last executing test programs:

24.048095297s ago: executing program 2 (id=208):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x20000, 0x0)
ioctl$TIOCCONS(r0, 0x541d)

23.884059148s ago: executing program 2 (id=209):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x20001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r2, 0xaea2, 0x100000001)

23.672017739s ago: executing program 2 (id=213):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000180)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
socket$netlink(0x10, 0x3, 0xc)
removexattr(0x0, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r5, 0x4c80, 0xfffff)

22.618456846s ago: executing program 2 (id=216):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000040)='./file2\x00', 0x300001a, &(0x7f0000000a40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fef3eb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcbe2f83150503b2076b7591149e6f426564f017ebe1f8253e880de2f63aff6ea337c137b607ffb0291b1223f578ec8b5a9568984ae47e157363144ea5ae13358e354cf1c896ddf139d580411f7676b8302974b5c65aec8de25c8f41a1459baeeb26d0ad35d101ec17dcca961fbae721d31bd58956c1d97c26e2926fe3ac0ce3f7ec46265a2df602d66bf5d34cd7f4097d6875640c0cc409408cbf931447c0ec0f15f5f4c359530d99275d78e68cc061f73375ffea29733d768484", @ANYRES16], 0xd, 0x2aa, &(0x7f0000001300)="$eJzs3cFqK2UUAOAzSZpGXSSIG0VwQBeuyq1bN41yBbErJYK60OC9FyQJhRYCVjB21Sdw6Xv4CG7c+AaCW8Fdu6iMTGamSWhSQ40p9H7f6jD/f86czF/SVc589fpo8OQoibOL36PVSqJ2EAdxmUQnalH5IRoBADwcl1kWf2V3yWzUNt8NALANxf//wn33AgBsxyefff5R9/Dw8cdp2opX2+fjXhIRo/Nxr1jvPotvYhhP41G04yoiu1bEH3x4+Dgaaa4Tb40m416eOfry17J+98+Iaf5+tKOzPH8/LczlT8a9nXgx0ug+26labccry/PfWZIfvWa8/eZc/3vRjt++jqMYxpPIc2f53++n6fvZjxfffZHfJs9PatHbne6byerbPBcAAAAAAAAAAAAAAAAAAAAAAB62vTRNivE90/k9+aVy/k79arq+l1Y6i/N5ivykKlTMB8qiHNEzyeKnar7OozRNs3LjLL8RrzW8WAAAAAAAAAAAAAAAAAAAAAByJ9+eDvrD4dPjjQTVNIDqZ/13rXMwd+WNOB3066sL7q5/r/lpA3mvt26ORiM29Fj+LXgh72fjlXdnh/tpFEF1MBu918vvFUVPB/20XKoe8qCfRLN64MvTW9XB/Ty/1IzFzcl1wXUby6Z/ElfZ4pm2rltdzGpu6Gk0X1q69HeWZevVefeP4ozKK8l0xMZ6d98pg6UfMA9aN8/9l9UFV35l1P/TFw4AAAAAAAAAAAAAAAAAALDS7Ee/SxbPbk2t/W9NAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCWzd7/XwWtiFi8ciOYlMm37SmDZhyf3PNHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DnwTwAAAP//0hxJIw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.self_freezing\x00', 0x275a, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000040), 0x7, 0x20080)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001280)={r0, 0x0, {0x2a12, 0x80010000, 0x0, 0x10000000000000, 0x1, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea80000000000000000000000deff0000100000000000000000000000000800", "2809e8dbe108038948224ad54afac11d875397bdb22d0000b420a1a93c7540f4767f9e01177d3dd40600000061ac00", "90be8b1c55f96400", [0x8a2]}})

20.897137317s ago: executing program 2 (id=217):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}, {@noquota}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x4010, &(0x7f0000000100), 0x41, 0x5c4, &(0x7f0000000bc0)="$eJzs3U9oG1caAPBvRlacP951FnZhd8kh7C5kIUS282c3u6fkWhoI5FDopTWyYoJlK1h2GxtDnXsozaG0JZf01h56bOmhh9JLj7320tJzITSmhTiHVmWske04UiKnlp1avx+M9N7MWN974/meNMMME0DfOp69pBF/i4jLScTwpmUDkS883lxvdWWp/HBlqZxEo3HlhySSiHiwslRurZ/k70ciYjki/hoRXxQjTqbrH3mgVagvLE6NV6uV2bw+Mjd9faS+sHjq2vT4ZGWyMnPmv/87d/7subHTY5ub+7CxuVbcXl9vfXv7zVtfvXD39ocfHVsuvz2exIUYypdt7sdOam6TYlzYMv9sL4LtoeSpM3geFfI8z1LpLzEchTzr22lsHhwGd6V5QA81BiMaQJ9K5D/0qdbvgOz4tzXt5u+PexebByBZ3NWVpfIb0Yo/0Dw3EQfXjk0O/5g8cmSSHV4e3c2Gsi8tH4qI0YGBx/f/JN//upK0O90x2nn9s0Pbbyo98PnF5j/q8f9/uj7+RJvxZ6h17vQ3ao1/q/n4l03Nk7Ab8Qsdxr/LXcb4+eXv3usY/+Zg/D2LH8sb8fMIrfhJm/hpRLzaZfw7L316vtOyxvsRJ2JL//P4LcmTzw+PXL1WrYw2X9vG+OzEsf937n/E4Q7xm+dsD659zWzu/4G8TWmX/f/ky4//sfyE+P/+52Pxl5P1/av99s+Grbe6jP+nBx+82GnZvZvJ/exXQLv+Pyl+EsW422X8/1w4/k1edNYQAAAAAAAAAAB2ULp2LVuSltbLaVoqNe/h/XMcTqu1+tzJq7X5mYnmNW9Ho5i2rrQabtaTrD6WX4/bqp/eUj9TyAMWDq3VS+VadWKP+w4AAAAAAAAAAAAAAAAAAADPiyNb7v//qbB2///Wx1UD+1XnR34D+538h/71aP63e5QpsF/5/oe+1ZD/0L/kP/Qv+Q/9q1P+H9rldgC7z/c/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQE9cvnQpmxoPV5bKWX1iYGF+qvbaqYlKfao0PV8ulWuz10uTtdpktVIq16af9nlJrXZ9NGbmb4zMVepzI/WFxVema/MzrWeKVoo97xEAAAAAAAAAAAAAAAAAAAD8/gytTUlaiig262laKkX8ISKOJpFcvVatjEbEHyPi60JxMKuP7XWjAQAAAAAAAAAAAAAAAAAAYJ+pLyxOjVerldneFQbyUD0M0X1hYDsrR8TyzjYj+8Rt/1Ux34B7vOn2R6HQu/1w6Lno4E4V9nBQAgAAAAAAAAAAAAAAAACAPrVx02+3f/FL9nKwp40CAAAAAAAAAAAAAAAAAACAvpN+n0RENp0Y/tfQ1qUHktXC2ntEvH7nyjs3xufmZsey+ffX58+9m88/vRftB56uMdx8b+ZpGhFZHgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb6guLU+PVamX2GQuDXayz130EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBa/BgAA//+e8s64")
r1 = inotify_init1(0x80000)
inotify_add_watch(r1, 0x0, 0x101)
lsetxattr$system_posix_acl(&(0x7f0000000280)='./file1\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0)

18.761361031s ago: executing program 2 (id=226):
socket$inet(0x2, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x3, 0x4, 0x801, 0x1, r0, 0x15b4}, 0x50)

18.360332813s ago: executing program 32 (id=226):
socket$inet(0x2, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x3, 0x4, 0x801, 0x1, r0, 0x15b4}, 0x50)

18.315516033s ago: executing program 4 (id=230):
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000180)='./file2\x00', 0x14018, &(0x7f00000005c0)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303830392c73657373696f6e3d3078303030303030303030303030303130312c706172743d3078303030303030303030303030313030312c626172726965722c756d61736b3d30303030303030303030303032303030303030303030302c63726561746f723d1eeb39072c6769643d", @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX, @ANYBLOB="2c747970653df606a15d2c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c63726561746f723daf2afe272c756d61736b3d30303030303030303030303030303030303030303030362c61707072616973652c657569643c", @ANYRESDEC=0x0, @ANYBLOB=',obj_type=}}@@[/-,uid>', @ANYRESDEC=0x0, @ANYBLOB="0080"], 0xdf, 0x6c8, &(0x7f0000000d40)="$eJzs3ctvHHcdAPDvzK7tXSMlTpu0BVXCakRBWCR+yAVziUEI+VChCg6cV4nTWNm4le2CGyEw72sP/QPKwTdOSNyDyhkuCI4Wp0qIXDj5tmgeu157d+11nHht+Hyi2fnN/N7fnZndWSuaAP5vrcxE9UkksTLz9na2vbe70NzbXZgos5sRkaXTiGqximQ9Ivk0YjmKJT6f7SzLJ4P6+Xht6ft//8/eZ8VWtVzy8mlvvZ+1IuJLw89ip1xiOiIq5brXWO+u2snt3R3YXmGiK91//kknJwvYzXbgYNRaPXZOU33g+Q5cHknxudljKmKy/JjMP+fKq0N6vqN7/k51lQMAAIARW/n3jfnTlK+X66v7sR/bl/42HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM5V+fz/pFzSdno6kvbz/8fLfVGmL7Unox4AAAAAAAAAAPQY69kz0U7c6V/ji/uxH9txpb3dSvK/+b+Rb1zPXz8XH8RmrMZG3IrtaMRWbMVGzEXEVFdD49uNra2NuSFqzvetOX94XJXhJlwbrhgAAAAAAAAA/M/7Rawc/P0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAugiSiUqzy5Xo7PRVpNSJqETGelduJ+Gs7fUkk/XY+Of9xAAAAwJnUnqHO1f3Yj+240t5uJfk9/yv5/XItPoj12Iq12IpmrMa98h46u+tP93YXmnu7C4+y5cxDz1uM4reH/j2/lpeox/1Yy/fcirv5YO5FmtfM/DMiHrXH1Duunz/N2r5T+PGQI7tXrrPOPmr/ijBx5gk/B1MR1TTGOhGZzcdWHATXuqPQG4lvPR3U6HKxqh7tKbp7mou088vP9aKHLHlizO8MObPJcp3N5zeDfrl53moHne4MLNSJRBp5JOa7jr5Xjo95xJf/+PuPHjTXHz64vzlzLlN6kY4eEwtdkXh1iEj88MJGonp8dnp0x2y+80ZneyW+Gz+ImZiOd2Ij1uJH0YitWI2knGmjPJ6z16njI7V8aOudk0Y+Xr4vlXKgJ49pOr6TpxrxRl73SqxFEu/FvViNt/J/8zEXX4/FWIylrnf4xsBx53PLz/r0dGf9za+UiXpE/LZcj1pxUcjieq0rrt3X3Kk8r3vPQZReOv7d7b02njzl6hfKRNbHL/sdjiNzNBJzXZF4+fhI/K6VvW421x9uPGi83+fTtZWM5eu/3YxotYp9b5Z52RH365O//vzprPM7Qdd1LDteXopaeSW5FmPF0CrtvJc7V5nD8Rov/+JS5KVH8mrZ+ZwWPRVn6vcGnqnj5Xe43pbm87xX++Yt5HmvdeV1f9+KeC+ane9DAFxgk1+dHK//q/6X+if1X9Uf1N+ufXviGxOvj8fYn8e+WZ2tvJm+nvwhPomfHtz/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz27zw8cPG83m6kb/RFoZmDUgEa3HDxvtJ/kMWys2k/JJOqfqa1SJziN/Lsh4XkCiGklPVjbj59NF+yGCp6s123tELY8yUP84ba2oDTXlyTLRulpE6VRdTB09MiMGFJ4oglkZcJ6Wb9GzPFwUuBRubz16//bmh4+/tvao8e7qu6vrY4uLS7NLi28t3L6/1lydLV5HPUrgRTj43n7YhXjSNQAAAAAAAAAAANDXefx/iVHPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjcVmai+iSSmJu9NZtt7+0uNLOlnT4oWY2INI1IfhKRfBqxHMUSU13NJYP6+XhtqRIRnx20VW2XT4+p15oYahY75RLTEVEp12dwqL27Z24v6cwwi9XNduBg1P4bAAD//21q7G8=")
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0xc8c4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r4, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

17.199243541s ago: executing program 4 (id=234):
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000240)='./file0/../file0\x00', 0x89901)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
memfd_create(&(0x7f0000000000)='\xff\x00l\x1e\xa0</\x00\x8e._\x14zC\x9a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-\xe2\xc7\xd3\xe6M^\x98\x85x\x14\t\xe9Q1\x1dK\x9a\x045\xd3\x17\xb22\x00D(\xd2\xdd\xa0\xff\x1f\x00\x00\n\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xe36g\xfd\xd2\xd4\xe3\x1f\xa6\xc6\xe2\xa6!\x9aE<2`]<\xf2R?8\xb8\xa3\xbf\xc3\x18s\xf7!~0\xc7y\xe2\xb2VP\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yxm\x96\xbfS\x97\x9c/\x1f5i\xc6\x861\x8a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd26<Z|U6\r\xd7\x18\xad\x1d`\x06\xcfN\a\xf9\xd7 \x1a\xd8\xef\xb6\x9e8Z\t:#r\xa2\xb1h\xc0\xc0a\xa9\xc46A\x01\xac\xe6\xbf !5I\xc9<\x19{)\xa4\xad\v\x923\b\x9d\xbd>,\xc1\x8d\\Rxt\'\xb6\xbf\xc8*\n\xaf\x1b\xec\xfd\xbbY\x99\xb3\x06c\xd6\xf6\xb0\xcd=\xf3\x03`\x93\xff\x05e\xaa$\x00\xeaw\xd9\x10\x0f\x1d\x888\x8cS\x12?R\x99\xda7\xce)\x8f\xcc\x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd32J\xd7\x9f\xea:=\xcc\x17(|L\xda\xc3\x1ca\xe8s\xb6\xebw\xc7\xabS\xd7pJ\xd2\xa1\xcf\xae\x1f2\x9f\x98\xa80\r\x85\xb4\x86\xbc\xd0\xea\xbf\xb1Z\xb7e$\xcf<\ra\x9b\xa5\xdc\v\x1e\xfd\xc7\x91\xf22\xcf\x96\x99\xc1\xbb\xa1j\xe5\xa8\x7f\a\xa9\xa7G\xad\xa3\x8b\xf1\xdb\\]R\x8cf\xac1\xd7V\xaf\xb5\x8e\x10\x95\x9f=2\xd0-\xe1K:\xc3b\x89\x15OS\xa5\x98Ky\x12\xe7Qt#\xeb\x99\a\x10\x1c\xb3N\x85\xeb\x80\x05\x82_\x15\xdc\xbc\xf93\xdd\xf5g\x98\xd4\x8az\xe4`\xa5\x00\x00\x00\x00\xcd\x13\xfc+\xac\xe5\x8bI\f\xd6\x89\xc7HY\xcf\x00O\x88\xe6\x8b\x8bF/\x82u\xffCnG\x02\x82\xfc\xe9Od\x92\x06\xdeg@y\xa6=4\xb1}\xa8Yr\xad9\xb9b)\xec}\x87=\x91:IV\xab\xdf\xa2\xba+6D\x1fuf\xdeJYw$L\xa1\x83NH\xe3\xf2\x91\x8cW\xb7\b\x04\x12\x8b\x8bV\x19\xf1\r\xcb\x94\xa3\xf4\xe4\x97$\x99c\rG\xd7#\xe2\xfd\x80\xadR\x83\xdc\xb8d\x15|\xac\xb8g$\x0f@\xca3\x9f\xb1\xea\xc6vQ\x1b\xdb#\xa3\"\x9f\x9e\xd8\xba\x13d\x9bx\x9a\xbf\xee\xf2kQ\xe0\xc4/~7\xcd\xd1\x06\xe5\x17\x9b\bW|\xbc\x86D\x05\xaf<\xdfy,I2f\xa7G\xe3Qp<\'6 x\n\x94f\xf8\xa2\xea\xf4\xa5\x9eY\xf80C\x91\x7f\x16u\x8c(Xl\x90\xd2\x9f\xa9\xb9kJy[\x93\xfe{\xe5\x1a\xe9\xb7T\x19;\xb9\t\xe7\x0ei\xfaZ\xfbS:\x9b\xc1r\xcbM.\xf8\xb8wR\xb3p~b\xcb\v1-\a-\x8a#\xaa1\xa9\x9a\x88\a\xc5\xb9*\xd3?\xac\n\x9c\xcd\xe2\xc9\xbd\xeb\xb3\xf65\xbdaP\t\xd6\x06\x1c\xeeNg\x92>\x92>\xaf\b3\x05\xfdM\xd2F\v\xbd\xeb\x83 \x9d\x90S\x11w\xefg\\\xca\xe2\xfc~w\xbe\xefh#\x96\xa5h\xec\xbfr\xc8Bi\x90\"(\xf2\xc6\xcc\xfbX\x14{\x9e5\x87\x91\xe2\x9b\xd4\xc6\xc2whk+\x0f\x82\xca\xc1@\xcb~P\xe4\x18\xf9E\'\xab\xc7z\xd7\x05V{\xa1X\xa3\x10\x13.]tlz\x12\xde\xf2\xa43\xee#\x92J~\xda \x9b\xc4\xc0V\xb3\x9dCO\x1fu\x1c4\x1d\v}\x1b\xe5>w\xfbsm\xa3\fI|\x96-p\x86\xd3O\xfa\x9a\x8f\xb2\x8e\x88qGEG', 0x6)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4140aecd, &(0x7f0000000100)=ANY=[])

16.950954962s ago: executing program 4 (id=235):
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x804cd8, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRES64], 0x3, 0x232, &(0x7f0000000500)="$eJzslb9uE0EQxn97t/HFYKTUVJGwSBqI7UiIMl1egAfAco5g5cwfnyWwZcmGJg00vEQkaioqCiToKRAC0SQFSDRBVEHI6G5nz3dgOzYK3X2SPd/OfjO7e7uzezu8H3rAr+N+gxViKEp8VAoNrCnjOykY+13sSPBFm3ZV/M/FHokNu713Twzt7dWDwG+H3WnEIyZKwVSNJTIs1ta3X6ZEesJgVnlq6rePsx7FRLEDzF7PWRIHZVc67uq4xvV31CDj8eh9GmuKhpjYItMH9WZ/sQvZrv6LOZdTlLR/djljjYOQ1XnOTWalhvwoZT5U8HVilNob/OumLPG/9x1iEm3uzxIztsmQD88mf9WYuBJelPMT7exi81HMJ36a9XQNkctgoa08mniwx4fE4/Q8oa2acPuRraD3x/1GxG4CWzKvHfOTcjKaqPFabrrId1HDEJTLSFmNhq2osQZsdFr3NsJu70qzVd/1d/07tdrmtcqb81KiowE0A7+ylBoiKeohCc6l+iPtZ510pVTEkXZqEqcKmLlpJQKJXb9krGsqHicVm85h8r5KlmcvAJcWN7jMMvBgqFahJtnKRNnccbCL5lYz8Ks6NU84wWE57rjauBvs7KNQoqwcoHFs2CFLSaOGaUTp/c3ryfL3xZbj/+Vk6gdiD8Xat8u+STrO8E1a60Mo8LDe6bTt40W7mvhqBY2wlWRkR0a1r6G9k8se80MtoM2RI0eOHDly5Dhz/A4AAP//Z98fTg==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)

16.575360424s ago: executing program 4 (id=240):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000c00)='./file1\x00', 0x400, &(0x7f0000000100)=ANY=[], 0x1, 0x692, &(0x7f0000000540)="$eJzs3U1sHGf9B/DvrnfX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXju3sOrHXFp9PNDvPM8/LPM9vZnZ2ZxU5wP+sq2fTeJRarp59c6XIrz6c7aw+nL3dTyeZTFJPGr1VaneS2kfJlfSWfKbYWHVX224/HyzOvf3xp6uf9HKNainr13dq94TL9S02PqiWnE4yUa2fwYb+rm3qrzVyd7W1GRYBO9MPHIxbM0l3g++eXC95quGvW+DAqvXum09c0NPJkSRT1eeA3l2xd88+1B6MewAAAACwD174ZfkV/ui4xwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHSfX3/2vVUu+nT6fW//v/rWpbqvSh9mjcAwAAAAAAAACA0X3z/zdt+NzjPM5Kjvbz3Vr5m/+rZeZ4JpP8X97P3SxkKeeykvksZzlLuZBkuqzVLF9bK/PLy0sX1lpm25YX11pmoOXFIWfQfpbpAwAAAAAAAMDh0Bi9yY9zdf33fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAhqyURvVS7H++np1BtJppK0inoPkr/20wfSr/80mOv+u1t6otqj/RwTAAAAjMkLj/M4Kznaz3dr5Xf+k+X3/qm8nztZzmKW08lCrpfPAnrf+uurD2c7qw9nbxfLk/1+9R8jDaPsMb1nD1vv+VRZo50bWSy3nMu1vJtOrqdetiyc6o9n63H9qBhT7Y3KkCO7Xq2Lmf8qzZFmtRu1oWtOlxEpRtSLyEzVtojGsZ0jMeLR6e+pH/sLqa89+Tn+PGO+0lu9/tveupjPz0eKyV7bHImLA2ffyZ0jkXz+j7/7zs3OnVuTN+6ePThTGsHkwBO0zZGYHYjEy8NG4uZhjcSgmTISJ9byV/ONfDtnczpvZSmL+V7ms5yFnM7XM5+JzFfnc/E6vXOkrmzIvfW0kbTK49Ks3kWHH9Ny5vNq2fZoFvOtvJvrWcjl8t/FXMjruZRLmRs4wieGuOrro73TnvnCwMPkXyRpD9duHxQDO7Z2dxo862fK6+DYhi3rUXpxF++NEzsPpfHZKlHs4yfV+mDYHIkLA5F4aedI/KZ8W7nbuXNr6eb8e0Pu77VqXVxHPztQd4nifHmxOFhlbuPZUZS9tLlsqhevVvWLS69s4x23KDuxVrbjlVpdOCe37Oli2dPLW5bNlmWnBso2fN660vu8BcCBd+SLR1rtv7f/0v6w/dP2zfabU1+b/PLkK600/9z8SmNm4rX6K7U/5MP8YP37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsHt3792/Nd/pLCxtSnS73R9uU7SHiXaS/pbkaa2aeXqdvUm0kpSJRj8xWj+TQ1VurR+dN37/LGNujtoqeS6BalQn2b37t/7Z7Xb3/TBtkWjucM6vJ7qVJ4q6QzUfW+Jf3efX4ZjfmIA9d3759nvn7967/6XF2/PvLLyzcGfu0qW5mblLl/92/sZiZ2Gm9zruUQJ7Yf2mP+6RAAAAAAAAAAAAAMPaj/+WsM2u/7PPUwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqatnJ6vUuZnidfXhbKdY+um1imW1epLa95PaR8mV9JZMD3RX224/HyzOvf3xp6uf9HKNainr1ze0a+5mFg+qJaeTTFTrQVPP0N+1ar2rkZVqazMsAnamHzgYt/8GAAD//0JGEW0=")
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)
r0 = socket$packet(0x11, 0x3, 0x300)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
alarm(0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0xf8)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)

15.537890761s ago: executing program 4 (id=243):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB], 0xf)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
r3 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r3, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
statx(0xffffffffffffff9c, &(0x7f0000002c00)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2000, 0x8, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002f40)={0x2020}, 0x2020)
getresgid(0x0, 0x0, &(0x7f0000005000))
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)

14.786849236s ago: executing program 4 (id=246):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002040)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0x0, 0x4, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0xfffffffb, 0x0, 0x0, 0x1000}}]}]}}}]}, 0x64}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)

13.559505964s ago: executing program 33 (id=246):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002040)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x34, 0x2, {{0x0, 0x4, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0xfffffffb, 0x0, 0x0, 0x1000}}]}]}}}]}, 0x64}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000045, &(0x7f0000000140)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)

9.150139242s ago: executing program 1 (id=265):
r0 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x121140, 0x13d)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000d, 0x12, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

8.918826674s ago: executing program 1 (id=268):
r0 = syz_clone(0xc200300, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000000)='map_files\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
fchdir(r2)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={r3, 0x20, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0}}, 0x10)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x125)
getdents64(r4, &(0x7f0000000180)=""/107, 0x6b)

7.755646821s ago: executing program 1 (id=273):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x20045c, &(0x7f00000000c0)=ANY=[], 0x1, 0x1235, &(0x7f0000000ac0)="$eJzs3E9rHGUcB/BfNqlZU/NHrdVW0Ae9eFqaHDwJEiQFyYJSG6EVhCmZ6JJxN2SWwIoYe+pVb74G8ehNEd9Arr4Cb715ykEcYSdtsrVBozFb7OdzmR/7m+/M87DLwizPs3ff+PKTzY2ytZH1ozExEY2tiLSfIkUj7nlptT7euLm63G6vXEvp6vL1xddTSnMv//jBZ9++8lP//PvfzX0/HXsLH96JpV/2Lu5duvv79Y87ZeqUqdvrpyzd6vX62a0iT+udcrOV0rtFnpV56nTLfHukv1H0trYGKeuuz85sbedlmbLuIG3mg9Tvpf72IGUfZZ1uarVaaXYmONa5vz5l7Zv9qvohoqrOxRNRVVX1ZMzExItfRcRcfBERT8cz8WxciMm4GM/HC3FpeNZZDB8AAAAAAAAAAAAAAAAAAAAeH/vD3fyj+//Px1MxG3MxHwv39/8/Z/8/AAAAAAAAAAAAAAAAAAAA/Gfeu3FzdbndXrmWUjOiuLOztrNWH+v+8kZ0oog8rsR8/BbD3f+1ur76dnvlShqajIjdg/zuztrkaH5x+HcCB/mpYe9efrHOp7hdHMlPx0ydb0ZEHksxHxeO3L95mF96aL4Zr7165P6tmK92I3pRxPrw3of5zxdTeuud9gP5y8PzAAAA4P+gle5bGH3+rZ/fW63j+nX+BL8PPPB8PRWXp8Y7dyLKwaebWVHk26NF80+vjK2YfjSGcZKi8W/i03FsqzHS+vrniHHP9JEomgef5dO44MSZD/40rnP7VOY+Woz5i4kzcfimj3skAAAAAAAAAAAAnMTfWQ/4a/zjVYRT8ZCVZW+OZ6oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//72mw60=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x800, 0x6)
creat(&(0x7f00000000c0)='./file0\x00', 0x54)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x2004000, &(0x7f0000000280)=ANY=[@ANYRES64=0x0], 0xfe, 0x1227, &(0x7f00000024c0)="$eJzs3M9rHGUYB/DHTdrUxPxQa7WC9MVe9DIkOXhRkCApSBeUthFaQZiajS4Zd0NmCayI0ZNXL/4BXsWjN0G86SUe/Bu85eLRgzrSnbY2djVotRPD53PZh33nC8+7s7zwLvvO/gsfv7O5UWYb+SBaD7wYra2IyV9SpGjFLR/Es89/8+1Tl69eu7jSbq9eSunCypWl51JKc+e+ev29z5/+ejDz2hdzX07F3sIb+z8u/7B3Zu/s/q9X3u6WqVumXn+Q8nS93x/k14tOWu+Wm1lKrxadvOykbq/sbB8Y3yj6W1vDlPfWZ6e3tjtlmfLeMG12hmnQT4PtYcrfyru9lGVZmp0O7sXaZz9VVRVRVSfiZFRVVT0Y09GKh2I25mI+FuLheCQejdPxWJyJx+OJODu6qum+AQAAAAAAAAAAAAAAAAAA4HgZd/5/5q7z/59EjDv/f67h5gEAAAAAAAAAAAAAAAAAAOCYuHz12sWVdnv1UkqnIoqPdtZ21urXenxlI7pRRCcWYz5+jtHp/1pdn4z26mIaWYgPi92b+d2dtYmD+aXR4wTuyl94ub26VOfTwfxUTN+ZX475OD0+v/yH/PlR/lQ8c/6OfBbz8f2b0Y8i1uNG9vf8+0spvfRK+3b+u7167usN3hcAAAD4N2XptrH79yz7s/E6f9jvAzf214tj9/eT8eRks3Mnohy+u5kXRWe78eJWR/U7uxFxRBr7x0UrIo5AG39RnDj0mpkGGvt0JuIe4hMHvkhH4nP+PxaHrRwT/+m6xP1x86ZPNd0HAAAAAAAAAAAAf8/9+Dth03MEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dd24FgAAAAAQJi/dRodGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAQAA//+siMjP")
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
epoll_create(0x1)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x120002)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000040)={{0x2, 0x0, 0x4}})
socket$unix(0x1, 0x0, 0x0)
truncate(&(0x7f0000000140)='./file0\x00', 0x3)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000040))

6.652785278s ago: executing program 3 (id=280):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getrlimit(0x1, &(0x7f0000000040))
r0 = getpid()
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x9, 0xbaf, &(0x7f0000002f00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5mm6cwcE38/eHPe97wn8zxPTmfOe2BOA/jHms5+pBGHIuJsEjFZ359GxFC1NxKxWTvu/t3L81lLolJ5+7ckkoi4d/fyfOO1kvp2vD4YiYibryXx749a466ubyzPlcullfr46Nr5S0dX1zdeWTo/d650rnThxOyrJ2ZPzs52sdbbl9774pkf3nj+6vWPZ978/MB3SZyOifpccx3dMh3TW3+TZoWImOt2sJwM1OtprjMp5JgQAAAdpU1ruP/GZAzEw8XbZHz7Y67JAQAAAF1RGYioAAAAAPtc4v4fAAAA9rnG9wDu3b0832j5fiOhv+6ciYipWv2N55trM4XYrG5HYjAixn5Povmx1qT2a09tOov09felrEWPnkPuZPNKRPx/u/OfVOufqj7F3Vp/GhEzXYg//ch4L9V/ugvxn6z+4S5EBICIG2dqF7LW61+6tf6Jba5/hW2uXbuR9/W/sf6737L+e1j/QJv131s7jHH4wUs32801r//e/eTnhSx+tn2qop7AnSsRhwvb1Z9s1Z+0qf/sDmOMz9++1m4uqz+rt9H6XX/lesSR6mqutf6GpNP/T3R0calcmqn93Ob11092jt98/rOWxW/cC/RDdv7HYnfn/9IOY0z979dD7eYeX3/6y1DyTrU3VN/z4dza2sqxiKHk9db9xzvn0jim8RpZ/S8+1/n9v1392WfCZv3vkP3ruVLfZuOrj8QcP3L8q93X31tZ/Qu7PP+f7jDGl99ce7/dXN71AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA3pBExEUla3OqnabEYMR4R/4mxtHxxde3lxYsfXFjI5iKmYjBdXCqXZiJisjZOsvGxav/h+Pgj49mIOBgRn02OVsfF+YvlhbyLBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMt4RExEkhYjIo2IPybTtFjMOysAAACg66byTgAAAADoOff/AAAAsP+13P8X/jIa6WcuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EsHn71xK4mIzVOj1ZYZqs8N5poZ0Gvpzg4b63UeQP8N5J0AkJtCU79SqVRyTAXoM/f4QPKY+ZG2M8NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv68XDt24lUTE5qnRassM1ecGc80M6LU07wSA3Ax0mkweuwPYwwp5JwDkxj0+UFvZP6jUtM6PtP3N4aeOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeMVFtSVqMiLTaT9NiMeJfETEVg8niUrk0ExEHIuKnycHhbHws76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoutX1jeW5crm0oqOj08XOaPQt1mj9zdzmmOH2Ux06OX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQi9X1jeW5crm0spp3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeVtc3lufK5dJKDzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DAAA///6CAm5")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r2, 0xc0505510, &(0x7f0000000080)={0x0, 0x46, 0x0, 0x0, &(0x7f0000001c00)=[{}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000b80)={{0xeb9f, 0x1, 0x0, 0xfc5f, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0xfc5f}, 0x20)
ioctl$EXT4_IOC_GETFSUUID(r1, 0x8008662c, &(0x7f0000000080))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x2d)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000003f040000000000002d400300000000006504000001ed00007b130000000000006c440000000000007b0a00fe000000007b13000000000000b5000000000000009500000000000000023bc865b7a379d17cf9333379fc9e94af69912435f1a864a710aad58db6a621a464a3778433e6e393002e7f3be361957adef6ee1c8a2a4f8ef1e50bec919bc461e91a7168c5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec5dd6fcd82e4fee5bef7af9aa0d7d600c095090000100000000031eaebbdbd732c9cc00eec363e4a8f645679c294392cf538b07ce2646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75d80000000eda88c658d42ecbf28bf7005005b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fc152b7b9da074e1320060d0b11008e59a5923906f88b53987ad1714e72ba7a5b74f0c33290933896a59ff61622cfd9aa58fe8d485f062ae2c0cc65c2a36aaec2477584b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03fb8a63e089679216da18ec0ae564162a27afea62d84f3a10746443d64364f56e24e6d2105bd901204a1deeed415561c459565b1cd17572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f98928d5e9b94ff9ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cff538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6f8c3a13596c2ea3e2e04cfe0e669e51731b2875353193f82ade69d0540059fe6c7fe7c00007502c7596566d674e425da5e87e59602a9f6590521d31d381eb3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c95300000000010000003baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2e454da0c052427d14c37960242b104e20dc2d9b0c3567aea26454a47b0f0797a7308d402ccdd9069bd50b994fda7a9de54022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c03987d198899b212c53c18294270a1ad10c80fef7c24b78b4ad83238273f4fc87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e57fb1c1ca57138000b4ead35a385e0b4a26b702396df7e0cbe02b6e4114f244a9bf93f04beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208165b9cdbae037f27feeb744ddcc536cbae315c7d951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0602a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844cea001ddeb6dc5f6a9037d2283c42efc54fa84323a3c3e6e4fd2e078b796a825b3dad9ce7b37507e0b83c3ecd01549bca6a016b3e18a00c748894dc3bfe5efda8b0a477d6a6562fdee45eb16e276dee992094ba9830f6c164179e7d532d86060bea930118d3cae1bb5916b9671b7000000000040f4bee5ad2dea2d070095265504c05bba38b095e1679f96ddef65ba5de9c8cfb6465ae4165c0689a314a6eb6b36aa705b957edef3035e14b879c8e7dc00624726042e00bf9a7f7ae5f308744770759558e4fcb99c0dc957521ef255362bf2f3966f3754e81fb9bdef22c19f5a49147b25393f7536bcda9f64b7c5640bf89d4a74d51dc233dee628c1dfbb55669f84784174b34eb234481547e484c6af101396b6977dd668b401391c1d2e242edccf1cabe6be9868d383ebf1db5aee9b73e92bb82c164ab14bb25189817742e054886ed6d7abbacf6319f3c050e7d53df64633eafcb64291b81188fab69b5a06fe029ce46c5cac1bb1ea8ea98aee207fa4c9618a9ce80bd8b530f4b9ba8860bf1e887ec670312ef0502e3d0a0e30dbaf38c042b7fd207c61e6b73d3b61d194acb4bf4d3e0187d62ee27cbee175eb2312209f68747eeeea30c1634d54799f42753df8e7462c6f5331ea8e56b5c4a373dfe9f111d0206f4e90f71c03bc24960dd84345e59e1289d47a929158babfb331f27370928198d2cd367e928e98c54c67b6382cb958fec947d2ece3695755bc71d55a84bb0a0da43cb9f526a20566e9d00cf9fe6be3adf3e0a05771d66664239d199ce84aa7f684c0ce4c342a85d654624736a3b9b067e2bd298ae8a2527ce59fba9448b13655281431335496da08ac626fe0b57ebb4ad0b9495a183587108b4308bc68eeca9062873703ed0ee726"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x94)

5.690709754s ago: executing program 3 (id=283):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x64, 0x1, 0x9, 0x401, 0x0, 0x0, {0x4, 0x0, 0x3}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x2}}, @NFCTH_TUPLE={0x44, 0x2, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x40084)

4.531786961s ago: executing program 3 (id=284):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x20000000)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
recvfrom(r1, &(0x7f0000000080)=""/94, 0x5e, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)

4.483996081s ago: executing program 0 (id=285):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x11, 0x0, 0x7ffc0002}]})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)

4.414064742s ago: executing program 3 (id=286):
socket$key(0xf, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
openat$yama_ptrace_scope(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x200000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6(0xa, 0x3, 0xff)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e23, 0x9, @local, 0x9}, 0x1c)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
mlockall(0x4)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000080)="f36b4e96df5d87b82f69b7868c9a534d6de2d3f1fc8ff2c693dd49c230347a2db044da732480cd3f36", 0x29}], 0x1)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f00000000c0)={0x0, 0xfffffffffffffdc8, &(0x7f0000000040)={&(0x7f0000000000)={0x20, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x8000061, 0x2}}]}, 0x20}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r5, 0x26}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={@map=r7, 0x5, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0x503, 0x0, 0x0, {}, [{0x8, 0x1, 0x2}]}, 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0600000004000000101000008900000000000000", @ANYRES32, @ANYBLOB="000000000200000000000000000000000a000000"], 0x50)

3.861417116s ago: executing program 1 (id=287):
r0 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file0\x00', 0x14542, &(0x7f0000000b40)=ANY=[], 0x0, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ftruncate(r1, 0x6)
r2 = openat(r0, &(0x7f0000000000)='./file0\x00', 0x8500, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(r2, 0x82307201, &(0x7f0000000140)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
ioctl$VFAT_IOCTL_READDIR_BOTH(r2, 0x82307201, &(0x7f0000000f40)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

3.435752868s ago: executing program 3 (id=288):
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x840000000002, 0x3, 0x100)
socket$key(0xf, 0x3, 0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0xffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x28c, 0x1}, {0x7}, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x64010102, 0x2000000, 0x33}, 0x0, @in6=@loopback, 0x0, 0x3, 0x0, 0xb7, 0x0, 0x8000000}}, 0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000440)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@oldalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1000}}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

2.269432926s ago: executing program 1 (id=289):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xe, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000001d711861000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @sk_skb=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.162529446s ago: executing program 5 (id=228):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
io_uring_setup(0x5111, &(0x7f0000000100)={0x0, 0x9c54, 0x10, 0x2, 0x1f6})
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r1, &(0x7f00000000c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x3}, 0xa)
readv(0xffffffffffffffff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.083121967s ago: executing program 0 (id=290):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)={[{@nobarrier}, {@barrier}, {@noauto_da_alloc}, {@noload}, {@nobarrier}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}]}, 0xfe, 0x44e, &(0x7f00000010c0)="$eJzs3M9vFFUcAPDvTLflt62KP0DUKhqJP1pafh68YDTxoImJHjCe6rYQZKFKayKEKHrAoyHxbjya+Bd40otRTyZe9W5IiOECmpismdmZsi67pVu2LLCfTzLw3s7bvved2bf75r2dDWBgjWf/JBGbI+L3iBhtZP9fYLzx39XLZ6t/Xz5bTaJef/OvJC935fLZalm0fN6mRqZeL/Lr2tR7/p2ImVpt7lSRn1w88f7kwukzLxw7MXN07ujcyemDB/fueXRk//S+nsSZxXVl+8fzO7a9+vaF16uHL7z787dZezcX+5vj6JXxxtFt6+leV9ZnW5rSSaWPDaErQxGRna7hvP+PxlBsWNo3Gq981tfGAWuqXq/X230+F87VgbtYEv1uAdAf5Qd9dv1bbrdo6HFbuHQo4oMDjfivFltjTyXSosxwy/VtL41HxOFz/3yVbbFG8xAAAM2+PxQRz7cb/6XxYFO5e4o1lLGIuDci7ouI+yNia0Q8EJGXfSgiHu6y/tYVkuvHP+nFVQW2Qtn478VibWtp/PdvPY+/MDZU5Lbk8Q8nR47V5nYXx2RXDK/L8lPL1PHDy7990Wlf8/gv27L6y7FgQ3qx0jJBNzuzOHOTYS+59GnE9kpL/LkkymWcJCK2RcT2rv7ytSuMY89+s6NTqRvHv4werDPVv454pnH+z0VL/KWk4/rk1IH90/sm10dtbvdk+aq43i+/nn+jU/03FX8PZOd/Y+vrP7cU/1iyPmLh9Jnj+XrtQvd1nP/j82qnK6jVvv5Hkrfy9Ejx2Eczi4unpiJGkteuf3z62nPLfFk+i3/Xznbxp/l7XHkkHmmq/7GIeLxo+xMR8WRE7Fwm/p9eeuq9Tvs6x7/MrHwPZfHP3uj8R/P57z4xdPzH77qPv5Sd/715alfxyEre/1bawJs5dgAAAHCnSPPvwCfpxFI6TScmGt/h3xob09r8wuJzR+Y/PDnb+K78WAyn5UzXaNN86FQxN1zmp1vye4p54y+HNuT5iep8bbbfwcOA29Sh/2f+HOp364A1534tGFz6Pwwu/R8Gl/4Pg0v/h8HVrv9/0od2ALeez38YXPo/DC79HwaX/g8DqeO98Wn5s8CruuVf4q5PRNr9sypxmzT+TkpUVvxjFqtMrGu7q9/vTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xXwAAAP//xuLr/w==")
symlink(&(0x7f0000000b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x50)

2.036326727s ago: executing program 1 (id=291):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0x1f400, 0x8, 0xc1})
syz_usb_connect(0x0, 0x35, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xca, 0x9b, 0xd4, 0x10, 0x1199, 0xb000, 0xa898, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x30, 0x2, 0x0, 0x17, 0xb5, 0x1b}}]}}]}}, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
io_uring_register$IORING_REGISTER_RING_FDS(0xffffffffffffffff, 0x13, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.735321209s ago: executing program 0 (id=292):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
read$FUSE(0xffffffffffffffff, &(0x7f0000000c80)={0x2020}, 0x2020)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
r4 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)=@ipv6_delroute={0x1c, 0x19, 0xe8a7ab5761a135c1, 0x70bd2a, 0x25dfdbfe, {0xa, 0x20, 0x0, 0xa, 0xfc, 0x3, 0xfe, 0xb, 0x200}}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = fanotify_init(0xf00, 0x2)
fanotify_mark(r6, 0x105, 0x8971, r4, 0x0)
rename(&(0x7f0000000100)='./bus\x00', &(0x7f0000000140)='./file1\x00')
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x210004, &(0x7f0000000080)={[{@auto_da_alloc_val}]}, 0x1, 0x501, &(0x7f0000000140)="$eJzs3U9vG2kZAPBnnHibpGGdXTgsK7FbdrtKEdRJNvsn4rBsJf6cVkKUexoSJ4rixFXitE1UQfoJQKgCJE6cuCDxAZBQPwJCqgQ3DpxAFaTtgQsyGnvcJo6dJtRrt87vJ03nnfet53mepB7POzOqAzizLkTEpxExFBHvRUQh689lS+w1lvTvPdy/vZguSdRqV/+VRJL1te7zfPay1A++F/Gj5GjcrZ3dtYVyubR5uHv38ur6wkpppbQxOzvz0dzHcx/OTZ+wkmT4uNFXI+KTbz/+xU9/+91P/viNm3+f/+elH+cj4lo23q6ObmiUno+Rc82eY9N86QxlFeX7nQgAACdyMSJej4h3IuJrUYihATs/BQAAACJq3xpv3pmqAQAAAIMpFxHjkeSK2fO+45HLFYuNZ3i/FGO5cmWr+vXlyvbGUjoWMRH53PJquTSdPSs8Efkk3Z6pt59uv9+yPRsRr0XE3cJoul0fAwAAAHrjfMv8/3GhMf8HAAAABoyb8QAAADD4zP8BAABg8Jn/AwAAwED7/mefpUvt4f7t+vcALN3Y2V6r3Li8VNpaK65vLxYXK5vXiyuVykq5VBx69v7Klcr1D2Jj+9ZUdXirOrW1szu/XtneqM7Xv9d7vvR6D2oCAAAADnvt7Xt/TSJi75uj9SX1SjaW72tmwAskGW7puPbVPmUCdMUJLukfdmH780kE6LnWz3Tg7DDHB5LWjpYTg5FOpwp/On0s5xwAANAfk192/x/Oqly/EwD65mf9TgDoG9fi4ezKn/4JQGDAHLn/32Kk08Az7v8/vYZYq506KQAAoKvGG6u9yO4FjkcuVyw+uS2YLK+WS9MR8WpE/KWQP5duz/QxXwAAAAAAAAAAAAAAAAAAAAAAAAB4GdVqSdQAAACAgRaR+0eSff/XZOHieOv1gVeS/xTq64i4+eurv7y1UK1uzqT9/37SX/1V1v9+P65gAAAAwFmUP3a0OU9vzuMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJse7t9ebC69jPvgSozGRLv4wzFSX49EPiLGHiUxfOB1SUQMdSH+3p2IeKNd/CRNKyayLMYenTv0ulxEjPY0/uH60/jnuxAfzrJ7VyLi03bvv1xcqK/bv/+Gs+V5PbhSf5O3jd88/g11OP594YQx3rz/+6mO8e9EvDnc/vjTjJ90iP/uCeNf++Hubqex2m8iJtt+/iSHYk1V169Pbe3sXl5dX1gprZQ2ZmdnPpr7eO7Duemp5dVyKfuzbYyff+UPe3c71p+rrw/Gb9Y50cjwJ53qv3jC+v97/9b+FxvN/NH4EZfebf/7f6O+bv/zT/9NvJd9DqTjk832XqN90Fu/+/NbnXJL4y91+Pk3fv+FWqf6L3UuOTnQPlIzANBfWzu7awvlcmmzB413PujeDpMe5fwyNFbGInoedOTFqL3Xje88936ap8PPs5+/da2udM7QfqjPByYAAKDrnp709zsTAAAAAAAAAAAAAAAAAAAAOLv+r/887O3Tvao15l5/SgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONb/AgAA//9nwsbL")

1.717185429s ago: executing program 5 (id=293):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4840}, 0x40000)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000400)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r1, r3, 0x25, 0x0, @val=@tcx}, 0x1c)
syz_emit_ethernet(0xffe, &(0x7f00000015c0)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x16, 0xff0, 0x67, 0x0, 0xa, 0x6, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x19}}, {{0x4e24, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x1, 0x0, 0x9}, {"2655bb2623f35598dabbbb8f170af5551d67067e8071920b2402fc1d76e61ff43427242e76448552683fcc11a6d36eb2b49807183d1121ed28f83b865b828b9ce2e74bace03d50bbf71e33d4c5635d459ae3062adfce1c6556726e54e1918089796f1d0adf4f624127dd26f05a07468f6f1dbe1f5247b2342417f7329731912181499f29310838c231ec3a01ebf37b1bbf9569e7ca607b62317b8586464779a926a8109ff755280c6a3302c1d4192f009949e1e2716270aba8430ab14d04604f8f57c1530479ef458abe3930fce53668d2c35ee0f2d2f59ee740756785474a7062200e738d82dba6d1d4197973e13a42b1e9570d27b0421ae4c5a1a03be88a1957485752335a9f68e41d89843f37aa3c50c563c2b14ad89a2e24bdc473fa65b0ec001220613779bdec46ae1a00e615b62232de5c4fd337f83389fae4f49604c87ef6aae060705f9495f89a957f2f0482892db0bae284b6bb42946dd3511ae5c80179792e1aacbcb43aa15a0801c87c88fc3e9d29f2a4dd399dfbcc2fd3c4b77fddef38ee14beee427d4880d54a7f2b03298a04b06342a6b0f315734927a0053125957dcde8014164b82e8507d2430e9d65147b653a3a21e03f957b0277acf2cc1e0c134c9fce85ab7bc6a5a83e1e662b853132edb0dc141fa49d8d60ad1ee62c514cfc7bd5a8316814949a7502587a552d12741252a3ab4998b78a60e2e2b42374e4f9ac2087c94b9dd9415736e27e6806e84042bf65357807b92dfd197e47057eebe392d2e428827ddeda60b47d1ecfc7ef2fe56b088f2497be8c67ef905f04c6512f0b9b405a098ab0e59dfbde30e3038df25a74258703e5878cc1d8d3d72bd84454d3ae371c9076fd2385de476f033007f8f9a0acb7e1b737bed0ee20bcb0af206d146d77f645786a0d730342766b18e50876ff35ab173bb9cfdb57d51b0eea7536e4edb4fd9ecf26e939ac85e6a0152bc05d9c056797d62683669852cd880d831f5ab49c7b49bd6585d50abd3b62eadc2c65935203aac273f83cdacf40e874245b63f6e89f450cdf9f78542939a5c2bb33c7dc500b63e49a1be0bd7c01a0fe3eb16c677baf157d9a795e7a11e34e6c55c66b0f9132728fa88b8f5c96310dc0c83c44bcafabbf3741e92ae24fe71ac8ddccd565c7820fc3f3455fa8feee80efd663bc6747af61f9b138004829d211ed1e5e57bcdd5a3ecf2b51218586f8872b5ae026b5138e6c206e0bccf9831028f03c07051e87d24bb534c2967f44f85c0342285a30196aa3286651bfb604d7dfe28e7cbce7a47029ce734e0209070bf561c3c568e75fca4110d54f4e0b5c58a53b9b2f1969a47040323cfa3b53924ee81a8e5ada0958b9a238312f852e14dac9c6aaac11fe92d5194589955999c13d195223cb4024829481f3424843bb05d36a7378d4bfa59d98925b7f28c719595a5e3b3f881cc91db4c3926aa1ed23cc1967b579a3eba6895befabf99df00b6dde015b7fa2663a943cad383451c9aec3c1b63ff2b5ec20d1cf4f5dc4a29748c97c3966c559a17e973097a35d6848b822541b9364e8b65f1391471983121ae3fd4d46f5e7ca7fde8628f8181183870304effe6f6c9da08beb8c96264e6c254b40888f13d4ced9ea4609502a909476149e13bf4c33279363c03d0262b4cd414f16099e30129a17fc41aefadab4104ae139eb0e83541d398e6f62afc89d972822e38831ea8f6fdd508535e63d55c1d982c3967ef01287fa87c03971d9f7011ea6ebc589ea33be1a89f4d84e8452fc999b102c55ff5a99cb76cf9acf3ac21ea019d714bddfa95dc273a33b67b945b9d54c00fa708afb9c252131b58bea16d03a3ff05426ead5d4588822d2195530cea7ad47cfc8de87e536b83d3ffe2031702b99eeac36db9a55abd5c017db2efd3df6c0826e3ef49a8d35f189fb1531be3d26c4bac3525a45d050320f290ee292e28d2bc64bb99bbc53da1010f8b8a1a3a0e01e3511afc7acb05a4f37abc4d710794e75325b506cdfaa34a16d56cd4370ef3c75021f0395b0f08fda122137b49ab4156b2127f7bd8f6956f557807e262bd696d1d9c11769647ad34d1cdb831ed46990ab320b786df1958d6423d1eb1affeb411e7a1f9ac1186db813f26461d72bb6b8227dcba71867efa6bef91ea7c1d25406a1a6068e18c4c3802a4011aaa48a1129fd717d50580fc2c667e3e36da4b3800d689ae814fee4d6a67ddbd3edbd199bff4f1ab91ad197e6d2ea5d3c18a3ea8a6868eb6122ebaac809b94cbe324069742c316c581fafb059fb486e52725b57c456501be0aa7e7db75652a64c8d7fd3ac61f2de2179cbfe3077d98dfed4087f82eefa0ac8a7393d228d6e4cbd31ecf26c4fa4e0ec50a17c99d12b1f86098879a7c118f16cc216c58128cbd204fa2bacb9a85fc91eb2677e664fa26b593abbc7b49813b8671cde880e47dd1e50988faab3d99ac0d73183070406bed9b201d28af9b5d133c21f4d3ccb7fd36e73fb7bae75ffe0313a6ccde9abd07951f5c716a46c05ce2c1cfbbab27eece76df4f85cd11d36408cb589e236fd51ef8cf0d9483bb2340d85a368e0c7ed134b9cca20c3668d03d0fe18d82686de5d67b74cade4be3741eb14a4a44d8fb170c7c3acc06aa08425799540607c85753ed9531cf9f55f098d04462a38c80c73cd9e83d50bb7142c10564a8b6ba51ba2d987073237a4500deb5146050c4f9f56b89aaca75305d7263036cad2a72e1e74dbcaae4add635d1e053d5016c7ebf7286e9142fab406c67068438730605ca3fa73b2c7e736b969d27e62231b78f838ce985fcb7a3bcd9e54e05e5f7103d932621e57d6d6f13c308ad20eab709edd3461543d699d8a114bd96ee82c842efef8706ced293cb76b6bebeb01ff34d01cbd7886e29b88aa62cbbad827f523d98b2309744368eb1a243267ee0f01a41fed5d094a6ecb100eaeb2cc5d6718fe1059765552371d87e420aea7ab7df098d9f1943ff150cc1823d89a775abfb6bcbc0b3d357069e56a6d93bfa625cc7f2359244006a07feafec083078907ff819783478bd2dab182f17abf382194aa3f5e8a4f7bc120b45bf5ef503f505d050b60d6a436724116d6c44a3e8f408f1b97ecbe51f6282d2888e18b46d8895071966fc67745f270dce3b5560bca1cc0832431aede14f94d19ff54660a65cac55c849de77628afa8265ea082bb4f8c4eea2706ab41fbbfd16a1508c2e4a87f2fb2fbfc111b76068d73c3722604b90cf16054ee9af480203c3ef123686424134ab41fb29c4e820d1bf13cd543711763cd908e120261996ae69293017bc5d80b02afe7322726f263c82421cde298a8679d9129374b4c24f628c0ab18039396ae87dcb85c65c29c64b84245942ec745a04586dbb2766e8a291dde5edec63fb0f5e7b2820906902291f52d6fc446fc353b968ca2e9774b349f1e777ba3b4e04c3bf292c31885112ed929d70008daae88813b71aaafae6656a63904c2972feac3b5b9245bf86943c73501804481d6ea50668e969bce38d2ea1391f4b2ef6d6a38db730b0f8fd7c981ed81554c36f9b618501c0b6291ec87cde14955cdb2a55ae27fc319bdce34c9b5d7897fb5f36b1f03adbd7fc9c2e80943e498d06e7878ec7521507890b54b3eeef3d3032628dcd137a2766dd098aad41d1b6de76c78a3e1c6f8c22c0292eb34c3b8c2bc68853dab50aa1aad1f86105c8846a131c2acdf2d711650c915573643bd91e351fd63846e7f81af87118878233b234753caf0f6fa811ec73baab53e9977fe6d86ca7903f8a79e05e956a1f7639a6d00c13d7d73f9c992a2af8ab343eea086d73bff60c36388f8b9e22b9d091950202af5ef24e17525e340f22d66baec9bc6101f6f302aef91e8813948b51ca94967b5ec7f0504dd735765102e1f16c4a4c5c414e62caea58ccd86b36a9adf528ba1a1dc4b3c8738077556276c393522fa0ff8201a18f1349a719b5a057b202bf2e2ff1260413943a9531f53ee8f3a2dfcb4c17c85c484430936a575aa3f945f373c0dd2588c32419cfcfffb0ab80ed384c542cb87ef33f26e14e2e933add3e7f39423d7c42a69e62b7f5d16aa30a1866215ba65a4e9b0983a6377a4b7b04bb664fad0d57565c7a882c936cf39add7fb30571583290e610d5d4fae564dac16d8045e900087453edb04a94dec1c7ec7e9c76292218f1f161b616623cbe6d60068e4c847825302f4591110d5713e9060a67e096270891eeb26156b6a1ca5a3d54415b9a56efd3570dae4789b03424e453f3b3f9424b1c6023a190ae408faa56a4b64c23c3fb79a0dfae17f6049cbf0ab0e2cb478a2e425ea10ba42e600d61b9f8bc83414bbb74902b4e95496f7526ebee761f4634393362b8aaa37eabb22276125408ea9736bf22fbc1e7d41b4058108154db992590951434a92b808618cf740dcb5cd1b107d2c491572312ea0b8677789be7d13d8ca304a6c94e8fe26d8923ae56bfae628dd1dd626ba8bdc075a03ee3aaa37fdf6fd5137ff4bf8370668e482f4179d3e81fbccef27051f7cb1e838e1da90c61af986c5f08e861f576d722cdb5030689455ce6e4d8832b13039231d19bdf9c71a45e5d87073dbc197e6fab6b49cc9c55d2d6080186d44dda614d1e33d4c42823f6fe7002e1779e962f2a53ab2dfac3b01d2a224bfcbcdbbb96fbc3d930ad23bfe3b9f7bfe95f39a618be7d50afc2e56aa68c6c69b10f3fa35146791073b52d85383ebe138939c6b8ddeac6f17084e16e0e24898149fe20f4718da39eb06ea04a28fa01998bb8aa430ac4ee5d494b6ef95dd96908a4abfe8df749ac2193aebadee35286e61e4870d8c331bd8936a6bbd8f74190474f4c0b43cedb613bf36992c766bec6260e05c5f008646ee632677b70a56823092d3fc4af442bf77b706ba5969c5712ebf5e3ce809af5fbc1fd46eb49edf24efac1b0de335019d14b33d66eacd383e7f0788eca956e8e96ed47eb7ca9c8faaad80f23d1190d194d1b2e4f3de49863cc28d76bdf333f4c1e8bb41aad383c7b425dc32c1c7d67f716d2379413f5d90f2b93f2031f087a045bca678d219bd523e94d50fa6c80c9f1b477b880690c73386b2edb17c5e17dab73cd51df4f74751b95bbc1d0c376fd02df1af5247e33b92a84ad22da9c71842be44844fc927445a2aad14793beaeefc9cfaf300482e917a0380a1448da6e9b6903a4ee16e0068a57f2a224a381d04dea1dabff55ecf0023ab458f1e2bab6f5e14173800c442a0e25e1b1e7f5d9e1405074f03b0df091113a8c67b248b04ac8039ff536cd4d56ae6f2bb44328f6a89c217d745dd51828d69106e5c40040c0a0e94d8f91e384c12ab5515a5c113c8b1b0ebd8a97eb6b5c09ae0e1adcceb7518f9b516c5c982316044532cea939639a51c2ca2c24c08c5cc098da5b46352183448ab4cbd53e1d5942bfe3f4172d1622aaabe5f7aa03fec5fa32aae07b0d03eaf0756cfe3454e63be27b49f20328e2373e8bdf588189f33662e51e77336076f2a140adfd05c8e48b5deb668169fe96336d47f524f578ac763e4d6284307149c75d6d1a6f62157f39658409f91953fc2ba50479775a1bac2845387b8bebfb6c6fbb14eb9e30e0c3fb149bbbfe5722e73c34a98001e230567d240fbf6d7a9238e4a63eadbe3ba9f75e7a7a433113b0d6b784743533a3f19c20b9255539fcb3f1b9ea59aaa41b19be1f6a66e8462"}}}}}}, 0x0)

1.58790959s ago: executing program 3 (id=294):
eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000e40))
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz0\x00', {0xfff9, 0x2, 0x240, 0x9b99}, 0x37, [0x6, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x8, 0x9, 0xd, 0x4, 0x12a5, 0x6, 0x1, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7ff7, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x3, 0x4001, 0x1, 0x7ff, 0x4, 0x4a, 0xffffffff, 0x6, 0x6], [0x9, 0x3, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0x7, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x2, 0x1c, 0x7, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00040, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x762, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x95, 0xfffff50f, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0xb, 0x5, 0x491, 0x8d3, 0x6, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x7, 0x5, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100006, 0x8000, 0x400, 0x3e55, 0xff, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x401, 0x101, 0xdd80, 0x7, 0x7f, 0x9d26, 0x0, 0x8, 0x2, 0x5, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x4, 0x10000, 0x1, 0x8, 0x1], [0xa772, 0x1, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0x56, 0x40, 0xff, 0x5, 0x7fffffff, 0x7, 0xe, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x6, 0x80000001, 0x7773, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x32d, 0x1000, 0x1ff, 0x2000003, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x3, 0xdab, 0x3, 0x8, 0x13ffd, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x149300, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x0, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x7, 0x5, 0x3, 0xfffffffffffffffe, 0x45, 0x4, 0xbdb], 0x1, 0x1c4217})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

1.457243221s ago: executing program 5 (id=295):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x5}, [@mbim_extended={0x0, 0x24, 0x1c, 0x0, 0xff, 0x7}, @dmm={0x0, 0x24, 0x14, 0xf, 0x7ef2}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x45}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x0, 0x0, 0x2}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

591.106686ms ago: executing program 0 (id=296):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r4 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
gettid()
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)

44.07684ms ago: executing program 0 (id=297):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000001bc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000001c00)={0x50, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_FLAGS={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x4800}, 0x80)

0s ago: executing program 0 (id=298):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r5 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
tkill(r5, 0xb)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000041}, 0x55fdb4595c3d8036)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="050000001d000000f5001600000008000300", @ANYRES32=r9], 0x24}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.229' (ED25519) to the list of known hosts.
[   60.994546][ T4172] cgroup: Unknown subsys name 'net'
[   61.138893][ T4172] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   62.598878][ T4172] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   64.719538][ T4189] chnl_net:caif_netlink_parms(): no params data found
[   64.733174][ T4191] chnl_net:caif_netlink_parms(): no params data found
[   64.816527][ T4186] chnl_net:caif_netlink_parms(): no params data found
[   64.860129][ T4182] chnl_net:caif_netlink_parms(): no params data found
[   64.872451][ T4190] chnl_net:caif_netlink_parms(): no params data found
[   64.924934][ T4191] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.932306][ T4191] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.940518][ T4191] device bridge_slave_0 entered promiscuous mode
[   64.971036][ T4191] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.978442][ T4191] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.986375][ T4191] device bridge_slave_1 entered promiscuous mode
[   65.012282][ T4189] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.019368][ T4189] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.027962][ T4189] device bridge_slave_0 entered promiscuous mode
[   65.056291][ T4189] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.063533][ T4189] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.071325][ T4189] device bridge_slave_1 entered promiscuous mode
[   65.128010][ T4191] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.144281][ T4190] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.151364][ T4190] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.159534][ T4190] device bridge_slave_0 entered promiscuous mode
[   65.174160][ T4186] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.181237][ T4186] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.189153][ T4186] device bridge_slave_0 entered promiscuous mode
[   65.199170][ T4191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.216923][ T4190] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.224197][ T4190] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.232612][ T4190] device bridge_slave_1 entered promiscuous mode
[   65.241174][ T4189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.250459][ T4186] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.258428][ T4186] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.266536][ T4186] device bridge_slave_1 entered promiscuous mode
[   65.288568][ T4182] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.295850][ T4182] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.303760][ T4182] device bridge_slave_0 entered promiscuous mode
[   65.328040][ T4189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.352839][ T4182] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.359921][ T4182] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.368559][ T4182] device bridge_slave_1 entered promiscuous mode
[   65.377863][ T4190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.396524][ T4186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.408272][ T4191] team0: Port device team_slave_0 added
[   65.424217][ T4190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.442012][ T4191] team0: Port device team_slave_1 added
[   65.449742][ T4189] team0: Port device team_slave_0 added
[   65.457512][ T4186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.493185][ T4189] team0: Port device team_slave_1 added
[   65.509815][ T4182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.554774][ T4182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.566732][ T4190] team0: Port device team_slave_0 added
[   65.573671][ T4191] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.580630][ T4191] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.606925][ T4191] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.632814][ T4186] team0: Port device team_slave_0 added
[   65.639124][ T4189] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.646348][ T4189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.672832][ T4189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.693578][ T4190] team0: Port device team_slave_1 added
[   65.706907][ T4191] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.714362][ T4191] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.740482][ T4191] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.753557][ T4186] team0: Port device team_slave_1 added
[   65.759758][ T4189] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.766901][ T4189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.793264][ T4189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.817736][ T4182] team0: Port device team_slave_0 added
[   65.855532][ T4186] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.863084][ T4186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.889304][ T4186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.901984][ T4182] team0: Port device team_slave_1 added
[   65.908155][ T4186] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.915258][ T4186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.941326][ T4186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.953261][ T4190] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.960223][ T4190] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.986149][ T4190] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.027217][ T4190] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.034415][ T4190] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.060857][ T4190] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.091877][ T4182] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.098862][ T4182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.124792][ T4182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.149462][ T4191] device hsr_slave_0 entered promiscuous mode
[   66.156308][ T4191] device hsr_slave_1 entered promiscuous mode
[   66.166303][ T4189] device hsr_slave_0 entered promiscuous mode
[   66.173423][ T4189] device hsr_slave_1 entered promiscuous mode
[   66.180077][ T4189] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.188337][ T4189] Cannot create hsr debugfs directory
[   66.207779][ T4182] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.214859][ T4182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.241173][ T4182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.306880][ T4190] device hsr_slave_0 entered promiscuous mode
[   66.313861][ T4190] device hsr_slave_1 entered promiscuous mode
[   66.320442][ T4190] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.328108][ T4190] Cannot create hsr debugfs directory
[   66.349280][ T4186] device hsr_slave_0 entered promiscuous mode
[   66.356281][ T4186] device hsr_slave_1 entered promiscuous mode
[   66.362849][ T4186] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.370414][ T4186] Cannot create hsr debugfs directory
[   66.392582][ T4200] Bluetooth: hci3: command 0x0409 tx timeout
[   66.399306][ T1325] Bluetooth: hci4: command 0x0409 tx timeout
[   66.406131][ T1325] Bluetooth: hci0: command 0x0409 tx timeout
[   66.412382][ T1325] Bluetooth: hci2: command 0x0409 tx timeout
[   66.421952][ T1325] Bluetooth: hci1: command 0x0409 tx timeout
[   66.475436][ T4182] device hsr_slave_0 entered promiscuous mode
[   66.482545][ T4182] device hsr_slave_1 entered promiscuous mode
[   66.489123][ T4182] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.496953][ T4182] Cannot create hsr debugfs directory
[   66.760874][ T4190] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   66.772551][ T4190] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   66.785228][ T4190] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   66.795022][ T4190] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   66.834110][ T4191] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   66.853368][ T4191] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   66.864309][ T4191] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   66.887238][ T4191] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   66.931471][ T4189] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   66.941181][ T4189] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   66.963988][ T4189] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   66.995019][ T4189] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   67.040086][ T4182] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   67.068081][ T4190] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.076888][ T4182] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   67.092428][ T4182] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   67.114382][ T4182] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   67.134267][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   67.144511][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.167189][ T4190] 8021q: adding VLAN 0 to HW filter on device team0
[   67.179629][ T4186] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   67.199881][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   67.209174][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   67.218421][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.225695][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.237150][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   67.247214][ T4186] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   67.256221][ T4186] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   67.269576][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   67.281216][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   67.289868][ T3060] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.297002][ T3060] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.324728][ T4186] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   67.359437][ T4191] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.385197][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   67.394894][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   67.405042][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   67.414311][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   67.424523][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   67.440834][ T4190] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   67.453020][ T4190] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   67.478358][ T4191] 8021q: adding VLAN 0 to HW filter on device team0
[   67.490784][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   67.500852][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   67.509897][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   67.526264][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   67.536267][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   67.545015][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   67.555837][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   67.564160][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.572429][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   67.598718][ T4189] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.619986][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   67.632129][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   67.640719][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.647888][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.656869][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   67.666829][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   67.676724][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.683867][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.695850][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   67.707227][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   67.735591][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   67.744569][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   67.755097][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   67.764382][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   67.789861][ T4190] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.806724][ T4189] 8021q: adding VLAN 0 to HW filter on device team0
[   67.822825][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   67.830330][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   67.838342][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   67.848534][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   67.858108][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   67.866769][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   67.875883][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   67.883672][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   67.891433][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   67.900517][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   67.909246][ T3060] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.916377][ T3060] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.930159][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   67.939185][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   67.953243][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   67.971180][ T4186] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.995916][ T4191] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   68.004807][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   68.014489][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   68.023779][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.030883][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.040134][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   68.070175][ T4182] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.081092][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   68.092627][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   68.100540][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   68.109034][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   68.119370][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   68.136488][ T4186] 8021q: adding VLAN 0 to HW filter on device team0
[   68.145837][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   68.156099][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   68.181356][ T4182] 8021q: adding VLAN 0 to HW filter on device team0
[   68.217835][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   68.227658][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   68.236456][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   68.246539][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   68.255967][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   68.265054][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   68.274504][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   68.283377][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.290465][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.298900][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   68.307848][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   68.317313][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   68.326100][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   68.334739][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.341839][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.350018][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   68.358838][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   68.367608][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   68.377350][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   68.386190][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   68.395817][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   68.405071][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   68.413240][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   68.420973][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   68.454181][ T4189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   68.463436][ T4190] device veth0_vlan entered promiscuous mode
[   68.473274][ T4265] Bluetooth: hci1: command 0x041b tx timeout
[   68.480276][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   68.489345][ T4265] Bluetooth: hci2: command 0x041b tx timeout
[   68.497192][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   68.505838][ T4265] Bluetooth: hci0: command 0x041b tx timeout
[   68.507186][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.518144][ T4265] Bluetooth: hci4: command 0x041b tx timeout
[   68.519033][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.525110][ T4265] Bluetooth: hci3: command 0x041b tx timeout
[   68.540779][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   68.549539][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   68.558421][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.565540][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.573452][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   68.583858][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   68.593003][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   68.603107][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   68.611885][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   68.620897][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   68.629694][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   68.638563][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   68.648566][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   68.657157][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   68.666274][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   68.674419][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   68.682519][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   68.715174][ T4190] device veth1_vlan entered promiscuous mode
[   68.724577][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   68.734102][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   68.744159][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   68.754078][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   68.763585][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   68.781009][ T4182] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   68.793273][ T4182] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   68.819180][ T4186] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   68.834444][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   68.846324][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   68.855413][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   68.865219][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   68.895564][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   68.916647][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   68.927410][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   68.940783][ T4191] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.983981][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   69.016171][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   69.044283][ T4189] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.057870][ T4190] device veth0_macvtap entered promiscuous mode
[   69.067603][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   69.077628][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   69.104537][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   69.124338][ T4190] device veth1_macvtap entered promiscuous mode
[   69.151096][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   69.174195][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   69.190448][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   69.254244][ T4190] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.281358][ T4189] device veth0_vlan entered promiscuous mode
[   69.291192][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   69.300800][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   69.315808][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   69.327185][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   69.343642][ T4190] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.375090][ T4189] device veth1_vlan entered promiscuous mode
[   69.384787][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   69.394357][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   69.403208][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   69.411333][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   69.420476][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   69.429733][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   69.437528][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   69.448974][ T4190] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.458215][ T4190] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.467635][ T4190] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.476614][ T4190] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.489628][ T4182] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.509668][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   69.518872][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   69.527978][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   69.561080][ T4189] device veth0_macvtap entered promiscuous mode
[   69.583795][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   69.593493][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   69.603421][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   69.612249][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   69.620659][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   69.629351][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   69.637935][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   69.646644][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   69.654755][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   69.675358][ T4186] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.690252][ T4189] device veth1_macvtap entered promiscuous mode
[   69.699311][ T4191] device veth0_vlan entered promiscuous mode
[   69.737336][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   69.751201][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   69.761234][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   69.776078][ T4191] device veth1_vlan entered promiscuous mode
[   69.813307][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   69.825077][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   69.836836][ T4182] device veth0_vlan entered promiscuous mode
[   69.850691][ T4189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.862939][ T4189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.874306][ T4189] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.895913][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   69.905216][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   69.915362][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   69.924494][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   69.933649][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   69.942882][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   69.954769][ T4182] device veth1_vlan entered promiscuous mode
[   69.975096][ T4189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.986334][ T4189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.998775][ T4189] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.034317][ T4226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.041663][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   70.047724][ T4226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.052985][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   70.067390][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   70.077021][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   70.086316][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   70.095244][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   70.104038][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   70.114487][ T4189] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.123474][ T4189] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.132566][ T4189] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.141274][ T4189] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.190607][  T156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.195041][ T4191] device veth0_macvtap entered promiscuous mode
[   70.202929][  T156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.228615][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   70.243191][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   70.251051][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   70.261933][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   70.270319][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   70.281259][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   70.290755][ T4186] device veth0_vlan entered promiscuous mode
[   70.306087][ T4186] device veth1_vlan entered promiscuous mode
[   70.317273][ T4191] device veth1_macvtap entered promiscuous mode
[   70.328290][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   70.337135][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   70.346056][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   70.355283][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   70.402930][ T4182] device veth0_macvtap entered promiscuous mode
[   70.421272][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.441448][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.458478][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.483074][ T4294] loop0: detected capacity change from 0 to 512
[   70.487627][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.503714][ T4191] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.516178][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.527415][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.541156][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.561847][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.563826][ T4240] Bluetooth: hci3: command 0x040f tx timeout
[   70.575970][ T4191] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.580663][ T4240] Bluetooth: hci4: command 0x040f tx timeout
[   70.596666][ T4191] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.607609][ T4191] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.616709][ T4191] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.622086][ T4294] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.1: inode has both inline data and extents flags
[   70.625861][ T4191] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.650136][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   70.658435][ T4240] Bluetooth: hci0: command 0x040f tx timeout
[   70.665780][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   70.675578][ T4240] Bluetooth: hci2: command 0x040f tx timeout
[   70.679786][ T4294] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.1: couldn't read orphan inode 15 (err -117)
[   70.682827][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   70.706771][ T4294] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   70.708191][ T4240] Bluetooth: hci1: command 0x040f tx timeout
[   70.741215][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   70.768939][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   70.779404][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   70.788620][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   70.799451][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   70.811258][ T4182] device veth1_macvtap entered promiscuous mode
[   70.829880][ T4186] device veth0_macvtap entered promiscuous mode
[   70.847965][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   70.860148][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   70.909583][ T4186] device veth1_macvtap entered promiscuous mode
[   70.990175][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.010921][ T4226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.021394][ T4226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.035282][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.051629][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.068338][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.078473][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.096972][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.111354][ T4182] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.128096][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.153710][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.164731][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.175261][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.185139][ T4182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.196219][ T4182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.211378][ T4182] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.912581][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[   71.919123][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[   71.946828][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   71.978637][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   72.006843][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   72.021360][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   72.032672][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   72.050022][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.067813][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.078745][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.101273][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.117290][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.128113][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.131423][ T4310] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   72.146311][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.166088][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.178038][ T4186] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.193683][ T4182] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.199563][ T4312] loop0: detected capacity change from 0 to 256
[   72.202447][ T4182] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.202480][ T4182] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.202509][ T4182] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.239996][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   72.249888][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   72.260186][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.271134][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.281252][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.291907][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.302032][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.312914][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.323294][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.333948][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.345632][ T4186] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.384633][ T4312] exFAT-fs (loop0): failed to load upcase table (idx : 0x00002e7f, chksum : 0x03279930, utbl_chksum : 0xe619d30d)
[   72.397550][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   72.407065][ T4226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.417240][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   72.423867][ T4226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.455088][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   72.500859][ T4186] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.511766][ T4186] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.520507][ T4186] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.529360][ T4186] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.617778][ T4226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.642092][ T4290] Bluetooth: hci3: command 0x0419 tx timeout
[   72.652026][ T4226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.681818][ T4279] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.689814][ T4279] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.712557][ T4240] Bluetooth: hci2: command 0x0419 tx timeout
[   72.732570][ T4240] Bluetooth: hci0: command 0x0419 tx timeout
[   72.749144][ T4240] Bluetooth: hci4: command 0x0419 tx timeout
[   72.769618][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   72.780154][ T4316] loop0: detected capacity change from 0 to 512
[   72.790705][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   72.804023][ T4290] Bluetooth: hci1: command 0x0419 tx timeout
[   72.827550][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.847701][ T4226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.856914][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.864465][ T4319] loop3: detected capacity change from 0 to 8192
[   72.873779][ T4226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.898737][ T4279] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.906492][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   72.952148][ T4279] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.971864][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   73.017729][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   73.104036][ T4319] x_tables: duplicate underflow at hook 2
[   73.125829][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.158921][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.213727][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   74.614510][ T4290] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   75.734759][ T4200] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   75.783927][ T4359] loop3: detected capacity change from 0 to 2048
[   75.810816][ T4359] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[   75.818211][ T4339] loop0: detected capacity change from 0 to 32768
[   75.959333][ T4290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   75.982816][ T4339] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.13 (4339)
[   76.022992][ T4290] usb 3-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00
[   76.042606][ T4366] loop3: detected capacity change from 0 to 512
[   76.050414][ T4290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.068752][ T4290] usb 3-1: config 0 descriptor??
[   76.112285][ T4366] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   76.171729][ T4200] usb 5-1: Using ep0 maxpacket: 32
[   76.325661][ T4200] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[   76.474954][ T4200] usb 5-1: config 0 has no interface number 0
[   76.767186][ T4339] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   76.807347][ T4366] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   76.864168][ T4339] BTRFS info (device loop0): metadata ratio 1
[   76.904558][ T4339] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[   76.908791][ T4366] EXT4-fs error (device loop3): ext4_orphan_get:1427: comm syz.3.21: bad orphan inode 16
[   76.921926][ T4200] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[   76.931646][ T4339] BTRFS info (device loop0): using free space tree
[   76.934641][ T4200] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.942303][ T4339] BTRFS info (device loop0): has skinny extents
[   76.949350][ T4200] usb 5-1: Product: syz
[   76.960576][ T4200] usb 5-1: Manufacturer: syz
[   76.965282][ T4200] usb 5-1: SerialNumber: syz
[   76.981948][ T4200] usb 5-1: config 0 descriptor??
[   76.994493][ T4366] ext4_test_bit(bit=15, block=4) = 0
[   76.999825][ T4366] EXT4-fs (loop3): 1 orphan inode deleted
[   77.011906][ T4290] usbhid 3-1:0.0: can't add hid device: -71
[   77.023321][ T4200] smsc95xx v2.0.0
[   77.028108][ T4290] usbhid: probe of 3-1:0.0 failed with error -71
[   77.043486][ T4366] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,stripe=0x0000000000000001,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,auto_da_alloc,,errors=continue. Quota mode: none.
[   77.122024][ T4290] usb 3-1: USB disconnect, device number 2
[   77.229415][ T4339] BTRFS error (device loop0): open_ctree failed: -12
[   78.051859][ T4200] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[   78.084685][ T4200] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[   78.101726][ T1111] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   78.196133][ T4406] loop2: detected capacity change from 0 to 4096
[   78.217489][ T4409] loop0: detected capacity change from 0 to 128
[   78.294603][ T4406] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   78.387441][ T1111] usb 2-1: Using ep0 maxpacket: 32
[   78.440522][ T4412] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #3: block 48: comm syz.2.25: lblock 0 mapped to illegal pblock 48 (length 1)
[   78.541965][ T1111] usb 2-1: config 4 has an invalid interface number: 128 but max is 0
[   78.550417][ T1111] usb 2-1: config 4 has no interface number 0
[   78.567067][ T4412] Quota error (device loop2): find_next_id: Can't read quota tree block 1
[   78.597175][ T1111] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.622265][ T4200] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000020: -71
[   78.720514][ T4200] smsc95xx: probe of 5-1:0.67 failed with error -71
[   78.824271][ T1111] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   78.997521][ T4200] usb 5-1: USB disconnect, device number 2
[   79.104269][ T1111] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   79.239496][ T1111] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.528642][ T1111] hub 2-1:4.128: USB hub found
[   79.731694][ T1111] hub 2-1:4.128: 2 ports detected
[   79.736822][ T1111] hub 2-1:4.128: Using single TT (err -22)
[   79.767448][ T4430] loop4: detected capacity change from 0 to 128
[   79.922925][ T4430] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   79.947965][ T4436] loop2: detected capacity change from 0 to 8
[   79.971816][ T1111] hub 2-1:4.128: hub_hub_status failed (err = -71)
[   79.996992][ T1111] hub 2-1:4.128: config failed, can't get hub status (err -71)
[   80.073224][ T4430] ext4 filesystem being mounted at /5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   80.226137][ T4436] SQUASHFS error: Unable to read inode 0xe3
[   80.293608][ T1111] usb 2-1: USB disconnect, device number 2
[   81.292512][ T4458] loop1: detected capacity change from 0 to 128
[   81.417149][ T4460] loop3: detected capacity change from 0 to 2048
[   81.588691][ T4458] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   81.625563][ T4460] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   81.712250][ T4458] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   81.752871][ T4242] libceph: connect (1)[c::]:6789 error -101
[   81.760148][ T4242] libceph: mon0 (1)[c::]:6789 connect error
[   81.801562][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #280!!!
[   82.151201][ T4255] libceph: connect (1)[c::]:6789 error -101
[   82.157887][ T4255] libceph: mon0 (1)[c::]:6789 connect error
[   82.693727][ T4463] ceph: No mds server is up or the cluster is laggy
[   82.717561][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!!
[   82.741573][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!!
[   82.750680][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!!
[   82.761553][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!!
[   82.774168][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!!
[   82.791553][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[   82.801555][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   82.811480][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   83.079174][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   83.203764][ T4304] libceph: connect (1)[c::]:6789 error -101
[   83.210132][ T4304] libceph: mon0 (1)[c::]:6789 connect error
[   83.448087][ T4482] loop1: detected capacity change from 0 to 1024
[   84.053428][ T4492] capability: warning: `syz.0.57' uses deprecated v2 capabilities in a way that may be insecure
[   85.185536][ T4488] netlink: 20 bytes leftover after parsing attributes in process `syz.3.55'.
[   85.198631][ T4499] process 'syz.4.59' launched './file1' with NULL argv: empty string added
[   85.303325][ T4343] hfsplus: b-tree write err: -5, ino 4
[   85.611762][ T4241] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   85.685260][ T4505] loop1: detected capacity change from 0 to 256
[   86.324736][ T4505] FAT-fs (loop1): bogus number of FAT sectors
[   86.331359][ T4505] FAT-fs (loop1): Can't find a valid FAT filesystem
[   86.803746][ T4241] usb 4-1: Using ep0 maxpacket: 16
[   86.811139][ T1108] cfg80211: failed to load regulatory.db
[   86.861778][ T4241] usb 4-1: device descriptor read/all, error -71
[   86.932984][ T4515] loop4: detected capacity change from 0 to 1024
[   87.253749][ T4521] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   87.854740][   T26] audit: type=1800 audit(1762096754.623:2): pid=4515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.63" name="file1" dev="loop4" ino=20 res=0 errno=0
[   90.575290][ T1108] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[   90.601646][ T1108] Bluetooth: hci2: Injecting HCI hardware error event
[   90.620963][ T4196] Bluetooth: hci2: hardware error 0x00
[   90.967484][ T4544] loop1: detected capacity change from 0 to 1024
[   91.030644][ T4544] =======================================================
[   91.030644][ T4544] WARNING: The mand mount option has been deprecated and
[   91.030644][ T4544]          and is ignored by this kernel. Remove the mand
[   91.030644][ T4544]          option from the mount to silence this warning.
[   91.030644][ T4544] =======================================================
[   91.075729][ T4550] loop2: detected capacity change from 0 to 1024
[   91.149275][ T4544] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   91.206724][ T4557] loop4: detected capacity change from 0 to 512
[   91.239907][ T4550] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[   91.946540][ T4560] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3871: comm syz.1.72: Allocating blocks 497-513 which overlap fs metadata
[   91.964406][ T4557] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[   91.966449][ T4560] EXT4-fs (loop1): pa ffff888073cc39a0: logic 128, phys. 385, len 8
[   91.979814][ T4560] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4888: group 0, free 0, pa_free 1
[   92.033646][ T4560] syz.1.72 (4560) used greatest stack depth: 20456 bytes left
[   92.081312][ T4557] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   92.118025][ T4557] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e028, mo2=0002]
[   92.122592][ T4550] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,nodelalloc,resgid=0x0000000000000000,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   92.131069][ T4557] EXT4-fs (loop4): orphan cleanup on readonly fs
[   92.158814][ T4557] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.76: invalid indirect mapped block 1023 (level 0)
[   92.187727][ T4182] EXT4-fs error (device loop1): mb_free_blocks:1860: group 0, inode 18: block 369:freeing already freed block (bit 23); block bitmap corrupt.
[   92.255252][ T4557] EXT4-fs (loop4): Remounting filesystem read-only
[   92.273586][ T4557] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.76: invalid indirect mapped block 2185560079 (level 1)
[   92.288552][ T4557] EXT4-fs (loop4): Remounting filesystem read-only
[   93.159572][ T4557] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.76: bg 0: block 361: padding at end of block bitmap is not set
[   93.186933][ T4557] EXT4-fs (loop4): Remounting filesystem read-only
[   93.194150][ T4557] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6178: Corrupt filesystem
[   93.209676][ T4557] EXT4-fs (loop4): Remounting filesystem read-only
[   93.218015][ T4557] EXT4-fs (loop4): 1 truncate cleaned up
[   93.224290][ T4557] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,noblock_validity,discard,errors=remount-ro,mblk_io_submit. Quota mode: none.
[   93.524104][ T4578] loop1: detected capacity change from 0 to 256
[   93.618211][ T4578] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x76936814, utbl_chksum : 0xe619d30d)
[   93.639723][ T4584] loop4: detected capacity change from 0 to 256
[   93.659300][ T4584] exfat: Unknown parameter 'keep_last_dots'
[   93.960932][ T4588] loop2: detected capacity change from 0 to 1024
[   94.186570][ T4592] loop2: detected capacity change from 0 to 512
[   94.353186][ T4592] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 213 vs 220 free clusters
[   94.446234][ T4592] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.89: attempt to clear invalid blocks 983261 len 1
[   94.507910][ T4592] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.89: invalid indirect mapped block 2683928664 (level 0)
[   94.581106][ T4592] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz.2.89: Invalid inode table block 0 in block_group 0
[   94.607555][ T4592] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5850: Corrupt filesystem
[   94.624667][ T4592] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[   94.924418][ T4592] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz.2.89: Invalid inode table block 0 in block_group 0
[   95.304257][ T4592] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5850: Corrupt filesystem
[   95.374951][ T4592] EXT4-fs error (device loop2): ext4_truncate:4279: inode #13: comm syz.2.89: mark_inode_dirty error
[   95.430175][ T4592] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[   95.582871][ T4592] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz.2.89: Invalid inode table block 0 in block_group 0
[   96.357660][ T4592] EXT4-fs (loop2): 1 truncate cleaned up
[   96.390536][ T4592] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,delalloc,,errors=continue. Quota mode: none.
[   96.424512][ T4616] netlink: 'syz.4.96': attribute type 32 has an invalid length.
[   96.854224][  T146] Bluetooth: Unknown LE signaling command 0x29
[   96.861316][  T146] Bluetooth: Wrong link type (-22)
[   97.177947][ T4627] Zero length message leads to an empty skb
[   98.863934][ T4641] loop2: detected capacity change from 0 to 8
[   99.387417][ T4650] netlink: 128 bytes leftover after parsing attributes in process `syz.2.99'.
[  100.581785][ T4397] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  100.881634][ T4397] usb 5-1: Using ep0 maxpacket: 16
[  101.047503][ T4397] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.068974][ T4397] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.092901][ T4397] usb 5-1: config 0 interface 0 has no altsetting 0
[  101.099658][ T4397] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  101.115092][ T4397] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.127542][ T4397] usb 5-1: config 0 descriptor??
[  101.319590][ T4669] loop2: detected capacity change from 0 to 1024
[  101.345403][ T4669] EXT4-fs (loop2): Ignoring removed oldalloc option
[  101.380878][ T4669] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,auto_da_alloc=0x00000000000000e6,oldalloc,barrier,auto_da_alloc,resgid=0x0000000000000000,errors=remount-ro,stripe=0x0000000000000007,. Quota mode: none.
[  101.403527][ T4669] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.021716][ T4397] usbhid 5-1:0.0: can't add hid device: -71
[  102.030011][   T26] audit: type=1326 audit(1762096768.793:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4678 comm="syz.1.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba41483fc9 code=0x7ffc0000
[  102.041665][ T4397] usbhid: probe of 5-1:0.0 failed with error -71
[  102.108462][ T4669] netlink: 32 bytes leftover after parsing attributes in process `syz.2.113'.
[  102.128188][   T26] audit: type=1326 audit(1762096768.833:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4678 comm="syz.1.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba41483fc9 code=0x7ffc0000
[  102.138606][ T4397] usb 5-1: USB disconnect, device number 3
[  102.159528][   T26] audit: type=1326 audit(1762096768.893:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4678 comm="syz.1.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7fba41483fc9 code=0x7ffc0000
[  102.244479][   T26] audit: type=1326 audit(1762096768.893:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4678 comm="syz.1.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba41483fc9 code=0x7ffc0000
[  103.274082][ T4700] loop3: detected capacity change from 0 to 512
[  103.485224][ T4715] loop2: detected capacity change from 0 to 1024
[  103.519842][ T4700] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  104.367652][ T4700] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.471395][ T4715] EXT4-fs (loop2): Ignoring removed orlov option
[  104.479905][ T4715] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  104.496362][   T26] audit: type=1800 audit(1762096771.263:7): pid=4700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.123" name="file1" dev="loop3" ino=15 res=0 errno=0
[  104.517182][   T26] audit: type=1800 audit(1762096771.263:8): pid=4700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.123" name="file2" dev="loop3" ino=16 res=0 errno=0
[  104.561608][   T26] audit: type=1804 audit(1762096771.313:9): pid=4700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.123" name="/newroot/21/file1/file1" dev="loop3" ino=15 res=1 errno=0
[  104.631400][ T4715] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  104.659313][ T4727] loop4: detected capacity change from 0 to 8192
[  104.711429][ T4732] loop1: detected capacity change from 0 to 512
[  104.715450][ T4727] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  104.928470][ T4739] netlink: 60 bytes leftover after parsing attributes in process `syz.0.137'.
[  106.346583][ T4397] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  106.355055][ T4397] Bluetooth: hci3: Injecting HCI hardware error event
[  106.364401][ T4196] Bluetooth: hci3: hardware error 0x00
[  106.421662][ T1108] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  106.587956][ T4748] netlink: 12 bytes leftover after parsing attributes in process `syz.1.140'.
[  106.671641][ T1108] usb 4-1: Using ep0 maxpacket: 8
[  106.703403][ T4753] netlink: 'syz.1.140': attribute type 5 has an invalid length.
[  106.711095][ T4753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.140'.
[  106.739309][ T4752] loop4: detected capacity change from 0 to 1024
[  106.761244][ T4748] netlink: 'syz.1.140': attribute type 5 has an invalid length.
[  106.769830][ T4748] netlink: 4 bytes leftover after parsing attributes in process `syz.1.140'.
[  106.802272][ T1108] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  106.834412][ T4752] EXT4-fs (loop4): Ignoring removed orlov option
[  106.835037][ T1108] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  106.851152][ T4752] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  106.892804][ T1108] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  106.908413][ T4752] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  106.960539][ T1108] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  106.991635][ T1108] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  107.038256][ T1108] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  107.110319][ T1108] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.218337][ T1108] usb 4-1: config 0 descriptor??
[  107.256099][ T4736] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  107.932597][ T4255] usb 4-1: USB disconnect, device number 4
[  109.146300][ T4786] loop1: detected capacity change from 0 to 128
[  109.182737][ T4787] loop3: detected capacity change from 0 to 764
[  109.217190][ T4786] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  109.289896][ T4786] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  109.330370][ T4786] FAT-fs (loop1): Filesystem has been set read-only
[  109.338057][ T4786] attempt to access beyond end of device
[  109.338057][ T4786] loop1: rw=524288, want=2073, limit=128
[  109.368722][ T4786] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  109.399953][ T4786] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  109.430753][ T4786] attempt to access beyond end of device
[  109.430753][ T4786] loop1: rw=0, want=2073, limit=128
[  109.450189][   T26] audit: type=1800 audit(1762096776.213:10): pid=4786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.151" name="file2" dev="loop1" ino=1048594 res=0 errno=0
[  109.808442][ T4804] loop3: detected capacity change from 0 to 512
[  109.889701][ T4804] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,commit=0x0000000000000000,sb=0x0000000000000008,i_version,lazytime,nodiscard,grpjquota=,block_validity,errors=remount-ro,. Quota mode: writeback.
[  109.921882][ T4804] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.664090][ T4813] EXT4-fs error (device loop3): ext4_do_update_inode:5218: inode #2: comm syz.3.159: corrupted inode contents
[  110.681094][ T4813] EXT4-fs (loop3): Remounting filesystem read-only
[  110.688452][ T4813] EXT4-fs error (device loop3): ext4_dirty_inode:6054: inode #2: comm syz.3.159: mark_inode_dirty error
[  110.711931][ T4813] EXT4-fs (loop3): Remounting filesystem read-only
[  110.719076][ T4813] EXT4-fs error (device loop3): ext4_do_update_inode:5218: inode #2: comm syz.3.159: corrupted inode contents
[  110.731633][ T4813] EXT4-fs (loop3): Remounting filesystem read-only
[  110.738157][ T4813] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz.3.159: mark_inode_dirty error
[  110.755412][ T4813] EXT4-fs (loop3): Remounting filesystem read-only
[  111.037646][ T4829] loop2: detected capacity change from 0 to 1024
[  111.093683][ T4829] EXT4-fs (loop2): Ignoring removed orlov option
[  111.418782][ T4829] EXT4-fs (loop2): mounted filesystem without journal. Opts: block_validity,jqfmt=vfsv1,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,norecovery,,errors=continue. Quota mode: none.
[  111.450281][ T4394] Bluetooth: hci4: command 0x0405 tx timeout
[  112.056694][ T4855] loop4: detected capacity change from 0 to 128
[  112.069316][ T4856] loop3: detected capacity change from 0 to 1024
[  112.108064][ T4855] FAT-fs (loop4): bogus number of FAT structure
[  112.120986][ T4861] loop2: detected capacity change from 0 to 512
[  112.136410][ T4863] loop1: detected capacity change from 0 to 512
[  112.153166][ T4855] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  112.162528][ T4855] FAT-fs (loop4): Can't find a valid FAT filesystem
[  112.188046][ T4861] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  112.234171][ T4856] EXT4-fs (loop3): Ignoring removed bh option
[  112.254813][ T4861] EXT4-fs (loop2): 1 truncate cleaned up
[  112.260589][ T4861] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  112.320181][ T4861] fscrypt (loop2, inode 18): Unsupported encryption flags (0x6e)
[  112.544438][ T4856] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,journal_ioprio=0x0000000000000001,dax=never,,errors=continue. Quota mode: none.
[  114.169602][ T4891] loop4: detected capacity change from 0 to 2048
[  115.481097][ T4886] loop4: detected capacity change from 0 to 512
[  115.558447][ T4886] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.184: inode has both inline data and extents flags
[  115.685114][ T4886] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.184: couldn't read orphan inode 15 (err -117)
[  115.730620][ T4886] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[  115.880626][ T4906] loop3: detected capacity change from 0 to 512
[  117.924216][ T4397] Bluetooth: hci1: command 0x2016 tx timeout
[  118.015395][ T4919] loop4: detected capacity change from 0 to 512
[  118.429910][ T4927] xt_CT: You must specify a L4 protocol and not use inversions on it
[  118.489463][ T4929] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid
[  119.253396][ T4919] EXT4-fs (loop4): Test dummy encryption mode enabled
[  119.260397][ T4919] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  119.301096][ T4919] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.195: bad orphan inode 131083
[  119.317821][ T4919] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,inode_readahead_blks=0x0000000000002000,,errors=continue. Quota mode: none.
[  120.173007][ T4394] Bluetooth: hci1: command 0x0406 tx timeout
[  120.216586][ T4196] Bluetooth: hci1: hcon ffff88807a298000 sent 1 < count 7
[  122.106866][ T4959] user requested TSC rate below hardware speed
[  124.473370][ T4977] ecryptfs_parse_options: eCryptfs: unrecognized option [³(]
[  124.485452][ T4977] ecryptfs_parse_options: eCryptfs: unrecognized option [{\)]
[  124.497272][ T4977] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  124.518441][ T4977] Error parsing options; rc = [-22]
[  124.755975][ T4980] loop2: detected capacity change from 0 to 256
[  125.024603][ T4186] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  126.443703][ T4186] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  127.078527][ T4997] loop3: detected capacity change from 0 to 512
[  127.228504][ T4997] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,minixdf,barrier=0x0000000000000005,,errors=continue. Quota mode: writeback.
[  127.304500][ T4997] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.608205][ T5011] loop3: detected capacity change from 0 to 128
[  127.648503][ T5011] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  127.690149][ T5011] ext4 filesystem being mounted at /35/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  127.713052][ T5013] loop4: detected capacity change from 0 to 1024
[  127.784337][ T5013] hfsplus: umask requires a value
[  127.789884][ T5013] hfsplus: unable to parse mount options
[  128.702618][ T5021] loop3: detected capacity change from 0 to 1024
[  128.766087][ T5021] EXT4-fs (loop3): Ignoring removed oldalloc option
[  128.822573][ T5028] netlink: 'syz.0.233': attribute type 7 has an invalid length.
[  128.851617][ T5028] netlink: 12 bytes leftover after parsing attributes in process `syz.0.233'.
[  128.863826][ T5021] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,auto_da_alloc=0x00000000000000e6,oldalloc,barrier,auto_da_alloc,resgid=0x0000000000000000,errors=remount-ro,stripe=0x0000000000000007,. Quota mode: none.
[  128.911852][ T5021] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.922568][ T5028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.233'.
[  128.978904][ T5028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.233'.
[  129.005589][ T5021] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.231: inode has both inline data and extents flags
[  129.034015][ T5021] EXT4-fs (loop3): Remounting filesystem read-only
[  129.035938][ T5020] chnl_net:caif_netlink_parms(): no params data found
[  129.073501][ T5037] loop4: detected capacity change from 0 to 8
[  129.121415][ T5021] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.231: inode has both inline data and extents flags
[  129.220542][ T5021] EXT4-fs (loop3): Remounting filesystem read-only
[  129.657455][ T5047] netlink: 27 bytes leftover after parsing attributes in process `syz.1.236'.
[  130.021112][ T5050] loop4: detected capacity change from 0 to 1024
[  130.066843][ T5020] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.105437][ T5020] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.113786][ T5020] device bridge_slave_0 entered promiscuous mode
[  130.124535][ T5020] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.142424][ T5020] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.150638][ T5020] device bridge_slave_1 entered promiscuous mode
[  130.248576][ T5054] loop1: detected capacity change from 0 to 512
[  130.276288][ T5054] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  130.303556][ T5020] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.317100][   T26] audit: type=1800 audit(1762096797.083:11): pid=5050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.240" name="file1" dev="loop4" ino=20 res=0 errno=0
[  130.344852][ T5054] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  130.368735][ T5020] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.387279][ T5054] EXT4-fs error (device loop1): ext4_orphan_get:1427: comm syz.1.242: bad orphan inode 15
[  130.415117][ T5054] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,journal_ioprio=0x0000000000000007,noauto_da_alloc,bsddf,noquota,nodelalloc,,errors=continue. Quota mode: none.
[  130.536732][ T5020] team0: Port device team_slave_0 added
[  130.551655][ T4397] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  130.576584][ T5020] team0: Port device team_slave_1 added
[  130.681064][ T5020] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.711921][ T1111] Bluetooth: hci1: command 0x0409 tx timeout
[  130.723674][ T5020] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.751696][ T5020] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.838971][ T5020] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.851796][ T5020] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.860608][ T5064] loop1: detected capacity change from 0 to 1024
[  130.909903][ T5020] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.952282][ T4397] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  130.970386][ T4397] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3
[  131.004719][ T4397] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  131.025471][ T4397] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.030533][ T5020] device hsr_slave_0 entered promiscuous mode
[  131.061392][ T5020] device hsr_slave_1 entered promiscuous mode
[  131.062079][ T4397] usb 4-1: config 0 descriptor??
[  131.081795][ T5020] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  131.117049][ T5020] Cannot create hsr debugfs directory
[  131.244911][ T5064] loop1: detected capacity change from 0 to 1764
[  132.362438][ T4397] Bluetooth: Can't get version to change to load ram patch err
[  132.370042][ T4397] Bluetooth: Loading patch file failed
[  132.401618][ T4397] ath3k: probe of 4-1:0.0 failed with error -71
[  132.419232][ T4397] usb 4-1: USB disconnect, device number 5
[  132.613297][ T5020] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  132.652434][ T5020] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  132.681124][ T5020] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  132.741808][ T5020] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  132.781780][ T4242] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  132.796124][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  132.803436][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  132.812258][ T4397] Bluetooth: hci1: command 0x041b tx timeout
[  132.962540][ T4842] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.031750][ T4242] usb 2-1: Using ep0 maxpacket: 16
[  133.056754][ T4842] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.152227][ T4242] usb 2-1: config 0 has an invalid interface number: 29 but max is 0
[  133.166990][ T4242] usb 2-1: config 0 has no interface number 0
[  133.181644][ T4242] usb 2-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16
[  133.192190][ T4242] usb 2-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024
[  133.206733][ T4242] usb 2-1: config 0 interface 29 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  134.084916][ T4842] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.178790][ T4842] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.241853][ T4242] usb 2-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0
[  134.255380][ T4242] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.273867][ T4242] usb 2-1: Product: syz
[  134.278378][ T4242] usb 2-1: Manufacturer: syz
[  134.286913][ T4242] usb 2-1: SerialNumber: syz
[  134.351157][ T5020] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.360709][ T4242] usb 2-1: config 0 descriptor??
[  134.398832][ T5076] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  134.413385][ T5077] chnl_net:caif_netlink_parms(): no params data found
[  134.441704][ T5076] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  134.751123][ T5020] 8021q: adding VLAN 0 to HW filter on device team0
[  134.791604][ T4397] Bluetooth: hci4: command 0x0409 tx timeout
[  134.799335][ T5020] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  134.810919][ T5020] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  134.869593][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  134.877690][    T7] Bluetooth: hci1: command 0x040f tx timeout
[  134.890165][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  134.977576][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  135.068507][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  135.210289][ T4353] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.217589][ T4353] bridge0: port 1(bridge_slave_0) entered forwarding state
[  135.526395][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  135.566246][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  135.603803][ T4353] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.611088][ T4353] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.649352][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  135.658565][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  135.669322][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  135.687961][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  135.716733][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  135.736177][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  135.761211][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  135.774448][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  135.785564][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  135.794787][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  135.845494][ T5077] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.852724][ T5077] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.861068][ T5077] device bridge_slave_0 entered promiscuous mode
[  135.872343][ T5077] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.879761][ T5077] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.888591][ T5077] device bridge_slave_1 entered promiscuous mode
[  135.988253][ T5126] loop3: detected capacity change from 0 to 128
[  136.044728][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  136.083824][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  136.388741][ T4353] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  136.459124][ T5126] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  136.624063][ T5077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.674990][ T5126] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.738000][ T5077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.769293][ T4242] usb 2-1: USB disconnect, device number 3
[  136.886202][ T5077] team0: Port device team_slave_0 added
[  136.892319][ T4397] Bluetooth: hci4: command 0x041b tx timeout
[  136.920417][ T5126] fscrypt (loop3, inode 12): Can't use IV_INO_LBLK_32 policy with contents mode other than AES-256-XTS
[  136.935994][ T5077] team0: Port device team_slave_1 added
[  136.961967][    T7] Bluetooth: hci1: command 0x0419 tx timeout
[  137.043111][ T5077] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.050303][ T5077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.179597][ T5077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.239828][ T4842] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.293054][ T5077] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.302430][ T5077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.359376][ T5077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.426658][ T4842] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.490888][ T5020] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.520801][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  137.543482][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  137.614085][ T4842] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.683539][ T5077] device hsr_slave_0 entered promiscuous mode
[  137.700747][ T5077] device hsr_slave_1 entered promiscuous mode
[  137.723023][ T5077] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.738507][ T5077] Cannot create hsr debugfs directory
[  137.779075][ T4842] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.315573][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  138.332520][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  138.404100][ T5177] loop1: detected capacity change from 0 to 8192
[  138.438014][ T5177] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  138.473756][ T5077] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  138.515455][   T26] audit: type=1804 audit(1762096805.283:12): pid=5177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.273" name="/newroot/47/file0/file0" dev="loop1" ino=1048602 res=1 errno=0
[  138.618508][ T5190] fuse: Bad value for 'fd'
[  138.625536][ T5077] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  138.655795][ T5077] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  138.695611][ T5077] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  138.927973][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  138.949337][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  138.970961][    T7] Bluetooth: hci4: command 0x040f tx timeout
[  138.998343][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  139.024528][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  139.058740][ T5020] device veth0_vlan entered promiscuous mode
[  139.148141][ T5020] device veth1_vlan entered promiscuous mode
[  139.292416][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  139.312216][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  139.333813][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  139.389902][ T5214] loop3: detected capacity change from 0 to 4096
[  139.410163][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  139.426313][ T5020] device veth0_macvtap entered promiscuous mode
[  139.493684][ T5214] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback.
[  139.524306][ T5020] device veth1_macvtap entered promiscuous mode
[  139.545320][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.556337][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.567333][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.577999][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.613021][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.681680][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.741672][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.785327][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.819402][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.863932][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.904889][ T5020] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.938883][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  139.961245][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  140.003875][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.048367][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.080312][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.104592][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.149895][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.249457][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.259682][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.270872][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.282102][ T5020] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  140.299706][ T5020] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  140.332341][ T5020] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.339698][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  140.409069][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  140.444476][ T5077] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.532105][ T5236] netlink: 'syz.3.283': attribute type 1 has an invalid length.
[  140.540118][ T5236] netlink: 'syz.3.283': attribute type 2 has an invalid length.
[  140.577975][ T5020] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.602128][ T5020] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.621583][ T5020] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.340464][ T5020] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.401262][ T4397] Bluetooth: hci4: command 0x0419 tx timeout
[  141.455460][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  141.469186][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  141.496890][ T5077] 8021q: adding VLAN 0 to HW filter on device team0
[  141.536005][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  141.575940][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.726932][ T4399] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.734169][ T4399] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.742837][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  142.041963][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  142.058431][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  142.098708][ T4279] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.105860][ T4279] bridge0: port 2(bridge_slave_1) entered forwarding state
[  142.431872][ T4399] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.440117][ T4399] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.465190][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.523996][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  142.564590][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.590441][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  142.675149][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  142.728777][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  142.747270][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  142.765619][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  143.161587][ T5252] loop3: detected capacity change from 0 to 512
[  143.241106][ T5077] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  143.259763][ T5077] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  143.273109][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  143.288477][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  143.306901][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  143.337452][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  143.354449][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  143.369580][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  143.380833][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  143.390448][ T5249] loop1: detected capacity change from 0 to 8192
[  143.408686][ T4279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  143.445841][ T5252] EXT4-fs (loop3): Ignoring removed oldalloc option
[  143.476414][ T5252] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  143.612775][ T5252] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  143.712864][   T26] audit: type=1326 audit(1762096810.483:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5260 comm="syz.0.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ce3868fc9 code=0x7ffc0000
[  143.803636][   T26] audit: type=1326 audit(1762096810.483:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5260 comm="syz.0.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ce3868fc9 code=0x7ffc0000
[  143.826616][ T5252] EXT4-fs (loop3): 1 truncate cleaned up
[  143.833104][ T5252] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,oldalloc,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,max_dir_size_kb=0x0000000000001000,. Quota mode: none.
[  144.013878][   T26] audit: type=1326 audit(1762096810.513:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5260 comm="syz.0.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f4ce3868fc9 code=0x7ffc0000
[  144.104242][ T5251] ODEBUG: Out of memory. ODEBUG disabled
[  144.258278][   T26] audit: type=1326 audit(1762096810.513:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5260 comm="syz.0.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ce3868fc9 code=0x7ffc0000
[  144.332703][ T5282] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  144.393034][   T26] audit: type=1326 audit(1762096810.513:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5260 comm="syz.0.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ce3868fc9 code=0x7ffc0000
[  144.431590][   T26] audit: type=1326 audit(1762096810.513:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5260 comm="syz.0.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ce3868fc9 code=0x7ffc0000
[  144.490919][ T4242] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  144.780281][   T26] audit: type=1326 audit(1762096810.513:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5260 comm="syz.0.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ce3868fc9 code=0x7ffc0000
[  144.893713][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  145.089805][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  145.218453][ T5077] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.231606][   T26] audit: type=1326 audit(1762096810.513:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5260 comm="syz.0.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ce3868fc9 code=0x7ffc0000
[  145.371633][ T4242] usb 2-1: Using ep0 maxpacket: 16
[  145.501816][ T4397] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  145.621662][ T4242] usb 2-1: config 0 has an invalid interface number: 48 but max is 0
[  145.629803][ T4242] usb 2-1: config 0 has no interface number 0
[  145.636034][ T4242] usb 2-1: config 0 interface 48 has no altsetting 0
[  145.688392][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  145.696201][ T5293] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  145.731975][ T5293] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  145.821772][ T4242] usb 2-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[  145.830862][ T4242] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.884838][ T4242] usb 2-1: Product: syz
[  145.889071][ T4242] usb 2-1: Manufacturer: syz
[  145.914508][ T4242] usb 2-1: SerialNumber: syz
[  145.958844][ T4242] usb 2-1: config 0 descriptor??
[  145.992076][ T4394] Bluetooth: hci4: command 0x0405 tx timeout
[  145.998338][ T4397] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  146.023231][ T4397] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  146.045247][ T4397] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  146.107829][ T4842] device hsr_slave_0 left promiscuous mode
[  146.122385][ T4842] device hsr_slave_1 left promiscuous mode
[  146.131377][ T4842] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  146.165702][ T4842] batman_adv: batadv0: Removing interface: batadv_slave_0
[  146.175105][ T4842] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  146.183008][ T4842] batman_adv: batadv0: Removing interface: batadv_slave_1
[  146.190837][ T4842] device bridge_slave_1 left promiscuous mode
[  146.199104][ T4842] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.463588][ T4199] Bluetooth: hci0: Unknown advertising packet type: 0xd49b
[  146.463664][ T4199] Bluetooth: hci0: Unknown advertising packet type: 0x1bb5
[  146.471249][ T4199] Bluetooth: hci0: Unknown advertising packet type: 0xffc0
[  146.478675][ T4199] Bluetooth: hci0: Unknown advertising packet type: 0xff80
[  146.486851][ T4199] Bluetooth: hci0: Unknown advertising packet type: 0xffc0
[  146.494440][ T4199] ==================================================================
[  146.510128][ T4199] BUG: KASAN: slab-out-of-bounds in hci_le_meta_evt+0x12db/0x3b80
[  146.517978][ T4199] Read of size 1 at addr ffff88807aba4401 by task kworker/u5:8/4199
[  146.525981][ T4199] 
[  146.528321][ T4199] CPU: 1 PID: 4199 Comm: kworker/u5:8 Not tainted syzkaller #0
[  146.535889][ T4199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  146.545965][ T4199] Workqueue: hci0 hci_rx_work
[  146.550676][ T4199] Call Trace:
[  146.553975][ T4199]  <TASK>
[  146.556932][ T4199]  dump_stack_lvl+0x168/0x230
[  146.561644][ T4199]  ? show_regs_print_info+0x20/0x20
[  146.566879][ T4199]  ? load_image+0x3b0/0x3b0
[  146.571412][ T4199]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[  146.576821][ T4199]  print_address_description+0x60/0x2d0
[  146.582389][ T4199]  ? hci_le_meta_evt+0x12db/0x3b80
[  146.587521][ T4199]  kasan_report+0xdf/0x130
[  146.591962][ T4199]  ? hci_le_meta_evt+0x12db/0x3b80
[  146.597365][ T4199]  hci_le_meta_evt+0x12db/0x3b80
[  146.602332][ T4199]  ? hci_event_packet+0x2a0/0x12f0
[  146.607482][ T4199]  ? hci_remote_host_features_evt+0x280/0x280
[  146.613569][ T4199]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  146.619315][ T4199]  ? mark_lock+0x94/0x320
[  146.623675][ T4199]  ? mutex_unlock+0x10/0x10
[  146.628204][ T4199]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  146.634297][ T4199]  ? lock_chain_count+0x20/0x20
[  146.639180][ T4199]  ? __rwlock_init+0x140/0x140
[  146.643967][ T4199]  hci_event_packet+0xe05/0x12f0
[  146.648932][ T4199]  ? lockdep_hardirqs_on+0x94/0x140
[  146.654174][ T4199]  ? rcu_lock_release+0x20/0x20
[  146.659060][ T4199]  ? hci_send_to_monitor+0x9c/0x4a0
[  146.664369][ T4199]  hci_rx_work+0x255/0xa10
[  146.668832][ T4199]  process_one_work+0x863/0x1000
[  146.673894][ T4199]  ? worker_detach_from_pool+0x240/0x240
[  146.679552][ T4199]  ? lockdep_hardirqs_off+0x70/0x100
[  146.684870][ T4199]  ? _raw_spin_lock_irq+0xab/0xe0
[  146.689914][ T4199]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  146.695306][ T4199]  ? wq_worker_running+0x97/0x170
[  146.700360][ T4199]  worker_thread+0xaa8/0x12a0
[  146.705060][ T4199]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  146.710971][ T4199]  ? lockdep_hardirqs_on+0x94/0x140
[  146.716195][ T4199]  ? lockdep_hardirqs_on+0x94/0x140
[  146.721593][ T4199]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  146.727530][ T4199]  kthread+0x436/0x520
[  146.731623][ T4199]  ? rcu_lock_release+0x20/0x20
[  146.736492][ T4199]  ? kthread_blkcg+0xd0/0xd0
[  146.741102][ T4199]  ret_from_fork+0x1f/0x30
[  146.745560][ T4199]  </TASK>
[  146.748595][ T4199] 
[  146.750930][ T4199] Allocated by task 5273:
[  146.755268][ T4199]  __kasan_kmalloc+0xb5/0xf0
[  146.759890][ T4199]  __alloc_skb+0x22c/0x750
[  146.764330][ T4199]  vhci_write+0xbc/0x450
[  146.768596][ T4199]  vfs_write+0x712/0xd00
[  146.772859][ T4199]  ksys_write+0x14d/0x250
[  146.777212][ T4199]  do_syscall_64+0x4c/0xa0
[  146.781648][ T4199]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  146.787557][ T4199] 
[  146.789892][ T4199] Last potentially related work creation:
[  146.795623][ T4199]  kasan_save_stack+0x35/0x60
[  146.800326][ T4199]  kasan_record_aux_stack+0xb8/0x100
[  146.805636][ T4199]  call_rcu+0x182/0x930
[  146.810031][ T4199]  process_one_work+0x863/0x1000
[  146.815091][ T4199]  worker_thread+0xaa8/0x12a0
[  146.817819][ T4397] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  146.819797][ T4199]  kthread+0x436/0x520
[  146.829500][ T4397] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.832994][ T4199]  ret_from_fork+0x1f/0x30
[  146.833020][ T4199] 
[  146.833026][ T4199] The buggy address belongs to the object at ffff88807aba4000
[  146.833026][ T4199]  which belongs to the cache kmalloc-1k of size 1024
[  146.841011][ T4397] usb 6-1: Product: syz
[  146.845427][ T4199] The buggy address is located 1 bytes to the right of
[  146.845427][ T4199]  1024-byte region [ffff88807aba4000, ffff88807aba4400)
[  146.845449][ T4199] The buggy address belongs to the page:
[  146.845476][ T4199] page:ffffea0001eae800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7aba0
[  146.847818][ T4397] usb 6-1: Manufacturer: syz
[  146.862083][ T4199] head:ffffea0001eae800 order:3 compound_mapcount:0 compound_pincount:0
[  146.862109][ T4199] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  146.862138][ T4199] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888016841dc0
[  146.862156][ T4199] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  146.862167][ T4199] page dumped because: kasan: bad access detected
[  146.862187][ T4199] page_owner tracks the page as allocated
[  146.862194][ T4199] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4172, ts 61278582961, free_ts 61137395822
[  146.862224][ T4199]  get_page_from_freelist+0x1b77/0x1c60
[  146.862250][ T4199]  __alloc_pages+0x1e1/0x470
[  146.862269][ T4199]  new_slab+0xc0/0x4b0
[  146.862286][ T4199]  ___slab_alloc+0x81e/0xdf0
[  146.862302][ T4199]  __kmalloc+0x1cd/0x330
[  146.862318][ T4199]  __register_sysctl_table+0xe0/0x1230
[  146.862338][ T4199]  neigh_sysctl_register+0x9a1/0xa80
[  146.862357][ T4199]  addrconf_sysctl_register+0xac/0x1b0
[  146.898383][ T4397] usb 6-1: SerialNumber: syz
[  146.901274][ T4199]  ipv6_add_dev+0xbf3/0x1190
[  147.007908][ T4290] usb 2-1: USB disconnect, device number 4
[  147.009887][ T4199]  addrconf_notify+0x66f/0xf00
[  147.009914][ T4199]  raw_notifier_call_chain+0xcb/0x160
[  147.030493][ T4199]  register_netdevice+0x1275/0x16b0
[  147.035727][ T4199]  lowpan_newlink+0x386/0x600
[  147.040439][ T4199]  rtnl_newlink+0x114c/0x17d0
[  147.045152][ T4199]  rtnetlink_rcv_msg+0x7ff/0xe90
[  147.050117][ T4199]  netlink_rcv_skb+0x1e0/0x430
[  147.054908][ T4199] page last free stack trace:
[  147.059599][ T4199]  free_unref_page_prepare+0x637/0x6c0
[  147.063299][ T4397] cdc_ncm 6-1:1.0: CDC Union missing and no IAD found
[  147.065266][ T4199]  free_unref_page+0x94/0x280
[  147.076922][ T4199]  qlist_free_all+0x35/0x90
[  147.081461][ T4199]  kasan_quarantine_reduce+0x150/0x160
[  147.086948][ T4199]  __kasan_slab_alloc+0x2f/0xd0
[  147.089494][ T4397] cdc_ncm 6-1:1.0: bind() failure
[  147.091814][ T4199]  slab_post_alloc_hook+0x4c/0x380
[  147.091835][ T4199]  __kmalloc+0x127/0x330
[  147.091850][ T4199]  tomoyo_realpath_from_path+0x118/0x610
[  147.091874][ T4199]  tomoyo_path_perm+0x1cd/0x510
[  147.116775][ T4199]  tomoyo_sb_umount+0x99/0xd0
[  147.121479][ T4199]  security_sb_umount+0x65/0x90
[  147.126354][ T4199]  path_umount+0x40c/0xfc0
[  147.130811][ T4199]  __x64_sys_umount+0x125/0x160
[  147.135695][ T4199]  do_syscall_64+0x4c/0xa0
[  147.140144][ T4199]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  147.146079][ T4199] 
[  147.148419][ T4199] Memory state around the buggy address:
[  147.154062][ T4199]  ffff88807aba4300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  147.162148][ T4199]  ffff88807aba4380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  147.170242][ T4199] >ffff88807aba4400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  147.178319][ T4199]                    ^
[  147.182410][ T4199]  ffff88807aba4480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  147.190491][ T4199]  ffff88807aba4500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  147.198568][ T4199] ==================================================================
[  147.206647][ T4199] Disabling lock debugging due to kernel taint
[  147.215114][ T4842] device bridge_slave_0 left promiscuous mode
[  147.221323][ T4842] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.278109][ T4199] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  147.285356][ T4199] CPU: 0 PID: 4199 Comm: kworker/u5:8 Tainted: G    B             syzkaller #0
[  147.294316][ T4199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  147.304393][ T4199] Workqueue: hci0 hci_rx_work
[  147.309109][ T4199] Call Trace:
[  147.312432][ T4199]  <TASK>
[  147.315381][ T4199]  dump_stack_lvl+0x168/0x230
[  147.320087][ T4199]  ? show_regs_print_info+0x20/0x20
[  147.325324][ T4199]  ? load_image+0x3b0/0x3b0
[  147.329858][ T4199]  panic+0x2c9/0x7f0
[  147.333783][ T4199]  ? bpf_jit_dump+0xd0/0xd0
[  147.338315][ T4199]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[  147.344237][ T4199]  ? _raw_spin_unlock+0x40/0x40
[  147.349112][ T4199]  ? hci_le_meta_evt+0x12db/0x3b80
[  147.354249][ T4199]  check_panic_on_warn+0x80/0xa0
[  147.359216][ T4199]  ? hci_le_meta_evt+0x12db/0x3b80
[  147.364351][ T4199]  end_report+0x6d/0xf0
[  147.368531][ T4199]  kasan_report+0x102/0x130
[  147.373249][ T4199]  ? hci_le_meta_evt+0x12db/0x3b80
[  147.378384][ T4199]  hci_le_meta_evt+0x12db/0x3b80
[  147.383341][ T4199]  ? hci_event_packet+0x2a0/0x12f0
[  147.388578][ T4199]  ? hci_remote_host_features_evt+0x280/0x280
[  147.394669][ T4199]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  147.400324][ T4199]  ? mark_lock+0x94/0x320
[  147.404675][ T4199]  ? mutex_unlock+0x10/0x10
[  147.409203][ T4199]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  147.415238][ T4199]  ? lock_chain_count+0x20/0x20
[  147.420111][ T4199]  ? __rwlock_init+0x140/0x140
[  147.424909][ T4199]  hci_event_packet+0xe05/0x12f0
[  147.429875][ T4199]  ? lockdep_hardirqs_on+0x94/0x140
[  147.435103][ T4199]  ? rcu_lock_release+0x20/0x20
[  147.439984][ T4199]  ? hci_send_to_monitor+0x9c/0x4a0
[  147.445294][ T4199]  hci_rx_work+0x255/0xa10
[  147.449915][ T4199]  process_one_work+0x863/0x1000
[  147.454883][ T4199]  ? worker_detach_from_pool+0x240/0x240
[  147.460539][ T4199]  ? lockdep_hardirqs_off+0x70/0x100
[  147.465854][ T4199]  ? _raw_spin_lock_irq+0xab/0xe0
[  147.470903][ T4199]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  147.476303][ T4199]  ? wq_worker_running+0x97/0x170
[  147.481355][ T4199]  worker_thread+0xaa8/0x12a0
[  147.486053][ T4199]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  147.491971][ T4199]  ? lockdep_hardirqs_on+0x94/0x140
[  147.497194][ T4199]  ? lockdep_hardirqs_on+0x94/0x140
[  147.502423][ T4199]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  147.508359][ T4199]  kthread+0x436/0x520
[  147.512456][ T4199]  ? rcu_lock_release+0x20/0x20
[  147.517327][ T4199]  ? kthread_blkcg+0xd0/0xd0
[  147.521934][ T4199]  ret_from_fork+0x1f/0x30
[  147.526386][ T4199]  </TASK>
[  147.529673][ T4199] Kernel Offset: disabled
[  147.534011][ T4199] Rebooting in 86400 seconds..