change from 0 to 128
[  552.691781][ T9729] syz.5.1561: attempt to access beyond end of device
[  552.691781][ T9729] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  554.407335][ T9742] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1565'.
[  559.526108][ T9766] ptrace attach of "./syz-executor exec"[4252] was attempted by ""[9766]
[  563.165276][ T9794] overlayfs: failed to clone upperpath
[  563.399850][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  563.406259][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  566.661934][ T9819] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1584'.
[  572.324928][ T9860] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1600'.
[  575.088452][ T9887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1606'.
[  587.010028][ T9940] loop5: detected capacity change from 0 to 32768
[  587.378363][ T9940] XFS (loop5): Mounting V5 Filesystem
[  588.092644][ T9940] XFS (loop5): Ending clean mount
[  588.129992][ T9940] XFS (loop5): Quotacheck needed: Please wait.
[  588.274933][ T9940] XFS (loop5): Quotacheck: Done.
[  588.352191][ T9982] ptrace attach of "./syz-executor exec"[4252] was attempted by ""[9982]
[  589.234913][ T6148] XFS (loop5): Unmounting Filesystem
[  593.548002][T10014] loop5: detected capacity change from 0 to 1024
[  593.865469][T10014] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  595.199032][ T6148] EXT4-fs (loop5): unmounting filesystem.
[  595.287494][T10035] ptrace attach of "./syz-executor exec"[4252] was attempted by ""[10035]
[  598.539184][T10074] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1657'.
[  600.815331][T10079] loop5: detected capacity change from 0 to 32768
[  601.407266][T10079] XFS (loop5): Mounting V5 Filesystem
[  601.818776][T10079] XFS (loop5): Ending clean mount
[  601.884972][T10079] XFS (loop5): Quotacheck needed: Please wait.
[  602.240351][T10079] XFS (loop5): Quotacheck: Done.
[  602.407787][ T6148] XFS (loop5): Unmounting Filesystem
[  602.534414][T10107] trusted_key: encrypted_key: insufficient parameters specified
[  603.158098][T10122] loop5: detected capacity change from 0 to 1024
[  603.166088][T10122] EXT4-fs: Ignoring removed nobh option
[  603.171744][T10122] EXT4-fs: inline encryption not supported
[  603.191755][T10122] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  604.076748][T10122] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.1667: bad orphan inode 32767
[  604.092339][T10122] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  604.809737][ T6148] EXT4-fs (loop5): unmounting filesystem.
[  606.631336][ T4299] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  606.831388][ T4299] usb 6-1: Using ep0 maxpacket: 16
[  606.844881][ T4299] usb 6-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  606.863058][ T4299] usb 6-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  606.875044][ T4299] usb 6-1: Product: syz
[  606.888994][ T4299] usb 6-1: Manufacturer: syz
[  606.897429][ T4299] usb 6-1: SerialNumber: syz
[  606.923110][ T4299] usb 6-1: config 0 descriptor??
[  606.946558][ T4299] usb 6-1: selecting invalid altsetting 1
[  606.987061][ T4299] snd-usb-audio: probe of 6-1:0.0 failed with error -22
[  607.017455][ T9938] udevd[9938]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  607.209100][T10144] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1675'.
[  607.729134][    T7] usb 6-1: USB disconnect, device number 10
[  612.462246][T10191] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1689'.
[  613.242834][T10195] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1691'.
[  613.533991][T10204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1693'.
[  613.565722][T10206] fuse: Unknown parameter '00000000000000000003'
[  614.206543][T10221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1699'.
[  617.815664][T10247] fuse: Unknown parameter '00000000000000000003'
[  620.491734][T10276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1715'.
[  621.273638][T10284] fuse: Unknown parameter '00000000000000000003'
[  625.483490][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  625.489988][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  628.293279][T10331] fuse: Unknown parameter 'fd00000000000000000003'
[  629.458258][T10342] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1734'.
[  632.576902][T10373] fuse: Unknown parameter 'group_i00000000000000000000'
[  635.057613][T10392] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1746'.
[  635.714239][T10401] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1747'.
[  638.024628][T10421] fuse: Unknown parameter 'group_i00000000000000000000'
[  642.370341][T10441] trusted_key: encrypted_key: insufficient parameters specified
[  644.775149][T10463] fuse: Unknown parameter 'group_i00000000000000000000'
[  653.895089][T10530] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1789'.
[  655.057039][T10546] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1791'.
[  655.213492][T10551] overlayfs: failed to clone upperpath
[  660.669214][T10597] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1806'.
[  661.334730][T10605] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1809'.
[  662.045737][T10612] overlayfs: failed to clone upperpath
[  673.845170][T10681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1830'.
[  673.975588][T10683] overlayfs: failed to clone upperpath
[  675.749295][T10697] overlayfs: failed to clone upperpath
[  679.163000][T10719] fuse: Bad value for 'user_id'
[  684.975868][T10756] fuse: Bad value for 'fd'
[  686.186546][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  686.216926][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  688.437759][T10779] trusted_key: encrypted_key: insufficient parameters specified
[  689.003525][T10792] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1864'.
[  698.715680][T10861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1884'.
[  701.217307][T10869] trusted_key: encrypted_key: insufficient parameters specified
[  704.555051][T10899] trusted_key: encrypted_key: insufficient parameters specified
[  704.862403][T10916] overlayfs: failed to clone upperpath
[  704.868717][T10914] overlayfs: failed to clone upperpath
[  709.191419][T10960] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1919'.
[  713.236444][T10997] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1933'.
[  716.288820][T11019] overlayfs: failed to clone upperpath
[  726.115940][T11112] trusted_key: encrypted_key: insufficient parameters specified
[  734.199636][T11186] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2004'.
[  741.701018][T11246] netlink: 116 bytes leftover after parsing attributes in process `syz.1.2028'.
[  747.391752][T11284] netlink: 116 bytes leftover after parsing attributes in process `syz.4.2041'.
[  747.544602][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  747.551052][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  750.855579][T11315] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  750.881295][T11315] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  752.483333][T11330] fuse: Bad value for 'rootmode'
[  756.103304][T11364] fuse: Bad value for 'rootmode'
[  762.176910][T11418] fuse: Unknown parameter 'use00000000000000000000'
[  765.217172][T11439] overlayfs: failed to clone upperpath
[  765.375494][T11447] fuse: Unknown parameter 'use00000000000000000000'
[  767.834668][T11469] trusted_key: encrypted_key: insufficient parameters specified
[  768.410746][T11480] fuse: Unknown parameter 'use00000000000000000000'
[  771.290000][T11510] fuse: Unknown parameter 'user_i00000000000000000000'
[  772.877030][T11526] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2127'.
[  777.344591][T11571] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2144'.
[  780.868150][T11605] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2159'.
[  784.803259][T11642] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2171'.
[  786.307586][T11651] trusted_key: encrypted_key: insufficient parameters specified
[  791.512566][T11680] overlayfs: failed to clone upperpath
[  795.311611][T11745] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2205'.
[  798.565676][T11793] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2224'.
[  799.538241][T11808] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2228'.
[  801.488217][T11810] overlayfs: failed to clone upperpath
[  801.798873][T11818] overlayfs: failed to resolve './file1': -2
[  803.255411][T11843] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2243'.
[  803.940114][T11844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2244'.
[  804.676339][T11851] overlayfs: failed to clone upperpath
[  805.065491][T11847] overlayfs: failed to clone upperpath
[  805.126177][T11863] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2251'.
[  807.264246][T11883] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2256'.
[  808.419914][T11894] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2261'.
[  808.996190][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  809.002972][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  809.159883][T11903] overlayfs: failed to clone upperpath
[  813.297684][T11942] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2279'.
[  815.062637][T11955] overlayfs: failed to clone upperpath
[  815.277924][T11960] netlink: 128 bytes leftover after parsing attributes in process `syz.5.2284'.
[  817.388732][T11983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2293'.
[  820.615996][T12006] fuse: Unknown parameter '0x0000000000000004'
[  820.668058][T12009] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2300'.
[  820.743503][T11993] trusted_key: encrypted_key: insufficient parameters specified
[  826.567042][T12052] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2314'.
[  826.627293][T12056] fuse: Unknown parameter 'fd0x0000000000000004'
[  838.141886][T12131] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2338'.
[  839.851249][T12142] overlayfs: failed to resolve './file1': -2
[  843.087632][T12168] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2350'.
[  843.512171][T12170] trusted_key: encrypted_key: insufficient parameters specified
[  847.067316][T12208] netlink: 128 bytes leftover after parsing attributes in process `syz.5.2364'.
[  852.289050][T12242] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2375'.
[  867.404007][T12348] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2406'.
[  871.633059][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  871.639434][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  877.351038][T12416] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2426'.
[  890.328729][T12497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2448'.
[  900.202551][T12571] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2468'.
[  903.606610][T12604] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2488'.
[  904.900673][T12614] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  904.919987][T12614] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  909.530098][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2492'.
[  920.640570][T12717] overlayfs: failed to clone upperpath
[  931.865217][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  931.880993][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  946.855131][T12935] overlayfs: missing 'lowerdir'
[  948.449884][T12937] trusted_key: encrypted_key: insufficient parameters specified
[  961.780799][T13032] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2603'.
[  961.808859][T13032] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2603'.
[  966.311800][T13044] overlayfs: missing 'lowerdir'
[  966.707830][T13065] overlayfs: failed to clone upperpath
[  972.557266][T13097] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2622'.
[  972.598911][T13097] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2622'.
[  978.311823][T13137] overlayfs: missing 'lowerdir'
[  980.586093][T13166] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2641'.
[  980.645062][T13166] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2641'.
[  981.997684][T13162] overlayfs: missing 'lowerdir'
[  988.788870][T13217] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  988.828635][T13217] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  990.562740][T13238] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2661'.
[  990.573281][T13238] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2661'.
[  993.335702][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  993.342134][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1001.425992][T13308] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2680'.
[ 1001.436388][T13308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2680'.
[ 1007.410882][T13358] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2696'.
[ 1007.451929][T13358] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2696'.
[ 1014.532255][T13413] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2712'.
[ 1014.728054][T13413] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2712'.
[ 1016.157781][T13418] trusted_key: encrypted_key: insufficient parameters specified
[ 1016.507645][ T4271] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1016.518943][ T4271] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1016.527953][ T4271] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1016.538473][ T4271] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1016.547217][ T4271] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1016.557751][ T4271] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1017.614577][ T4316] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1017.781388][T13433] trusted_key: encrypted_key: insufficient parameters specified
[ 1017.870113][ T4316] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1018.663283][ T4271] Bluetooth: hci1: command 0x0409 tx timeout
[ 1018.936696][ T4316] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1019.313889][ T4316] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1021.145727][T13428] chnl_net:caif_netlink_parms(): no params data found
[ 1021.327444][ T4271] Bluetooth: hci1: command 0x041b tx timeout
[ 1021.647464][ T4316] tipc: Disabling bearer <udp:syz2>
[ 1021.716049][ T4316] tipc: Left network mode
[ 1021.749846][T13428] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1021.757915][T13449] overlayfs: missing 'lowerdir'
[ 1021.786137][T13428] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1021.832791][T13428] device bridge_slave_0 entered promiscuous mode
[ 1022.260595][T13480] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2727'.
[ 1022.301677][T13428] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.308879][T13428] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1022.403587][T13428] device bridge_slave_1 entered promiscuous mode
[ 1023.015523][T13481] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2727'.
[ 1023.155203][T13428] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1023.201229][T13428] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1023.276303][T13428] team0: Port device team_slave_0 added
[ 1023.551298][ T4271] Bluetooth: hci1: command 0x040f tx timeout
[ 1023.568702][T13428] team0: Port device team_slave_1 added
[ 1025.631289][ T4271] Bluetooth: hci1: command 0x0419 tx timeout
[ 1025.921754][T13428] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1025.928794][T13428] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1027.721177][T13428] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1027.836060][T13508] overlayfs: missing 'workdir'
[ 1027.899498][T13428] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1027.917022][T13428] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1028.055265][T13428] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1028.384857][T13428] device hsr_slave_0 entered promiscuous mode
[ 1028.439596][T13428] device hsr_slave_1 entered promiscuous mode
[ 1028.479874][T13428] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1028.491142][T13428] Cannot create hsr debugfs directory
[ 1028.908546][T13532] overlayfs: missing 'workdir'
[ 1031.668776][T13561] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2743'.
[ 1033.923481][ T4316] device hsr_slave_0 left promiscuous mode
[ 1033.940093][ T4316] device hsr_slave_1 left promiscuous mode
[ 1033.987259][ T4316] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1034.017545][ T4316] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1034.112672][ T4316] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1034.130942][ T4316] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1036.594051][ T4316] device veth1_macvtap left promiscuous mode
[ 1036.771220][ T4316] device veth0_macvtap left promiscuous mode
[ 1036.777452][ T4316] device veth1_vlan left promiscuous mode
[ 1036.810128][ T4316] device veth0_vlan left promiscuous mode
[ 1039.508027][ T4316] team0 (unregistering): Port device team_slave_1 removed
[ 1040.068983][ T4316] team0 (unregistering): Port device team_slave_0 removed
[ 1040.160545][ T4316] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1040.322169][ T4316] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1040.780539][T13618] overlayfs: missing 'lowerdir'
[ 1042.545388][ T4316] bond0 (unregistering): Released all slaves
[ 1043.249004][T13622] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2758'.
[ 1043.309160][T13624] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2758'.
[ 1045.736945][T13428] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1045.783743][T13428] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1045.959822][T13428] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1046.807734][T13428] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1047.102489][T13428] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1047.138657][T13428] 8021q: adding VLAN 0 to HW filter on device team0
[ 1047.231943][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1047.281982][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1047.343314][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1047.402815][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1047.498677][ T4450] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1047.506008][ T4450] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1047.587960][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1047.625854][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1047.645765][ T4450] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1047.653089][ T4450] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1047.672802][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1047.682678][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1047.697652][ T4540] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1047.921860][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1048.681143][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1048.814587][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1048.833294][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1048.842541][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1048.985963][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1049.035933][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1049.116662][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1049.142406][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1049.948612][T13428] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1053.471803][ T6346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1053.479436][ T6346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1053.545439][T13428] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1053.627164][ T6346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1053.652697][ T6346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1053.707997][ T6346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1053.720198][ T6346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1053.764701][T13428] device veth0_vlan entered promiscuous mode
[ 1053.779641][ T6346] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1053.802862][ T6346] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1053.822620][T13428] device veth1_vlan entered promiscuous mode
[ 1054.597173][ T6350] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1054.611877][ T6350] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1054.649560][ T6350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1054.699641][ T6350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1054.738068][T13428] device veth0_macvtap entered promiscuous mode
[ 1054.745193][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.751601][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.865004][T13428] device veth1_macvtap entered promiscuous mode
[ 1054.973471][T13428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.002181][T13428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.031182][T13428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.063039][T13428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.091098][T13428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.149909][T13428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.198791][T13428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.210044][T13428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.222371][T13428] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1055.233099][T13428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1055.243682][T13428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.253938][T13428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1055.278358][T13428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.289583][T13428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1055.300971][T13428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1056.176113][T13428] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1056.211248][T13428] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1056.283083][T13428] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1056.292999][ T6352] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1056.312777][ T6352] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1056.359987][ T6352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1056.400138][ T6352] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1056.435461][ T6352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1056.564287][T13428] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.601193][T13428] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.609985][T13428] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.731161][T13428] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.294842][ T4316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1058.779066][ T4316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1059.055329][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1059.224280][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1059.243743][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1059.334889][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1061.778316][T13798] loop1: detected capacity change from 0 to 256
[ 1062.189630][T13798] FAT-fs (loop1): Directory bread(block 64) failed
[ 1062.363282][T13798] FAT-fs (loop1): Directory bread(block 65) failed
[ 1062.521793][T13798] FAT-fs (loop1): Directory bread(block 66) failed
[ 1062.528934][T13798] FAT-fs (loop1): Directory bread(block 67) failed
[ 1062.536108][T13798] FAT-fs (loop1): Directory bread(block 68) failed
[ 1062.632301][T13798] FAT-fs (loop1): Directory bread(block 69) failed
[ 1062.639085][T13798] FAT-fs (loop1): Directory bread(block 70) failed
[ 1062.645761][T13798] FAT-fs (loop1): Directory bread(block 71) failed
[ 1062.652460][T13798] FAT-fs (loop1): Directory bread(block 72) failed
[ 1062.659039][T13798] FAT-fs (loop1): Directory bread(block 73) failed
[ 1065.536949][T13824] loop1: detected capacity change from 0 to 256
[ 1065.884719][T13824] FAT-fs (loop1): Directory bread(block 64) failed
[ 1066.891286][T13824] FAT-fs (loop1): Directory bread(block 65) failed
[ 1066.898047][T13824] FAT-fs (loop1): Directory bread(block 66) failed
[ 1067.769329][T13824] FAT-fs (loop1): Directory bread(block 67) failed
[ 1067.841363][T13824] FAT-fs (loop1): Directory bread(block 68) failed
[ 1067.902069][T13824] FAT-fs (loop1): Directory bread(block 69) failed
[ 1067.908801][T13824] FAT-fs (loop1): Directory bread(block 70) failed
[ 1067.994430][T13824] FAT-fs (loop1): Directory bread(block 71) failed
[ 1068.049856][T13824] FAT-fs (loop1): Directory bread(block 72) failed
[ 1068.091204][T13824] FAT-fs (loop1): Directory bread(block 73) failed
[ 1068.497021][ T4266] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1068.509822][ T4266] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1068.519501][ T4266] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1068.527540][ T4266] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1068.535692][ T4266] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1068.646227][ T4266] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1069.319554][T13851] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2805'.
[ 1069.342089][T13852] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2805'.
[ 1069.622158][ T4450] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.065131][ T4450] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.403727][ T4450] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.572838][ T4450] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1071.262828][ T4266] Bluetooth: hci2: command 0x0409 tx timeout
[ 1071.996424][T13843] chnl_net:caif_netlink_parms(): no params data found
[ 1073.323259][ T4271] Bluetooth: hci2: command 0x041b tx timeout
[ 1075.381336][ T4271] Bluetooth: hci2: command 0x040f tx timeout
[ 1075.893149][T13843] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1075.900409][T13843] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1076.082715][T13843] device bridge_slave_0 entered promiscuous mode
[ 1076.194823][T13893] trusted_key: encrypted_key: insufficient parameters specified
[ 1076.448555][T13843] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1076.583382][T13843] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1077.280519][T13843] device bridge_slave_1 entered promiscuous mode
[ 1077.461262][ T4266] Bluetooth: hci2: command 0x0419 tx timeout
[ 1078.865138][T13843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1078.970155][T13843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1079.508166][T13843] team0: Port device team_slave_0 added
[ 1079.548967][T13843] team0: Port device team_slave_1 added
[ 1079.924764][T13843] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1079.941940][T13843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1080.085173][T13843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1080.480672][T13843] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1080.521126][T13843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1080.608546][T13843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1080.826947][T13843] device hsr_slave_0 entered promiscuous mode
[ 1080.854983][T13843] device hsr_slave_1 entered promiscuous mode
[ 1080.864934][T13843] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1080.919049][T13843] Cannot create hsr debugfs directory
[ 1083.302346][ T4450] device hsr_slave_0 left promiscuous mode
[ 1083.321215][ T4450] device hsr_slave_1 left promiscuous mode
[ 1084.581659][ T4450] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1084.618504][ T4450] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1084.671928][ T4450] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1084.708008][ T4450] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1084.931171][ T4450] device veth1_macvtap left promiscuous mode
[ 1084.937309][ T4450] device veth0_macvtap left promiscuous mode
[ 1084.961686][ T4450] device veth1_vlan left promiscuous mode
[ 1084.967608][ T4450] device veth0_vlan left promiscuous mode
[ 1086.473376][T13989] trusted_key: encrypted_key: insufficient parameters specified
[ 1087.427935][ T4450] bond1 (unregistering): Released all slaves
[ 1090.093329][ T4450] team0 (unregistering): Port device team_slave_1 removed
[ 1090.217453][T14024] trusted_key: encrypted_key: insufficient parameters specified
[ 1090.230695][ T4450] team0 (unregistering): Port device team_slave_0 removed
[ 1090.668644][ T4450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1093.602945][ T4450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1095.545467][T14052] trusted_key: encrypted_key: insufficient parameters specified
[ 1096.418475][ T4450] bond0 (unregistering): Released all slaves
[ 1096.903408][T14060] loop1: detected capacity change from 0 to 256
[ 1097.165193][T14060] FAT-fs (loop1): Directory bread(block 64) failed
[ 1097.197679][T14060] FAT-fs (loop1): Directory bread(block 65) failed
[ 1097.371248][T14060] FAT-fs (loop1): Directory bread(block 66) failed
[ 1097.452589][T14060] FAT-fs (loop1): Directory bread(block 67) failed
[ 1097.459938][T14060] FAT-fs (loop1): Directory bread(block 68) failed
[ 1097.487695][T14060] FAT-fs (loop1): Directory bread(block 69) failed
[ 1097.714877][T14060] FAT-fs (loop1): Directory bread(block 70) failed
[ 1098.661334][T14060] FAT-fs (loop1): Directory bread(block 71) failed
[ 1098.712787][T14060] FAT-fs (loop1): Directory bread(block 72) failed
[ 1098.719425][T14060] FAT-fs (loop1): Directory bread(block 73) failed
[ 1098.760216][T14063] trusted_key: encrypted_key: insufficient parameters specified
[ 1101.640626][T14093] loop1: detected capacity change from 0 to 4096
[ 1101.727783][T14093] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1101.872957][T14093] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1102.002684][T14093] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1104.002132][T14093] fscrypt (loop1): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[ 1104.369930][T13428] EXT4-fs (loop1): unmounting filesystem.
[ 1104.685202][T13843] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1104.764619][T13843] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1104.804116][T13843] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1104.858065][T13843] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1105.121845][T13843] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1105.163300][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1105.181738][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1105.217206][T13843] 8021q: adding VLAN 0 to HW filter on device team0
[ 1105.272168][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1105.305988][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1105.349419][ T4450] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1105.356823][ T4450] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1105.398518][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1105.436769][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1105.559170][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1105.602842][ T4450] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1105.610110][ T4450] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1105.648948][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1105.668720][T14137] loop1: detected capacity change from 0 to 32768
[ 1105.682743][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1105.723552][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1105.771100][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1105.826227][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1105.915891][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1105.982217][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1106.007733][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1106.685267][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1106.724008][T14137] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[ 1106.788900][T13843] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1106.857318][ T6352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1106.883454][ T6352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1107.236703][   T27] audit: type=1800 audit(1750589319.938:271): pid=14137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2862" name="file1" dev="loop1" ino=17058 res=0 errno=0
[ 1108.330235][T13428] ocfs2: Unmounting device (7,1) on (node local)
[ 1110.513318][ T6335] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1110.531656][ T6335] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1110.552024][T13843] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1113.174300][T14213] loop1: detected capacity change from 0 to 256
[ 1113.341557][T14213] FAT-fs (loop1): Directory bread(block 64) failed
[ 1113.348201][T14213] FAT-fs (loop1): Directory bread(block 65) failed
[ 1113.436042][T14213] FAT-fs (loop1): Directory bread(block 66) failed
[ 1113.468612][T14213] FAT-fs (loop1): Directory bread(block 67) failed
[ 1113.491190][T14213] FAT-fs (loop1): Directory bread(block 68) failed
[ 1113.710068][T14213] FAT-fs (loop1): Directory bread(block 69) failed
[ 1113.751899][T14213] FAT-fs (loop1): Directory bread(block 70) failed
[ 1114.451236][T14213] FAT-fs (loop1): Directory bread(block 71) failed
[ 1114.496040][T14213] FAT-fs (loop1): Directory bread(block 72) failed
[ 1114.551160][T14213] FAT-fs (loop1): Directory bread(block 73) failed
[ 1114.993808][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1115.006650][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1115.073130][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1115.092171][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1115.123240][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1115.161612][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1115.203794][T13843] device veth0_vlan entered promiscuous mode
[ 1115.284831][T13843] device veth1_vlan entered promiscuous mode
[ 1115.406728][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1115.424204][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1115.594141][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1115.637510][ T6348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1115.665448][T13843] device veth0_macvtap entered promiscuous mode
[ 1115.710501][T13843] device veth1_macvtap entered promiscuous mode
[ 1115.817036][T13843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1116.028484][T13843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1116.038918][T13843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1116.050037][T13843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1116.060454][T13843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1116.071891][T13843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1116.111087][T13843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1116.202011][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.208845][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.417667][T13843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1116.981853][T13843] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1116.993773][T13843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1117.031154][T13843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1117.066936][T13843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1117.077589][T13843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1117.098321][T13843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1117.130845][T13843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1117.147043][T13843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1117.390572][T13843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1117.852288][T13843] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1117.947327][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1117.956575][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1117.965368][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1117.974561][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1117.984178][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1117.993497][ T5887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1118.016850][T13843] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1118.028953][T13843] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1118.056960][T13843] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1118.090931][T13843] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1119.339946][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1119.364178][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1119.439839][T14273] trusted_key: encrypted_key: insufficient parameters specified
[ 1119.495613][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1119.532728][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1119.595293][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1119.630407][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1125.423379][ T4271] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1125.436268][ T4271] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1125.445618][ T4271] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1125.457143][ T4271] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1125.465256][ T4271] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1126.261711][ T4271] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1128.421989][ T4266] Bluetooth: hci4: command 0x0409 tx timeout
[ 1129.114274][T14372] use of bytesused == 0 is deprecated and will be removed in the future,
[ 1129.123854][T14372] use the actual size instead.
[ 1129.718547][T14372] vivid-000: kernel_thread() failed
[ 1130.930280][ T4266] Bluetooth: hci4: command 0x041b tx timeout
[ 1131.492826][T14401] trusted_key: encrypted_key: insufficient parameters specified
[ 1131.570550][T14338] chnl_net:caif_netlink_parms(): no params data found
[ 1132.101297][    C1] ------------[ cut here ]------------
[ 1132.107639][    C1] refcount_t: addition on 0; use-after-free.
[ 1132.114245][    C1] WARNING: CPU: 1 PID: 6346 at lib/refcount.c:25 refcount_warn_saturate+0xff/0x1a0
[ 1132.123763][    C1] Modules linked in:
[ 1132.127724][    C1] CPU: 1 PID: 6346 Comm: kworker/u4:20 Not tainted 6.1.141-syzkaller #0
[ 1132.136142][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1132.146452][    C1] Workqueue: bat_events batadv_nc_worker
[ 1132.152184][    C1] RIP: 0010:refcount_warn_saturate+0xff/0x1a0
[ 1132.158330][    C1] Code: 09 01 48 c7 c7 a0 d2 be 8a e8 ad 30 45 fd 0f 0b eb e0 e8 f4 1d 79 fd c6 05 fa 72 e2 09 01 48 c7 c7 e0 d1 be 8a e8 91 30 45 fd <0f> 0b eb c4 e8 d8 1d 79 fd c6 05 df 72 e2 09 01 48 c7 c7 40 d2 be
[ 1132.178048][    C1] RSP: 0000:ffffc900001e0748 EFLAGS: 00010246
[ 1132.184193][    C1] RAX: f72b7b5026bc6200 RBX: 0000000000000002 RCX: ffff88804f923b80
[ 1132.192252][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1132.200262][    C1] RBP: ffffc900001e08a8 R08: dffffc0000000000 R09: fffff5200003c079
[ 1132.208330][    C1] R10: fffff5200003c079 R11: 1ffff9200003c078 R12: ffff88807f1dd4c0
[ 1132.216393][    C1] R13: dffffc0000000000 R14: 0000000000000002 R15: ffff888055ea4048
[ 1132.224441][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1132.233455][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1132.240073][    C1] CR2: 00007f0c710d370d CR3: 00000000323e6000 CR4: 00000000003506e0
[ 1132.248202][    C1] DR0: 0000000000000007 DR1: 000000000000000b DR2: 0000000000000004
[ 1132.256291][    C1] DR3: 0000000000000002 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1132.264360][    C1] Call Trace:
[ 1132.267695][    C1]  <IRQ>
[ 1132.270588][    C1]  tipc_crypto_xmit+0x17a9/0x2300
[ 1132.275842][    C1]  ? tipc_crypto_do_cmd+0xde0/0xde0
[ 1132.281147][    C1]  ? skb_clone+0x21b/0x370
[ 1132.285627][    C1]  ? tipc_crypto_clone_msg+0x33/0x160
[ 1132.291140][    C1]  tipc_crypto_clone_msg+0x91/0x160
[ 1132.296581][    C1]  tipc_crypto_xmit+0x1928/0x2300
[ 1132.301760][    C1]  ? tipc_crypto_do_cmd+0xde0/0xde0
[ 1132.307043][    C1]  tipc_bearer_xmit_skb+0x242/0x3f0
[ 1132.312382][    C1]  ? tipc_bearer_xmit_skb+0xa6/0x3f0
[ 1132.317748][    C1]  ? tipc_bearer_min_mtu+0x1c0/0x1c0
[ 1132.323187][    C1]  tipc_disc_timeout+0x568/0x6b0
[ 1132.328464][    C1]  ? tipc_disc_init_msg+0x570/0x570
[ 1132.333812][    C1]  call_timer_fn+0x1a0/0x670
[ 1132.338466][    C1]  ? tipc_disc_init_msg+0x570/0x570
[ 1132.343823][    C1]  ? call_timer_fn+0xc1/0x670
[ 1132.348554][    C1]  ? __run_timers+0x7c0/0x7c0
[ 1132.353361][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1132.358620][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1132.363941][    C1]  ? tipc_disc_init_msg+0x570/0x570
[ 1132.369205][    C1]  __run_timers+0x525/0x7c0
[ 1132.373859][    C1]  ? detach_timer+0x350/0x350
[ 1132.378603][    C1]  ? lock_chain_count+0x20/0x20
[ 1132.383596][    C1]  ? sched_clock_cpu+0x6e/0x250
[ 1132.388530][    C1]  run_timer_softirq+0x63/0xf0
[ 1132.393453][    C1]  handle_softirqs+0x2a1/0x920
[ 1132.398318][    C1]  ? do_softirq+0x13b/0x200
[ 1132.402969][    C1]  ? do_softirq+0x200/0x200
[ 1132.407537][    C1]  do_softirq+0x13b/0x200
[ 1132.411997][    C1]  </IRQ>
[ 1132.414971][    C1]  <TASK>
[ 1132.418030][    C1]  ? __local_bh_enable_ip+0x1b0/0x1b0
[ 1132.423546][    C1]  ? lockdep_hardirqs_on_prepare+0x760/0x760
[ 1132.429613][    C1]  ? batadv_nc_purge_paths+0x316/0x3b0
[ 1132.435241][    C1]  ? lockdep_hardirqs_off+0x70/0x100
[ 1132.440590][    C1]  ? batadv_nc_purge_paths+0x316/0x3b0
[ 1132.446228][    C1]  __local_bh_enable_ip+0x174/0x1b0
[ 1132.451549][    C1]  ? _local_bh_enable+0xa0/0xa0
[ 1132.456487][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[ 1132.461821][    C1]  ? batadv_nc_purge_paths+0x316/0x3b0
[ 1132.467391][    C1]  ? batadv_nc_to_purge_nc_path_coding+0x120/0x120
[ 1132.474041][    C1]  batadv_nc_purge_paths+0x316/0x3b0
[ 1132.479406][    C1]  batadv_nc_worker+0x365/0x600
[ 1132.484407][    C1]  ? process_one_work+0x7a1/0x1160
[ 1132.489587][    C1]  process_one_work+0x898/0x1160
[ 1132.494698][    C1]  ? worker_detach_from_pool+0x240/0x240
[ 1132.500420][    C1]  ? _raw_spin_lock_irq+0xab/0xe0
[ 1132.505603][    C1]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 1132.511092][    C1]  ? kthread_data+0x4b/0xc0
[ 1132.515683][    C1]  worker_thread+0xaa2/0x1250
[ 1132.520499][    C1]  kthread+0x29d/0x330
[ 1132.524715][    C1]  ? worker_clr_flags+0x1a0/0x1a0
[ 1132.529800][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1132.534627][    C1]  ret_from_fork+0x1f/0x30
[ 1132.539144][    C1]  </TASK>
[ 1132.542304][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1132.549728][    C1] CPU: 1 PID: 6346 Comm: kworker/u4:20 Not tainted 6.1.141-syzkaller #0
[ 1132.558116][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1132.568245][    C1] Workqueue: bat_events batadv_nc_worker
[ 1132.574049][    C1] Call Trace:
[ 1132.577379][    C1]  <IRQ>
[ 1132.580400][    C1]  dump_stack_lvl+0x168/0x22e
[ 1132.585143][    C1]  ? memcpy+0x3c/0x60
[ 1132.589186][    C1]  ? show_regs_print_info+0x12/0x12
[ 1132.594473][    C1]  ? load_image+0x3b0/0x3b0
[ 1132.599062][    C1]  panic+0x2c9/0x710
[ 1132.603024][    C1]  ? bpf_jit_dump+0xd0/0xd0
[ 1132.607688][    C1]  ? ret_from_fork+0x1f/0x30
[ 1132.612352][    C1]  __warn+0x2f8/0x4f0
[ 1132.616459][    C1]  ? refcount_warn_saturate+0xff/0x1a0
[ 1132.621985][    C1]  ? refcount_warn_saturate+0xff/0x1a0
[ 1132.627499][    C1]  report_bug+0x2ba/0x4f0
[ 1132.631889][    C1]  ? refcount_warn_saturate+0xff/0x1a0
[ 1132.637413][    C1]  handle_bug+0x3a/0x70
[ 1132.641618][    C1]  exc_invalid_op+0x16/0x40
[ 1132.646166][    C1]  asm_exc_invalid_op+0x16/0x20
[ 1132.651057][    C1] RIP: 0010:refcount_warn_saturate+0xff/0x1a0
[ 1132.657261][    C1] Code: 09 01 48 c7 c7 a0 d2 be 8a e8 ad 30 45 fd 0f 0b eb e0 e8 f4 1d 79 fd c6 05 fa 72 e2 09 01 48 c7 c7 e0 d1 be 8a e8 91 30 45 fd <0f> 0b eb c4 e8 d8 1d 79 fd c6 05 df 72 e2 09 01 48 c7 c7 40 d2 be
[ 1132.676923][    C1] RSP: 0000:ffffc900001e0748 EFLAGS: 00010246
[ 1132.683042][    C1] RAX: f72b7b5026bc6200 RBX: 0000000000000002 RCX: ffff88804f923b80
[ 1132.691061][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[ 1132.699069][    C1] RBP: ffffc900001e08a8 R08: dffffc0000000000 R09: fffff5200003c079
[ 1132.707075][    C1] R10: fffff5200003c079 R11: 1ffff9200003c078 R12: ffff88807f1dd4c0
[ 1132.715084][    C1] R13: dffffc0000000000 R14: 0000000000000002 R15: ffff888055ea4048
[ 1132.723114][    C1]  ? refcount_warn_saturate+0xff/0x1a0
[ 1132.728627][    C1]  tipc_crypto_xmit+0x17a9/0x2300
[ 1132.733720][    C1]  ? tipc_crypto_do_cmd+0xde0/0xde0
[ 1132.738976][    C1]  ? skb_clone+0x21b/0x370
[ 1132.743436][    C1]  ? tipc_crypto_clone_msg+0x33/0x160
[ 1132.748856][    C1]  tipc_crypto_clone_msg+0x91/0x160
[ 1132.754122][    C1]  tipc_crypto_xmit+0x1928/0x2300
[ 1132.759329][    C1]  ? tipc_crypto_do_cmd+0xde0/0xde0
[ 1132.764615][    C1]  tipc_bearer_xmit_skb+0x242/0x3f0
[ 1132.769868][    C1]  ? tipc_bearer_xmit_skb+0xa6/0x3f0
[ 1132.775208][    C1]  ? tipc_bearer_min_mtu+0x1c0/0x1c0
[ 1132.780564][    C1]  tipc_disc_timeout+0x568/0x6b0
[ 1132.785552][    C1]  ? tipc_disc_init_msg+0x570/0x570
[ 1132.790807][    C1]  call_timer_fn+0x1a0/0x670
[ 1132.795437][    C1]  ? tipc_disc_init_msg+0x570/0x570
[ 1132.800757][    C1]  ? call_timer_fn+0xc1/0x670
[ 1132.805484][    C1]  ? __run_timers+0x7c0/0x7c0
[ 1132.810226][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1132.815489][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1132.820747][    C1]  ? tipc_disc_init_msg+0x570/0x570
[ 1132.826001][    C1]  __run_timers+0x525/0x7c0
[ 1132.830565][    C1]  ? detach_timer+0x350/0x350
[ 1132.835297][    C1]  ? lock_chain_count+0x20/0x20
[ 1132.840292][    C1]  ? sched_clock_cpu+0x6e/0x250
[ 1132.845223][    C1]  run_timer_softirq+0x63/0xf0
[ 1132.850052][    C1]  handle_softirqs+0x2a1/0x920
[ 1132.854905][    C1]  ? do_softirq+0x13b/0x200
[ 1132.859482][    C1]  ? do_softirq+0x200/0x200
[ 1132.864097][    C1]  do_softirq+0x13b/0x200
[ 1132.868492][    C1]  </IRQ>
[ 1132.871451][    C1]  <TASK>
[ 1132.874418][    C1]  ? __local_bh_enable_ip+0x1b0/0x1b0
[ 1132.879850][    C1]  ? lockdep_hardirqs_on_prepare+0x760/0x760
[ 1132.885989][    C1]  ? batadv_nc_purge_paths+0x316/0x3b0
[ 1132.891546][    C1]  ? lockdep_hardirqs_off+0x70/0x100
[ 1132.896888][    C1]  ? batadv_nc_purge_paths+0x316/0x3b0
[ 1132.902408][    C1]  __local_bh_enable_ip+0x174/0x1b0
[ 1132.907669][    C1]  ? _local_bh_enable+0xa0/0xa0
[ 1132.912570][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[ 1132.917825][    C1]  ? batadv_nc_purge_paths+0x316/0x3b0
[ 1132.923331][    C1]  ? batadv_nc_to_purge_nc_path_coding+0x120/0x120
[ 1132.929893][    C1]  batadv_nc_purge_paths+0x316/0x3b0
[ 1132.935240][    C1]  batadv_nc_worker+0x365/0x600
[ 1132.940232][    C1]  ? process_one_work+0x7a1/0x1160
[ 1132.945388][    C1]  process_one_work+0x898/0x1160
[ 1132.950485][    C1]  ? worker_detach_from_pool+0x240/0x240
[ 1132.956165][    C1]  ? _raw_spin_lock_irq+0xab/0xe0
[ 1132.961238][    C1]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 1132.966652][    C1]  ? kthread_data+0x4b/0xc0
[ 1132.971207][    C1]  worker_thread+0xaa2/0x1250
[ 1132.975946][    C1]  kthread+0x29d/0x330
[ 1132.980061][    C1]  ? worker_clr_flags+0x1a0/0x1a0
[ 1132.985126][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1132.989766][    C1]  ret_from_fork+0x1f/0x30
[ 1132.994236][    C1]  </TASK>
[ 1132.997669][    C1] Kernel Offset: disabled
[ 1133.002133][    C1] Rebooting in 86400 seconds..