last executing test programs:

7m39.226465672s ago: executing program 0 (id=256):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7m39.096884535s ago: executing program 0 (id=259):
r0 = socket(0x11, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x9c, 0x24, 0xf0b, 0x0, 0x1000000, {0x0, 0x0, 0x12, r1, {0x0, 0x300}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x6c, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4], [0x0, 0x0, 0x0, 0x0, 0xd645, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffff]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4, 0x3f}]}]}}]}, 0x9c}, 0x1, 0x7a00}, 0x4000000)

7m39.046319235s ago: executing program 0 (id=261):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000001540)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x173b2a7e, @remote, 0x19}, 0x1c, 0x0, 0x0, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000800000000000000040000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5121b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a0100000000000000e28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c251112e2a59ea0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe91bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6c597eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e64103602000000db47d7990d5a007faccb2f86660079f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab2127cd472a2e4a7f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d8418351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000100)="cbeb2de5d0d3138387396891e9", 0xd}], 0x1}}], 0x2, 0x28048005)
writev(r0, &(0x7f00000037c0)=[{&(0x7f00000036c0)="7d29dbe640bf9136", 0x8}], 0x1)

7m38.976585067s ago: executing program 0 (id=262):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000740)='./file0\x00', 0x800, &(0x7f0000000080)={[{@rodir}, {@numtail}, {@shortname_winnt}, {@uni_xlate}, {@uni_xlate}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@shortname_mixed}, {@shortname_win95}, {@uni_xlateno}, {@uni_xlate}]}, 0x5, 0x271, &(0x7f0000000780)="$eJzs3T1rW1cYB/BHtlzJhiINBdNS6C1dOgnbpbtMcaFU0NKioZ1iYpkEyzHYYEgG25vJd0i+QjJmDWQIWfMFQiA4gSxxJg8BBeX6RXIkxUpyo7z8fosfzn3+nHPky7148NG571dXltY2lvf396JYzEW+GtU4yEU5xmI8UjsBAHxODlqteNZKnS2Ry3pJAEDGhn//AwCfukHv/9zO8djfH35lAEBW3unv/7FMlgQAZOzf//7/c75WW/gnSYoRq7ub9c16+jO9Pr8cF6MZjZiJUryIaB1L69//qC3MJG2Py1Fc3R5L89ub9fHu/GyUotw7P5ukot7OHeUnYuow/2AqGjEXpfimd36uZ/6r+PmnjvkrUYr752MtmrEU7WyaL0TE1myS/PZX7VS+8KoPAAAAAAAAAAAAAAAAAAAAAACyUEmOlbvPv0nP76lU+l1P853nA00OOh+otX3qfJ18fJcf7d4BAAAAAAAAAAAAAAAAAADgY7Fx+crKYrPZWB9UXLp3485eIQ28sXlwkTucd7jU7sCeybPt4lTx9Y+PrvW6VIjCsJ/P2xUTEdE5khxOefuHDCd9X8XdvQvf/rIx/Wu/nsh3jlxtb7Wrp8+NlM/qA39aiujbUxz6huwsbh4V1eev9RzdSo31yVH/4qavVxdvbT18ctbUgIdGazyLRxEAAAAAAAAAAAAAAAAAAHzxTv7pd9QrAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDROfn+/2GLQnSNFPs274x6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DIAAP//soOVJg==")
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

7m38.884671157s ago: executing program 0 (id=265):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000180)={[{@test_dummy_encryption}, {@init_itable_val}, {@minixdf}, {@jqfmt_vfsv1}, {@prjquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100}}, {@barrier_val={'barrier', 0x3d, 0xb}}, {@errors_remount}, {@auto_da_alloc}, {@test_dummy_encryption}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0xdf, 0x475, &(0x7f0000000780)="$eJzs289vFFUcAPDvTLeAgGxFREGQKpo0/mhpQeVgYjSaeNDERA94rG0hyEINrYmQRqsxeDQk3o1HE/8CT56MejLxikcTQ0KUmIheXDO7M6VddssubNna/XySoe/NvHk/dubNvn2PCaBvDWf/JBHbI+JSRJTr0ZUJhut/rl1dmPr76sJUEtXqG78ntXR/XV2YquaK87bleY6kEeknSV5IDC7Pdu7c+VOTlcrM2Tw+Nn/63bG5c+efOnl68sTMiZkzE0ePHjk8/uwzE083qfWvFztq5ED+d+8Hs/v2vPLWxdemjl18+4evs/ru3l8/lLWjozzbMJw1/I/6Z9N47LFuF9Zj/1avtzMp9bo2tCvrGqW8c16KcgzE9YtXjpc/7mnlgDWVPbM3tz68WAU2sCR6XQOgN4ov+uz3b7HdoaHHunDlhfoPoKzd1/KtfqQUaZ5mcA3LH46IY4v/fJFt0TAPUW0ybwAAcLu+zcY/TzYb/6Wxe1m6Hfna0FBE3BMROyPi3ojYFRH3RdTS3h8RD3RY/nBD/MbxZ3r5lhrWpmz891y+trVy/FeM/mJoII/dXWv/YHL8ZGXmUP6ZjMTg5iw+3izzIouXfv6sVfnLx3/ZlpVfjAXzTC6X6hN0W4o905Pzk90alF75KGJvqVn7k6WVgCQi9kTE3s6y3lEETj7+1b5WiW7e/lV0YZ2p+mWRycJiNLS/kKy+Pjm2JSozh8aKu+JGP/504fVW5d9W+7sgu/5bV97/DSnKfybL12vnlg48324ZF375tOVvylL79/+S7P7flLxZW7PelO97f3J+/ux4xKbk1Vp8xf6J6+cW8SJ91v6Rg837/878nKz9D0ZEdhPvj4iHIuJAfu0ejohHIuLgKu3//sVH32l1bD1c/+mmz7+l+39o5fXvPDBw6rtvWpXf3vPvSC00ku+pPf9uonV1isdotufY3K1+bgAAAPB/kkbE9kjS0aVwmo6O1v8P/67YmlZm5+afOD773pnp+jsCQzGYFjNd5WXzoePJYp5jPT6RzxUXxw/n88afD9xVi49OzVame9x26HfbWvT/zG8Dva4dsOa8rwX9q7H/pz2qB3Dn+f6H/qX/Q/+6of97IEDfaNbdP2yIWwuAjaha7vgUE4SwYRjuQ//S/6F/6f/Ql27nvf61CpRWeXtfoMeBrRFRC0S6LuqzbgIH1lFvKnWhd/f4wQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAl/wUAAP//xgL2dQ==")

7m38.695207982s ago: executing program 0 (id=270):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000280)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0xa, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}, 0x10000000, 0x0, 0x0, 0x1, 0x1}, [@XFRMA_IF_ID={0x8, 0x1f, 0x3}]}, 0xc0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002300)=ANY=[@ANYBLOB="b8000000150001ee"], 0xb8}}, 0x0)

7m38.505505623s ago: executing program 32 (id=270):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000280)=@updpolicy={0xc0, 0x19, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@loopback, 0x0, 0x0, 0x4e23, 0x0, 0xa, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}, 0x10000000, 0x0, 0x0, 0x1, 0x1}, [@XFRMA_IF_ID={0x8, 0x1f, 0x3}]}, 0xc0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002300)=ANY=[@ANYBLOB="b8000000150001ee"], 0xb8}}, 0x0)

7m8.273332677s ago: executing program 1 (id=650):
msgrcv(0x0, 0x0, 0x1f, 0x3, 0x5000)

7m8.27315378s ago: executing program 1 (id=651):
rseq(0x0, 0x0, 0x4, 0x0)

7m8.213613394s ago: executing program 1 (id=653):
r0 = io_uring_setup(0x3e45, &(0x7f00000001c0))
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
close_range(r0, 0xffffffffffffffff, 0x0)

7m6.971687215s ago: executing program 1 (id=667):
r0 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac141411e0000001000000002400000000000000000000000700000044140771"], 0x48}, 0x200040c4)

7m6.97151814s ago: executing program 1 (id=668):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
setpgid(0x0, r0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)

7m6.779427356s ago: executing program 1 (id=669):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0xfea5, 0x200000000004}])

6m51.546392298s ago: executing program 33 (id=669):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0xfea5, 0x200000000004}])

5m34.564694447s ago: executing program 2 (id=1726):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.empty_time\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100"})

5m34.564221859s ago: executing program 2 (id=1728):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x200, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x300, 0x2, 0x1, 0x0, 0x6, 0x8}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6d1cb49ada2c127b, 0x59032, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e21, 0xaf4, @private0}, 0x1c)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)

5m33.282235971s ago: executing program 2 (id=1731):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x10, 0x0, "66db"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}]}, 0x80}, 0x1, 0x7}, 0x0)

5m32.832413267s ago: executing program 2 (id=1736):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)

5m32.620048504s ago: executing program 2 (id=1737):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x3800052, &(0x7f0000000600)=ANY=[], 0x1, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
chdir(&(0x7f00000001c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x141842, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000140)='./bus\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./control\x00', 0xc4242, 0x5c)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)

5m32.188268556s ago: executing program 2 (id=1738):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002680)={&(0x7f0000002640)=ANY=[@ANYBLOB="14000000380001002cbd7000ffdbdf250f"], 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0xc804)

5m31.899409302s ago: executing program 34 (id=1738):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002680)={&(0x7f0000002640)=ANY=[@ANYBLOB="14000000380001002cbd7000ffdbdf250f"], 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0xc804)

4m15.593042137s ago: executing program 5 (id=2700):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
socket$key(0xf, 0x3, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)

4m14.600914941s ago: executing program 5 (id=2714):
syz_mount_image$cramfs(&(0x7f00000001c0), &(0x7f00000000c0)='./file2\x00', 0x490, &(0x7f0000000140)=ANY=[], 0x1, 0x15c, &(0x7f0000000380)="$eJzsz71rGnEcx/H3zzu1D1qFWigd2kKHHhXreWK3IloqFWoPWlw6lIJeaYvWolDc+gBuHfoH3NAH6CQOIWOGxGQxUQjJ33GQIZDxws+7EFwz/17Lce/78oF7+nhhkPY1Qk963c99ZzBw2ndf2o3aq7X1jWuyx4FLwAjoy+t2cL9ZgffyqYP3PcjbSXj3oeM8bPU68t2rgAFUr8oeLScIbq/IlgluC2EzfJjeCJp11u6dt2LYbulQTQXNBPw/cB+ICPDCvWNg6GYn490X81k99+D/G41RPXvnuljtt52fVs3/ChpNZ+ev/E2G7mF+ltvPT8YHi3njud2wF0XLelQ0C6ZZitt783rp2y/0Z4kv8DrYi/CR5V4sBjThhwBXwFjI8SU/Nf19YndT8Qxw9CkNYqh7WyIJTC8DK1/c1tub0X/lTDqCZiBQFEVRFEVRFEVRlAs6DQAA///0NWXd")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000540)=""/239, 0xef)

4m14.527629954s ago: executing program 5 (id=2716):
r0 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x91c6b000)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_open_dev$evdev(&(0x7f0000002f80), 0x3, 0x484000)
syz_open_dev$loop(&(0x7f0000001580), 0x7, 0x30400)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000000000/0x800000)=nil, 0x800000})

4m14.341519814s ago: executing program 5 (id=2720):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

4m13.850158421s ago: executing program 5 (id=2721):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801"], 0x0}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000), 0x5f)

4m13.631292111s ago: executing program 5 (id=2725):
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setresuid(0x0, 0xee00, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x10000000)

4m13.40297435s ago: executing program 35 (id=2725):
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setresuid(0x0, 0xee00, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x10000000)

1.142386048s ago: executing program 6 (id=6631):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
getsockopt$llc_int(r0, 0x10c, 0x3, 0x0, &(0x7f0000000080)=0x4)

1.092964875s ago: executing program 6 (id=6633):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000540)={0x4, &(0x7f0000000580)=[{0x45, 0x2}, {0x7, 0x20, 0xf1}, {0x24}, {0x6, 0x1}]})

979.396697ms ago: executing program 6 (id=6635):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x20)
fcntl$setstatus(r0, 0x4, 0x40000)

932.99607ms ago: executing program 6 (id=6640):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x5, 0x3, "e4"}, @NFTA_MATCH_NAME={0xb, 0x1, 'socket\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x88}, 0x1, 0x0, 0x0, 0x24044800}, 0x0)

869.075179ms ago: executing program 6 (id=6643):
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201100153a42908f00a71729188010203010902240001060000000904020002ffffff0009050b"], 0x0)

721.437659ms ago: executing program 4 (id=6649):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff1d6405000000000065040400210000000404000001e37c60b7040000000000006a0a00fe000000008500000032000000b70000000000000095000000000000000ce0de7621e5e832249c04112cf7af2b75d0d1f034b1b3fb6bd3ce8fa62c7941272ff49142d860010ab162aa2264ab67e55a00000000000000edfe0969a9ddc125b686a1e83c8790c893d713b3295dad0ea697181d1e85b64126b5d72f204754d1d4a93f24215dee354e93cfc3f50ff23f8432c72012f021c84c59a9d4c142f439d3040cfee621589fb3a2f1407c7cbed48e7026f8d52d4bca2608c79aa4a73732028f88ce07ed1075da4a2ef44e3d8b88873f0b1de87dfb6d15936ec0a27cb554def9e27396df6b7851ffa26237ea6730880f06371beb3b290b7d8629a6f0373fefa0acb60888fc14ad2b83ca03ac2aee792482ced58af4140cc4ce3efef26e00c5b2200a91cb80c6065a697d6fc8aa8b65aee0783b04cff0218ce82c9687b4474da89c474c23727555fc5e5f8ad0f2f7a261140440fce1f12cc6df312accd011d888384283092d987c40bbb46f68c2431b97906f00000000349834fa147bd5923bbd4e606708034931a8f1a89bdf77093a0000427aab8e21e1a33d3fe093547532fce6549dd648ad233e05a7b3ea178007c1c32e871ac81f287c4aabbd153390b16d1d41ee433e3aee000000000009e106d6b5289f0000000000000000000000f7bc9f46cb71f6b889d37807865e3b4e9916dd0f72c9d58ea333b90f8886dcbf5ddda0e42ca08e3303632401f2f5212b40c0e88c957fd767dbfc80b07ad668b4f6f92fb209d7c2dbac597843c8eb7bf92fe6d0bb0b72549795c2ed19e441eb69869844152ba9da0588e42cdbc5fcd245ce5e3ef0dca64931276702a312db7956f0a75eb9caa17d47a6331c7c963cbf86a845ce27c26b7136d3e7207318b1df7a6320c64f18ccd926eaeddcde8d5006d6c38db117fb1115221a66169172720ccca770bff37e59511b2606138377eda44b2f288b491ab8aae0e11a98303b0e407e0f9d21f4a3ebbd3fabf6da9a1a1f869a339fab465d8322b7280b0734fd115a19b33c8644fff71b3c62f2e1b827e2663e06a751182e968c8ab05fb1d0115d4b11d944f2c06acc023a02b7416a9a10218d21503cda13bb5df6c992e52e1c01793b728eac000058ab3b3900d279297dadc127e2f38fc60c23af2e1fefa5a83456647191ba1953d320f59aa261fe79613df6bf43884e9649691e32680d75a541c27ffe74f9d13340f2cf1c7dc2b7db01213216cd4ecfd30efe137641471987289b7e23482e026b26eacd1b97443e2ea2d1d6e31a01ee0ae7fa195a2152b2338b086423a3883f2ce3e2f84e04f4d52c985eac4b46336908599564b47db0e6aa97ee51a360f4382fd99745725d44c77d097f69d19fe86f71c38a0226d44ebe0ecbd959f14b540745cd03b8c9f02b825ba45ca85706c73115f70871db9d2a1bc2a517b39f9648123917a5db07ba4e27f961373767e1ea8f7cc558e483abef1a9923c5cfa2081e430680950b7d7c377726b557ad31fdee17ba7057741f39d29d8ab295222f96297a777bb235416e72c84afef2bdb08fb375147b028b89f15af45bc8976b91158c13c9876daa71e7db0f5a17376be39ea79ce1246c547c740e31c64e5d293e0e5a544dd166010061d6ccae46c173b8e11721e4bce22c16af00000021f80ac6c3971006db853e3c40a5417d6eac09eb0e01ac6bd4c6dacdcb1d6d2ef9c8bdea91c984022821e961236d08f8b9072ec6cb5d5a68833fd5b4e80a5ac2bc6ff323f5ce612b59ce8177956c1affcc8baf4c8b59ab959aff9a7bd81f7c7c1f1bb92ddbeed6bce8041c7f0c1c584e6ae027678ce3cfbfea938aecc3c5119c5875b7fb35dc20f5c7aaae1e276104f607a73fe501c1045873a2b1eb80e95c87f099d98028dc82bdc7ef08c871fb3061c3c5ebd613e6e5e8cf099bb6e8c0441a133c85138b36a02c47fbedf7ed1d3ce74c9ec2c676c0b2d4b5eca61dbf5769b483c2a9f6bec666dae4e81960e9bad7f17cfc3d5bcc7b7f437110ca8ffa908c12086b2227eb202a8d56e0925ba994b05c98c39de44d25932449ddf08e5377814a40877eab4440ca01b3f50d2014a61a7d32105254b424238122386424efa3a7041254f686a5faac120942287f75e8e3db569ce47b120059d774a37e11d013be50cd2cbb00f6d2a23af61ec7d30bb7dc33a92f900b6ff1d29dc61cc40b846040dbafd00c6bcfbcf700"/1664], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffffe}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x702, 0xe, 0x0, &(0x7f0000000e00)="ffffff005a1f33f29db5123986dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

662.611845ms ago: executing program 4 (id=6650):
r0 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001a77aa4094225b4210a20102030109022400010000000009040000029233500009050602ff030000000905ba3e79"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="40010400000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000040)='./file2\x00', 0x2000c6, &(0x7f0000001340)=ANY=[], 0x1, 0xac5, &(0x7f00000001c0)="$eJzs3V2MXFUBAOBzZ3e2f1s7xVa2tEARDfjDLltaBSu0hCZqTGoTH0zAl6aU2nSpxhIihIRCojExBBJCn3woxhdfIGoM8GIqD4aYQIzRkPiExNcaSXwgRhizs+fMzp7O9M5sd3dmdr4vOXvm3nPvPefO3rlz597zE4CRVWn83b9/YwjhpTdePHLjy289Pz/nUHOJWuPveMtUNYRQxOnxbHvvjS3EH33w1Il2cRH2Nf6m6XD0cnPdLSGE82FvuBRq4bmHLoy/+9rRd14JZx4/duTt11dn7xcVq50BAAAMgGOXDu7f+Y8/797+31dvOhw2NOen6/NanJ6M1/2H44Vyul6uhKXTRUtoNZEtNx5DJVturM1yrflUs+XGO+Q/kW232mG5DSX5j7XMa7ffMMzScVwLRWV6yXSlMj298Js8NH7XTxTTZ0/PPXKuTwUFVtx/bg4h7BVGM+y+pf9lEPoZ6tv6fQYCWJA/L7zC+ZV9Utfc2nh3+V++v9J+/RbVFS0ho+BnP971rdCH4z8n/8HO/5fPqKnAylmHR9Nft7bsV/ocTcbp/DlCXn+p189/2l7+PKLba4BOzxGG5flCp3KOrXE5lqtT+fPjYr26N8bpfbgvS4+fg8bjtPx/Oiz/Y6C9D4fl/n8YgDIIwlXCrqL/Zeg11Pt8/gEGV15vrh6l9LxeX56+oSR9Y0n6ppL0zSXpoct0GEW/fez58EKxeL8r/03f6/2wyWwTn+ixPPn9yF7zz+v9dq+6Ivnn9YlhoG3544W7H37wLwv1/4vm8f9xPN73xula/Gxdiguk+4X5ffVm3f/a0mwqHZa7LivO1jbLN17vWLpcsWNxO6HlPHNFOabSGgt3dLd1Wm7P0u3XsuU2xbAxK29+fbI5Wy/Vn04nxcklpVnc32rLfvx76+J5LJUjnVe2xzgvByxHOh6X1v+fP/oa9f+bj7GmQrV45PTcyTvjdPq8vTVW3TA/f3atCw5cs27b/0yFpe1/Jpvzq5XW88K2xflF63mhls3f12H+XXE6fc99b2xTY/70ie/PPbyk5PGH/NMr8z7AKDr3xJNnjs/Nnfzhar6Yz2iVs1iHL8L5EAagGMt9kY6wQSmPF928SP+143P9OiMBa2XmsUd/MHPuiSfvOP3o8VMnT508O3tg9u57DszOfumemcZ1/Uzr1f16rC4Mo2vx27/fJQEAAAAAAAAAAAC6der9mYt/e/PLf19o/7/Y/i+1/081f1P7/59m7f+zZv7NCsKpHWBqx3dFe/usg9WJbLlqDJ/Mtr8jy2dntt6nYtwcxy+2/0/Z5f26pvJcn83P++9Ny01l8/P+UiayPkiK8JPNreX7dIyf/d9CF0S/CNBHxab2s2Nc1r91OtZT/xT6pRhO6f+WjobUj8mWeCik9t6pv5LU/0M6/29fm2KywtaiXWG/9xFo71/D0v/3ckK6iOl3OQRhQEO9bhQPYDD0e/zPdN8zxWd//42N8yEtdvn+pefLvP9SuBaDPv7kesv/mT7nn+ti/M8VHV64Of5d1+e/bMS8/AFQlw4++81/tmQbbug2/3z809QP9I7e8v9qzD/tzW2hu/zrL2f55w+EunRvlv/mLvO/Yv/3LC//+2L+6W27/dZu818ocVFZWo78vnF6/pfuG38ny/9Qtv+pb8+e93+ZAzUejvnDKBuWcWZ7NSzj/3aS18M4EKfTiTDVc8jHO+m1/Kl+Rfoe2Jltvyj5frvq+L9D8DC4TfnrT9frPx+VcVy+EuOyz8Nk/J+m47HWZrrSMl1t896u13MNDKv31uHzv8Y5bADKIaxA2DQAZbj2sPC12jovfRlebb0/rH7Z6vV6X/v01aFwf/X7/e/30+d+59/v979MPv5vfg2fj/+bp+fj/347S8/H/83Xz8fXy9Pz8X/z93NL+/TmL9Prs+3m4wNPlaTvKkm/oSR9d0n6npL0G0vSbylJv6kk/eaS9OtK0m8NXw+t8vTPlKz/2c7pH7Yu2mn920u2/7mS9PUutUcZ1f2HUZa3z/P5h9GRnv90+vzvKEkHhteFV2cfePA3360ttP+faN4PSc/xDsfpavzt/KM4nT/3Di3T82lvxun3s/RBv98BoyTvPyP/fr+tJB0YXqmel883jKCifSXN/Hlbs9+qGKd+qzpd5zNcPh/jL8T4izG+I8bTMZ6J8WyM961R+VgdD/z6dwdfKBZ/72/L0rutT563B8r7ibqry/Lk9wd6rc+e9+PXq2vNf5nNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPqm0vi7f/9UEcJLb7x45OKfvvar+TmHmkvUGn/HW6aqzfVCuDPGYzG+GF989MFTJ1rjj2NchH2hCEVzfjh6uZnTlhDC+bA3XAq18NxDF8bffe3oO6+EM48fO/L266v3DiwoVjsDAAAA6KP/BwAA//8LwBbF")
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000300)={0x1c, &(0x7f0000000740)=ANY=[@ANYBLOB="40101a000000"], 0x0, 0x0})

330.323495ms ago: executing program 6 (id=6653):
syz_usb_connect(0x2, 0x36, &(0x7f0000000800)=ANY=[@ANYBLOB="1201000319021508fd070100e56a010203010902240001080a40060904"], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0})

249.454242ms ago: executing program 3 (id=6655):
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a3100000000050001"], 0x8c}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001300010029bd7000fedbdf2500000000", @ANYRES32=r2, @ANYBLOB="d45006000200000024001a802000028014"], 0x44}, 0x1, 0x0, 0x0, 0x8081}, 0x20040000)

172.307667ms ago: executing program 3 (id=6656):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={{0x7c}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)

172.054342ms ago: executing program 3 (id=6657):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000380)='./file1\x00', 0x40, &(0x7f00000003c0)={[{@errors_remount}]}, 0x1, 0x58a, &(0x7f0000001380)="$eJzs3U9oHPUeAPDvzGZf/+W99MF78J70UFSoULpJ+kerp/QqFgo9CF40bLahZJMN2USbEDC9F7EHUeml3vTgUfHgQbx49OpF8SwUGxSaHnRl9k+SJpu4iU22Zj8fmN35zW9mv7+Z2e/s/oYZJoCedTJ7SSP+HxFXkoiBdXV90aw82ZhvZXmx+HB5sZhErXb15ySSiHiwvFhszZ80349FxFJE/C8ivs5HnE43x63OL0yMlsulmWZ5cHZyerA6v3Dm+uToeGm8NHXuhRcvXDx/Yfjs8PrFHtbWl/I7W9dbP9x+59a3L9+9/cmnJ5aK740mMRL9zbr16/E4NbZJPkY2TD+/F8G6KOl2A9iVXDPPs1T6bwxErpn17dQG9rVpwB6rHYqo7VLfbhcEnhDJrvMf+Htr/Q/I+r+tYT//f9y71OiAZHFXmkOjpq9xbiIO1/smR39JHumZZP3N4/vZUA6kpZsRMdTXt/n7nzS/f7s39DgayJ766lJjR23e/+nq8SfaHH/6W+dO/6LW8W9l0/FvLX5ui+PflQ5j/Pbajx9uGf9mxFNt4yer8ZM28dOIeKPD+Hde/eLiVnW1jyJORfv4Lcn254cHr10vl4Yar21jfHnqxEvbrf/RLeI3ztkerv/MtNv+0x2u/+fffPb00jbxn3tm+/3fbvsfiYh3O4z/7wcfv7JV3b2byf1aLesCvJ0VO97/2bS7HcZ/fuTk9x3OCgAAAAAAAAAA7EBav5YtSQur42laKDTu4f1PHE3Llers6WuVuamxxjVvxyOftq60GmiUk6w83Lwet1U+2yyPHInIyudyzYC5I/X6QrFSHuvyugMAAAAAAAAAAAAAAAAAAMCT4tiG+/9/zdXv/9/4uGrgoNr6kd/AQbeW//mutgPYf4/+/iddawew//z/h55Vk//Qu+Q/9C75D71L/kPvkv/Qu+Q/9C75DwAAAAAAAAAAAAAAAAAAAAAAAAAAe+LK5cvZUHu4vFjMymN983MTlTfPjJWqE4XJuWKhWJmZLoxXKuPlUqFYmfyzz0sqlemhmJq7MThbqs4OVucXXp+szE21nila8oBhAAAAAAAAAAAAAAAAAAAA2Ky/PiRpISLS+niaFgoR/4yI45FPrl0vl4Yi4l8R8V0ufygrD3e70QAAAAAAAAAAAAAAAAAAAHDAVOcXJkbL5dJMj4z07WTmiFh6vM3IPnHHS+Wb++pJ2YZGemGkywcmAAAAAAAAAAAAAAAAAADoQWs3/Xa6xO972yAAAAAAAAAAAAAAAAAAAADoSelPSURkw6mBZ/s31v4jWcnV3yPirTtX378xOjs7M5xNv786ffaD5vSz3Wg/0KlWnrbyGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhTnV+YGC2XSzN7ONLtdQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjT8CAAD//7+01Qg=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x141042, 0x0)
fallocate(r0, 0x11, 0xffc, 0x6d8)
write$UHID_INPUT(r0, &(0x7f0000001940)={0x8, {"715b1a6a9fca300288d0d60e64694e9be52056879d4f7f9e17a2f387a1e887ad9fea8a741f3a85292a8ca98e1512418fbd5b5beafe58966442a9c6d52bdef586966362501755a16514ded809c856f4e58261695dbfb4d87cd5d13b78c6cf696afecb55cca3e7607479bc2ceded20d446347481aa05e3083992814f23f6ba955daa8c5988fcc3e1f4a1657a94b74a6161fb233fa5146129889ae6159768937100000000572e40a4ec1325c81eff25243f2fbe74fc9cc389297c04d98213ca54c33fe33622c7ebe8f6e9712c07be77c43bddb575411faf61123d450d3c608e581d9d1fd5562abd932bbdf70ff573330754d8f2a3c38906aefc04740f98f9bda4fc230cfbdc06b2447775f53c6aa87b73a284167aee5e05fc8d867afd4b6b8c3ec81a23be5df245d8e21aa8a630de4b680f34fee2af9de02aeaf31aa7d15e1c52e33a3dcb73d15217678c619a19d41e927e798df495ff28a6485e978bb29cf5f82e31ee8e142134e0845f5c1eaa9664c7dbbfcfcd9dc0567fd447f25de86bea1c28e8a9973e3d5f00e74d022f2b9a97ff08f404af3911f7f086643bfd9004c2500b1684e73c885374cb382bcb37fc82a31c79991b2547fbbba3c005b4d88825488599a8cf0cdaebb4d137232516c9f897d72d034a5b69d03be18c0a0958495e3c0f9b7b31f7684236be8772de10aef1446909f13fb49b4516d00f889efe72769585f4e1ffaa5fc9c0dbfa7b05efbaa14a3e240cf7603c6a487f4155f92bc22c262f496e2f30eef1b95cf28235c0273f295a136f122539ceccb412f7c08a019efb4c270a417db7deb6973a6d0370df72d12456b2d2187c4abdb632bc6323eaaa10f6e8c829d9b556b04498de35a355907c9a17b99b2effaca8ffbfe486493740f3dded005e8bf91b417e2cde579f9232c04807dd2f2da29faf183dee67430972a0c85ee9e9319a7b55b03b3db7d2623f3b16da80eee507de1f18b298a045f32970903d4ee04f99c8a6c086c93f465ad8493f3f2e0579993374b1941818c67c448c4e218e64467ea9755042b593a33f5f909ba7eb4c14be439964ff2c5ff2367710438f2d306e721042b39499b21b034cf9a95048a43e8d96eb88c7e372ee61e7a909b6e947d416b2ac672fa3683771cf6986bda28ccd50c448e31985adf2b836349d8e1ac3ea17dd9256bac1f3c47f39953fceddef2e12b9956ad44347142d836ef531528fd9cbc0c132ac6e270c9f5e4d950d62b788dfb1e337be9629a02f945897bdd5168d73d78ec3a7651465949f5027dcd0affb6b24063499d4afb57b80aa62efaefe607fb9073c79d7083c629bf11a56527fe85a41c3b347c7ef54c85a6e6d046994101ae7627e74d14337a9bb042f5f0aeca0a6199dedb3e4b1aa30760131e8d76d43d9991ac1b3c443b25d7c4c8153d1c7763e6f2fda8c404697668f6aa61f8e28d568320ed190ca635c74d9948adcaa53776a2db303b848723b414bd192511f557f2a426822acecfa3ce6f9bfd60c0144b1a55294387238fbb196addf0502ee9af4108682d056f8965ce4fca03d8ecdcf5f302eaea2de59bf663b15bf8a20ce874ff7d3958fe6da3301b678c2930129b3cb4413400388a59ae939c58d96043d93a57a980ed6b9f35751e059ef6c06cffa4f5c3f8ba1ba67f0160390ec77311e4e67d921bb40a29d448f274da50115c2c67baa3d6f39f9ddfaf3e67392d9e3802c353f0b855c927d6a45e445f58526a09793bcc2e72163fb1b7a779d99f230bd95e5bce797cacb0b8343dcf1be080f18040fe288b157b01b074d25fe44ab6b3c0362f1931f6b174412a8d6a2a645270e7430b3884ac16930105786e469d1d8bcf9ed4010ee3accf78ecc138a8b11c15798eeb29ef4fc3bc5b376807348e1647148c35a1aa3d7ed05dc3a11274887f04f035837a9ea81fcb5eaccd4f43f2f6bbf3c426f72e1423c9175c2b234be0fd3c40c15e5e35c5c7359c894e95f82797c48fdca7ef07a6fa6f0dd0bb9a24c4a38900be369c27b285c67e60f8814f67d86caba122def954662ae2c6f4f99cfbb55214c61216e8c8f84e9b172129642d754a49c923c6c6b1ba820e99a513308a03c9a080be7224244f2bc1d99d93ddcb25a3d2e0a6b4b868f877760b019c8c475c3e0b90109c21c309e7bc0ffc48753aeb70e7884c8eac52b2fb8576ae917199bfeea255da4b546673207000003440fabaebb1e8e181506bf93ac67ba128a14c9dcc45d9f07ddfea21e7da2bf4215bc73e82e9a7187cd5fa7c17f7710f2cdf59bb22ce786328af52f17349c42ca7bce681619246b8b467b7b4c60125ea5687e1cd9bf36a67023759a8baeccb60e84c7102f284436584d0508486d96af8ea8358f7ac1f9a21c1229eda8a1a273b999a74f39d3851b6aec92d120f2c4ca0b2852844b5529eb40db91749f221568850f23f089dd704434b6fe736ab7eb67ebd52943000770e0a57c6ff7c1420a225fdeca0cddcf4083a3f5f9fb37490dfdf2c8aae282558c8a4af6ec41f7788d6340053ff69311489323c403becde20ae84c6a8968717e8923c13723be082aab3edd7cf0fd1b2a1f64692911d9e49c4d7d20f8c9364c454fdb51ff376abbae26df57ab7d458772a919879ea7caada2c17fb0011ecc8ced3d7dfa39250fc3c8cc9d0f377860d8b58fd81952f50d732adc73e470c1f5778a49d7f3d507e5ab5cb798420f3a56d9d3ad76b75e5d41921a7ae04099968867c816f6d44c4a41cefbe31623d6899a00c28454bdc0ea17f284dcb39a0221989e3c2bbcc5556e8f870bbf98be4b57be438797995d221ecd0515e4c89c431ff7b595f35527911371cc324cd4c76d4ea68cfdd1eed120ec16e89e4ec4c5ac28039de8b3aa451e1e55631d599612e94630ad3d67ba79e03c4ff023e8ddfd10c09517df736a01af5488a87f551c7e8e41dd0d0d10c58f3053cbdef2c4fd72e51c2d9724360687ab6d0395023626bbfcab24737a50bb27d78ebfe11b5e40a71b2141254074b3dca3cf45456ea1860704b0d5da04710667bf6454c81b33b5b429d2764afd13338d60b928140c05e0b7f41c6fb1961961edfa959b911216ca2357d8171b3673b454b5017bbf34dabdf5fd0d7fb602399ec434f40bc0450cd6e418713cc7e849b7deb3ef014b8ec7a62f686b37b1c3a8b60340d0bbf09a6965013c68317d7a2e07bcd3bcaa7cd2cbf34d64534e1ff9cb4ba32d9a5cde63e2da7dfdfcc86886a0ee01fa0d95b78a12085d6dfb62d622041e97d8f03f4727e865be656d9286d628a8950b55dc71058b6dec200049738824a8200023be3f93e740f2a8d241e57deeb642ff28140ee91424db3cf2fafdd8a7d9fc80a7a54da30029ef65df2e7900059ab1141985376e7f9f46e712b4536ed49778e0629d284f56eef0906d21536427333d8a7d6d7e74591031a526eea16a627c5d9f399ec4628a26d9812b68b501716b602564504ab8f16e76a19c608ac550fa52fb80af1e81b48abf13c9996cf47f34d8e943b7d48de31c0d5d794af157c16209d3c0632c2801ab17f05de2c2fb9b9b8c0a257c18a832ac743c9341042af1e56619154fc4f7b20c8de3edbb1636f0a098ed6f6858c27905b00798fd8bedda5eaeeb12ff19943dad0a7f069a9e01dfc9730568784a07c0a6b01623b11a1e6f86cab4d95bf256cd28b00c17b5df66dd4c393471f0f18c68aeae404f5f3fb66bbfd62f1511b35caddad004408fe3b182edf81ad50ac3a639121236968c6be1ba7f7bee6409a91f4c7caf077c2a94c6d8d547cc680a1d7e6cd57c326e7a2f642ab76491565c5f4271cbf64ed2be12d770e927cba3cfa0fb89452285a69fe205bc9943eee4466ca8f9998997e2c1a1fe782c9e2241c51dc008bb8f6fe9a49edefae6f43d3e0cd207439745dfd4c347058a4ec3c3fbd56f3108b9a034600f78dc5c889621a6b78e2f7256034d53ae7877de459b6895e9849eb4a8099a62a4bd50d5b4d48cf82fae64985e1e22435fe5d5a4b9119eed5d8ee03a6d1675b7b75d47b8e20a44c05812b36cc2e31947a02c48262c5a875e562dbd4a1a8d045a37afabb28079d3904f53d466e5abab09b8e5e0a56dbae4c4cd9bc6640b47cc6616b2e7cf19c6e9591d32ab0cf87880c81d63948a508ad0cbd50e348d399daf51efb2b96ef9d56a8ba89d04bf5e7d4f7353f71d1a6cb78da6644574664d08e848cf97bab16d6acf70f072a02578ab02b3209fe8a06dad5c741cb5eb483f809c4c35307595f00d00bf6a1474aef94cfc913d08c612387172aabc802c17753c6ccd752eaa81e7eefd61c037f958e23bcb9c1510ea47bcaefa72f070809de9f79faede74c87231411b17b357382974bcd334cf983c85ad9e1844cdbd9181a5bb976c35b6a638ae8dd20119858f8c525d735779b2f8e244ed2fc0d900445fe1fe775bfecb1d2e8d456fd6234ddfcad76d9f4b4a6ee83be812cdda17ec43a895a5c03e5359cce3de61d9736f8a4d66051891b1431f2e61a324f252bd0e9b32e23bd31a5405642bbd2cdc5d3e45b56530568f05a72d475a7d3505b26d9fcdaeb30a62ddf09bcd9e59c1f34e375149782b8019a7a9883fd93397acb338af428f1e015a671b5c11651d3c0168f747fdc6e1fb084bdcbd760adce881492b2bbb76c0a1327e76c9c7ce0afff2f80ec30f2be04d9f93a9b291cc01bcc03f7b67e16a7f1bcc838aab9240df99691a2781da614fdcecf5115382e1357460f4b8e3a577d3ae922379eadc2416d40028c785905bb43a41f5fb7189a8704b8e492c86bd82d0560f81796693e74f08739b632e5226d3c3a963caf5db455ac20288d472611e7dc243531fd66718e94daa2bf93a30a38e6a497a50f2472a72bf9c4689e54105c44cd074bb87e08f735791b436d6553c5f2b61ff75dc64ba597b77f7ea42a0ec14dc08107e7bbe97ae519beb5e18a8859493afd097d4609a3a2025fe9603b85f2b1350336d92e15d0bdea3a42bb8775ff2b38babf2ec27e77452c93a05a798ec789a6a012047481ea8e1a8dfc77a9f0f6ddebb9f3503702b147f663f01f70cdfc29afe0cfd7823823fa2e139ea7d1a010a67bb3a31e620aff5cbe1a99ac3cd0f91c472dd021213edf5a9225941b575e27f99c0cb94eb9598a443ec7665335305895ebc28e3f8d34adf6aa37084f823d293ba9dcb2f73d88457d0a55c9202dd309a9b36daa4e50c8f9c93ec7644a7a730b6b947f0f2381a34d67bce50e790a7655a34a2f70723f360af014b00a4fd3dbbb8bc2f1461eb48b987b8b772b3ad31a1077c59ef45e4b2870739454ef56402115ab427527e67b6a6a97b2bb3d7a2c13d2a55d1032a64b83efc13939589e46abd78bcc493529cf38581fe3160b2c6eb5a9ac6cee0b05618e51450af077fba0dc943089f112e67a2c654ad94157e95295219d0bbab3a02a2c9ec08ce9d904a703760dc41a7943d52561aeb5519e82d0d390365cfd796434c3decf733d8f09789af0b990f4f9b791cf0d677f34d85fc2b3583b21737955cbaa098963bfa39755f335329f265db75c5d406a0a91ed76563a3ed5f3d2877c2b4b81dc1eaccde6d642c0d8791482e27c64103fc87a55ae91e63df49ddc1dace5c3108d6a496d678ec5ba09b2a9e6990cb63ac3e4b787661800d11c73da87bf5d297c1fb531aa105d30464b0e023e4212a0d4a0ac119c1568280d49d084729e680a0f453a725ed08454fa874cf22f5718e2afd995a1d7acbe92e0a49307f1b322367dc12b3673708024a85fcc643bd00", 0x1045}}, 0x1006)

102.639998ms ago: executing program 4 (id=6658):
syz_clone3(&(0x7f0000000600)={0x10000, 0x0, 0x0, 0x0, {}, &(0x7f0000000340), 0x0, 0x0, 0x0}, 0x58)

102.492213ms ago: executing program 3 (id=6659):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd24, 0x25dfdbf7, {0x0, 0x0, 0x0, 0x0, 0x50200, 0x11023}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MIN_LINKS={0x8, 0x12, 0x2}, @IFLA_BOND_ALL_SLAVES_ACTIVE={0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x4044810)

102.357709ms ago: executing program 4 (id=6660):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000740)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000001140012800c0001006d6163766c616e00dbff028008000500", @ANYRES32=r0, @ANYBLOB="080004007f0000000a000100aa"], 0x50}}, 0x0)

1.458019ms ago: executing program 4 (id=6661):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x25dfdbff, {0xa, 0x0, 0x0, 0x80}, [@RTA_PREF={0x5, 0x14, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)

354.995µs ago: executing program 3 (id=6662):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x5, &(0x7f0000000000)=0x81, 0x4)
getsockopt$inet6_tcp_int(r0, 0x6, 0x5, 0x0, &(0x7f00000000c0))

153.215µs ago: executing program 4 (id=6663):
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_ENCODER_CMD(r0, 0xc028564d, &(0x7f0000000140))

0s ago: executing program 3 (id=6664):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000100)=ANY=[@ANYBLOB="e4050000160001000000000000000000e0000001000000000006000000000000fe88000000000000000000000000000100000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000033000000fc02000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000200001f09000000000000000700000091230000ab0002006374722d6165732d636500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018030000cb8e892a23aa1faff0ca08bcbcbdbc09e75ff9da23961c863111c13df0946d7a81e1c2b09c76fcf63fb2c652f7b14ba657fcd70fd3f77a374e34293d4ba244e3cf40159c91ce8cdc34e3a34ab610b6850258e91a237498beb1255d172c7cc2954e098900050019006c00000034011100fe880000000000000000000000000001fc010000000000000000000000000000ff010000000000000000000000000001e00000020000000000000000000000006c030000000000000a000200e000000200000000000000000000000000000000000000000000000000000001e0000001000000000000000000000000e00000010000000000000000000000002b040000033500000200020000000000000000000000000000000000fc00000000000000000000000000000000000000000000000000fffffffffffffc0200000000000000000000000000013c010000043500000a000a0020010000000000000000000000000000fc010000000000000000000000000000fe800000000000000000000000000041200100000000000000000000000000012b020000023500000a000a00680002006362632873657270656e7429000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000099b141b8ba9cb9738c58120c314c63cfe34ee9f151be50560b3f1d38ddb4c6884401050000000000000000000000000000000000000004d33300000002000000ff010000000000000000000000000001053500000200e0002000000004000000050000000a010101000000000000000000000000000004d3330000000a000000e00000020000000000000000000000000635000000020400ffffffff0100000001000000e0000002000000000000000000000000000004d5330000000a000000fc0000000000000000000000000000010735000001011f007f0000000700000000002000fe8000000000000000000000000000aa000004d33300000000000000fe8000000000000000000000000000bb02350000030202005d03000009000000ffffff7ffc020000000000000000000000000000000004d32b0000000a000000fe8000000000000000000000000000aa04350000000080000000000003000000020000000c000f000100000000000000870002007874732d74776f666973682d61767800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f801000051ba2dbf8755b5f973bd3fa200cf5b9af4f92e96fc84264e17acc3c3eb46e518aae847e02e88720ffdb2da67152af3e5536351ba03bded9b4e2e33082ed55e001c00040001004e234e2200007f0000010000000000000000000000009e00010062"], 0x5e4}}, 0x0)

kernel console output (not intermixed with test programs):

 USB disconnect, device number 11
[  346.901089][T14528] loop6: detected capacity change from 0 to 1024
[  347.786180][T14561] loop3: detected capacity change from 0 to 512
[  347.797934][T14557] bond0 (unregistering): (slave ip6erspan0): Releasing active interface
[  347.820505][T14557] bond0 (unregistering): Released all slaves
[  348.036574][ T5908] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  348.045842][T14571] loop3: detected capacity change from 0 to 512
[  348.049474][T14571] EXT4-fs: Ignoring removed mblk_io_submit option
[  348.186061][ T5908] usb 7-1: Using ep0 maxpacket: 32
[  348.198145][ T5908] usb 7-1: config 0 has an invalid interface number: 50 but max is 0
[  348.201006][ T5908] usb 7-1: config 0 has no interface number 0
[  348.203170][ T5908] usb 7-1: config 0 interface 50 has no altsetting 0
[  348.208344][ T5908] usb 7-1: New USB device found, idVendor=067b, idProduct=0307, bcdDevice=13.70
[  348.211197][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.213548][ T5908] usb 7-1: Product: syz
[  348.214851][ T5908] usb 7-1: Manufacturer: syz
[  348.218748][ T5908] usb 7-1: SerialNumber: syz
[  348.224667][ T5908] usb 7-1: config 0 descriptor??
[  348.238129][ T5908] pl2303 7-1:0.50: required interrupt-in endpoint missing
[  348.321847][T14585] loop3: detected capacity change from 0 to 1024
[  348.325580][T14585] EXT4-fs: Ignoring removed oldalloc option
[  348.329672][T14585] EXT4-fs: Ignoring removed bh option
[  348.371866][T14587] loop3: detected capacity change from 0 to 512
[  348.437160][ T5908] usb 7-1: USB disconnect, device number 12
[  348.518153][T14591] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3417'.
[  348.522567][T14591] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3417'.
[  348.526398][T14591] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3417'.
[  348.609108][T14595] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  348.612526][T14595] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  348.994645][T14617] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  349.069925][T14625] vcan0: entered allmulticast mode
[  349.072500][T14625] vcan0: left allmulticast mode
[  349.513314][T14646] loop3: detected capacity change from 0 to 32768
[  349.517406][T14646] bcachefs (/dev/loop3): error reading superblock: error opening /dev/loop3: EACCES
[  349.521109][T14646] bcachefs: bch2_fs_get_tree() error: EACCES
[  349.962240][T14657] loop3: detected capacity change from 0 to 32768
[  349.976583][T14657] BTRFS error: failed to open device for path /dev/loop3 with flags 0x23: -13
[  350.359953][T14669] loop6: detected capacity change from 0 to 32768
[  350.366684][T14669] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3451 (14669)
[  350.391856][T14669] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  350.395852][T14669] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  350.399391][T14669] BTRFS info (device loop6): using free-space-tree
[  350.428039][  T124] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  350.492335][T12959] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  350.615924][  T124] usb 4-1: Using ep0 maxpacket: 16
[  350.619977][T14693] loop6: detected capacity change from 0 to 65
[  350.621399][  T124] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 92, changing to 10
[  350.626035][T14693] BFS-fs: bfs_fill_super(): loop6 is unclean, continuing
[  350.631114][T14693] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop6
[  350.638506][  T124] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17487, setting to 1024
[  350.642756][  T124] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  350.672436][T14695] loop6: detected capacity change from 0 to 256
[  350.679310][T14695] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  350.683059][T14695] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  350.685253][  T124] usb 4-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  350.691407][T14695] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  350.692796][  T124] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.716050][  T124] usb 4-1: config 0 descriptor??
[  350.719294][T14673] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  350.729829][   T33] audit: type=1800 audit(606.634:232): pid=14695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3455" name="file1" dev="loop6" ino=1048742 res=0 errno=0
[  350.754746][  T124] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input24
[  350.911842][T14702] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3458'.
[  350.985646][  T124] usb 4-1: USB disconnect, device number 44
[  351.434513][ T5908] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  351.550924][T14730] loop3: detected capacity change from 0 to 8
[  351.585586][ T5908] usb 7-1: Using ep0 maxpacket: 32
[  351.597693][ T5908] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[  351.601070][ T5908] usb 7-1: config 0 has no interface number 0
[  351.623535][ T5908] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  351.629685][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.632691][ T5908] usb 7-1: Product: syz
[  351.639877][ T5908] usb 7-1: Manufacturer: syz
[  351.641702][ T5908] usb 7-1: SerialNumber: syz
[  351.655694][ T5908] usb 7-1: config 0 descriptor??
[  351.664471][ T5908] smsc95xx v2.0.0
[  351.688734][T14737] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  351.699697][T14735] loop3: detected capacity change from 0 to 8192
[  351.701686][T14737] CIFS mount error: No usable UNC path provided in device string!
[  351.701686][T14737] 
[  351.706666][T14737] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  351.749548][T14735] Dev loop3: unable to read partition block 70232106831872
[  351.757948][T14735]  loop3: RDSK (-2147426304 unable to read partition table
[  351.760465][T14735] loop3: partition table beyond EOD, truncated
[  351.766378][T14735] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[  351.777916][ T5297] Dev loop3: unable to read partition block 70232106831872
[  351.780721][ T5297]  loop3: RDSK (-2147426304 unable to read partition table
[  351.783385][ T5297] loop3: partition table beyond EOD, truncated
[  351.906598][T14743] loop3: detected capacity change from 0 to 128
[  351.917428][T14743] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  351.941550][ T6625] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  352.017974][T14746] loop3: detected capacity change from 0 to 256
[  352.047935][T14746] loop3: detected capacity change from 0 to 256
[  352.653827][ T5882] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  352.672483][ T5908] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  352.677803][ T5908] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  352.681625][ T5908] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  352.685830][ T5908] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -71
[  352.690676][ T5908] usb 7-1: USB disconnect, device number 13
[  352.803802][ T5882] usb 4-1: Using ep0 maxpacket: 16
[  352.807832][ T5882] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  352.812237][ T5882] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  352.816737][ T5882] usb 4-1: config 0 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  352.821582][ T5882] usb 4-1: config 0 interface 0 has no altsetting 0
[  352.824480][ T5882] usb 4-1: New USB device found, idVendor=05ac, idProduct=025a, bcdDevice= 0.00
[  352.828432][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.834233][ T5882] usb 4-1: config 0 descriptor??
[  352.845033][ T5882] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input25
[  353.041577][ T5282] bcm5974 4-1:0.0: could not read from device
[  353.047122][ T5282] bcm5974 4-1:0.0: could not read from device
[  353.052574][ T5282] bcm5974 4-1:0.0: could not read from device
[  353.053766][ T5882] usb 4-1: USB disconnect, device number 45
[  353.057120][ T5282] bcm5974 4-1:0.0: could not read from device
[  353.060658][ T5282] bcm5974 4-1:0.0: could not read from device
[  353.070212][ T6018] udevd[6018]: Error opening device "/dev/input/event3": No such file or directory
[  353.076925][ T6018] udevd[6018]: Unable to EVIOCGABS device "/dev/input/event3"
[  353.079370][ T6018] udevd[6018]: Unable to EVIOCGABS device "/dev/input/event3"
[  353.081929][ T6018] udevd[6018]: Unable to EVIOCGABS device "/dev/input/event3"
[  353.084460][ T6018] udevd[6018]: Unable to EVIOCGABS device "/dev/input/event3"
[  353.086853][ T6018] udevd[6018]: Assertion 'close_nointr(fd) != -EBADF' failed at util.c:228, function safe_close(). Aborting.
[  353.101510][ T5297] udevd[5297]: worker [6018] terminated by signal 6 (Aborted)
[  353.104317][ T5297] udevd[5297]: worker [6018] failed while handling '/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input25/event3'
[  353.443399][ T5908] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  353.597424][ T5908] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  353.608107][ T5908] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  353.611454][ T5908] usb 7-1: config 1 has no interface number 0
[  353.621818][ T5908] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  353.627980][ T5908] usb 7-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  353.632468][ T5908] usb 7-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  353.640961][ T5908] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  353.645219][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  353.648398][ T5908] usb 7-1: Product: syz
[  353.650102][ T5908] usb 7-1: Manufacturer: syz
[  353.652058][ T5908] usb 7-1: SerialNumber: syz
[  354.484303][ T5908] cdc_ncm 7-1:1.1: bind() failure
[  354.531334][ T5908] usb 7-1: USB disconnect, device number 14
[  354.745058][T14816] Option 'TXƮ' to dns_resolver key: bad/missing value
[  354.988671][T14826] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3511'.
[  355.302406][    C0] bridge0: port 2(wlan0) entered forwarding state
[  355.304936][    C0] bridge0: topology change detected, propagating
[  355.424143][ T5853] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  355.577029][ T5853] usb 7-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  355.595511][ T5853] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.598668][ T5853] usb 7-1: Product: syz
[  355.600178][ T5853] usb 7-1: Manufacturer: syz
[  355.605817][ T5853] usb 7-1: SerialNumber: syz
[  355.623175][ T5853] usb 7-1: config 0 descriptor??
[  355.639809][ T5853] gspca_main: sq905c-2.14.0 probing 2770:9052
[  356.507891][ T5882] usb 7-1: USB disconnect, device number 15
[  357.025862][T14899] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3529'.
[  357.441575][   T24] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  357.611319][   T24] usb 7-1: Using ep0 maxpacket: 16
[  357.713173][   T24] usb 7-1: config 0 has an invalid interface number: 63 but max is 0
[  357.734994][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  357.765377][   T24] usb 7-1: config 0 has no interface number 0
[  357.785385][   T24] usb 7-1: config 0 interface 63 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  357.808955][   T24] usb 7-1: config 0 interface 63 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  357.839383][   T24] usb 7-1: New USB device found, idVendor=0644, idProduct=800e, bcdDevice=41.e6
[  357.858985][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.893916][   T24] usb 7-1: config 0 descriptor??
[  358.117199][   T24] usb 7-1: USB disconnect, device number 16
[  358.366876][T14953] loop3: detected capacity change from 0 to 512
[  360.220653][ T5895] usb 4-1: new low-speed USB device number 46 using dummy_hcd
[  360.682589][ T5895] usb 4-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  360.686086][ T5895] usb 4-1: config 246 descriptor has 1 excess byte, ignoring
[  360.688906][ T5895] usb 4-1: config 246 has 1 interface, different from the descriptor's value: 42
[  360.693117][ T5895] usb 4-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  360.697410][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  360.704240][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  360.708349][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  360.713356][ T5895] usb 4-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  360.716779][ T5895] usb 4-1: config 246 descriptor has 1 excess byte, ignoring
[  360.719304][ T5895] usb 4-1: config 246 has 1 interface, different from the descriptor's value: 42
[  360.723538][ T5895] usb 4-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  360.727633][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  360.731639][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  360.735229][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  360.740115][ T5895] usb 4-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  360.743802][ T5895] usb 4-1: config 246 descriptor has 1 excess byte, ignoring
[  360.746208][ T5895] usb 4-1: config 246 has 1 interface, different from the descriptor's value: 42
[  360.749870][ T5895] usb 4-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  360.753799][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  360.757571][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  360.762150][ T5895] usb 4-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  360.768880][ T5895] usb 4-1: string descriptor 0 read error: -22
[  360.771580][ T5895] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  360.775250][ T5895] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.790260][ T5895] adutux 4-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  361.003718][   T47] usb 4-1: USB disconnect, device number 46
[  361.152404][T15019] loop6: detected capacity change from 0 to 4096
[  361.205645][T15002] adutux: No device or device unplugged -19
[  361.249006][T15022] vivid-000: disconnect
[  361.316205][T15023] vivid-000: reconnect
[  361.848871][T15043] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3586'.
[  362.829062][ T5882] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  362.990037][ T5882] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  362.994186][ T5882] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  363.013091][ T5882] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  363.022454][ T5882] usb 7-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  363.026851][ T5882] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.049295][ T5882] usb 7-1: config 0 descriptor??
[  363.067113][ T5882] em28xx 7-1:0.0: New device   @ 480 Mbps (2040:1605, interface 0, class 0)
[  363.087887][ T5882] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[  363.327853][ T5882] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  363.331154][ T5882] em28xx 7-1:0.0: Config register raw data: 0xfffffffb
[  363.334217][ T5882] em28xx 7-1:0.0: AC97 chip type couldn't be determined
[  363.336891][ T5882] em28xx 7-1:0.0: No AC97 audio processor
[  363.361568][ T5882] usb 7-1: USB disconnect, device number 17
[  363.370892][ T5882] em28xx 7-1:0.0: Disconnecting em28xx
[  363.380398][ T5882] em28xx 7-1:0.0: Freeing device
[  363.966352][T15092] loop3: detected capacity change from 0 to 2048
[  363.990274][T15092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  363.996582][T15086] loop6: detected capacity change from 0 to 32768
[  364.030215][ T6625] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.120301][T15099] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3609'.
[  364.156867][T15086] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  364.156881][T15086]   allowing incompatible features above 0.0: (unknown version)
[  364.156887][T15086]   features: 
[  364.163777][T15099] vlan3: entered allmulticast mode
[  364.170461][T15099] bridge0: entered allmulticast mode
[  364.172347][T15099] bridge1: port 1(vlan3) entered blocking state
[  364.174722][T15099] bridge1: port 1(vlan3) entered disabled state
[  364.178307][T15099] vlan3: entered promiscuous mode
[  364.179750][T15086] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  364.180376][T15099] bridge0: entered promiscuous mode
[  364.182821][T15086] bcachefs (loop6): initializing new filesystem
[  364.188568][T15086] bcachefs (loop6): going read-write
[  364.197436][T15086] bcachefs (loop6): marking superblocks
[  364.221294][T15086] bcachefs (loop6): initializing freespace
[  364.225293][T15086] bcachefs (loop6): done initializing freespace
[  364.230110][T15086] bcachefs (loop6): reading snapshots table
[  364.232037][T15086] bcachefs (loop6): reading snapshots done
[  364.237226][T15099] gretap1: entered promiscuous mode
[  364.241401][T15099] bridge1: port 2(gretap1) entered blocking state
[  364.245653][T15099] bridge1: port 2(gretap1) entered disabled state
[  364.251531][T15099] gretap1: entered allmulticast mode
[  364.261861][T15086] bcachefs (loop6): done starting filesystem
[  364.349896][T12959] bcachefs (loop6): shutting down
[  364.351450][T12959] bcachefs (loop6): going read-only
[  364.357116][T12959] bcachefs (loop6): finished waiting for writes to stop
[  364.372219][T12959] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  364.376548][T15108] loop3: detected capacity change from 0 to 2048
[  364.453009][T12959] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 4
[  364.456389][T12959] bcachefs (loop6): clean shutdown complete, journal seq 5
[  364.462369][T12959] bcachefs (loop6): marking filesystem clean
[  364.510811][T15112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3613'.
[  364.514543][T12959] bcachefs (loop6): shutdown complete
[  364.964240][T15126] loop3: detected capacity change from 0 to 32768
[  367.198413][T15158] bridge0: port 2(wlan0) entered disabled state
[  367.200906][T15158] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.391730][T15162] hfsplus: unable to find HFS+ superblock
[  367.695114][T15158] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  368.067433][ T5695] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  368.075290][ T5695] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  368.088721][ T5695] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  368.104280][ T5695] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  368.214492][T15178] netlink: 'syz.3.3640': attribute type 21 has an invalid length.
[  368.218142][T15178] netlink: 'syz.3.3640': attribute type 4 has an invalid length.
[  368.402738][T15185] fuse: Invalid rootmode
[  369.076597][T15187] loop3: detected capacity change from 0 to 40427
[  369.163714][T15201] batman_adv: batadv0: Adding interface: ipvlan0
[  369.167803][T15201] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  369.173713][T15201] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  369.180785][T15201] batman_adv: batadv0: Interface activated: ipvlan0
[  369.284064][T15207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3654'.
[  369.289092][T15207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3654'.
[  369.515950][T15205] loop6: detected capacity change from 0 to 32768
[  369.519752][T15205] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3653 (15205)
[  369.574184][T15205] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  369.578234][T15205] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  369.581588][T15205] BTRFS info (device loop6): using free-space-tree
[  370.091959][T12959] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  370.650940][T15265] netlink: 'syz.6.3673': attribute type 10 has an invalid length.
[  370.653672][T15265] team0: Device dummy0 is up. Set it down before adding it as a team port
[  370.674042][T15267] loop3: detected capacity change from 0 to 128
[  371.134562][ T5882] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  371.199858][T15291] loop3: detected capacity change from 0 to 32768
[  371.214015][T15291] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3686 (15291)
[  371.231768][T15291] BTRFS error: failed to open device for path /dev/loop3 with flags 0x23: -13
[  371.295552][ T5882] usb 7-1: Using ep0 maxpacket: 32
[  371.299043][ T5882] usb 7-1: config 0 interface 0 has no altsetting 0
[  371.306103][ T5882] usb 7-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  371.314392][ T5882] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.318279][ T5882] usb 7-1: Product: syz
[  371.319668][ T5882] usb 7-1: Manufacturer: syz
[  371.321346][ T5882] usb 7-1: SerialNumber: syz
[  371.328126][ T5882] usb 7-1: config 0 descriptor??
[  371.752074][ T5882] gs_usb 7-1:0.0: Configuring for 2 interfaces
[  372.176925][ T5882] gs_usb 7-1:0.0: Disabling termination support for channel 0 (-EPIPE)
[  372.416462][ T5882] gs_usb 7-1:0.0: Disabling termination support for channel 1 (-EPROTO)
[  372.441057][ T5882] usb 7-1: USB disconnect, device number 18
[  372.873784][ T5895] usb 4-1: new full-speed USB device number 47 using dummy_hcd
[  373.027079][ T5895] usb 4-1: config 0 has an invalid interface number: 29 but max is 0
[  373.039665][ T5895] usb 4-1: config 0 has no interface number 0
[  373.042187][ T5895] usb 4-1: config 0 interface 29 has no altsetting 0
[  373.056964][T15333] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3704'.
[  373.061544][ T5895] usb 4-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  373.071258][ T5895] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.079083][ T5895] usb 4-1: Product: syz
[  373.080831][ T5895] usb 4-1: Manufacturer: syz
[  373.085947][ T5895] usb 4-1: SerialNumber: syz
[  373.090171][   T54] Bluetooth: hci2: unexpected subevent 0x01 length: 11 < 18
[  373.100943][ T5895] usb 4-1: config 0 descriptor??
[  373.509879][T15335] loop6: detected capacity change from 0 to 40427
[  373.512760][T15335] f2fs: Unknown parameter ''
[  374.010340][T15371] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[  374.472631][T15392] loop6: detected capacity change from 0 to 16
[  374.479807][T15392] erofs (device loop6): mounted with root inode @ nid 36.
[  374.620325][T15395] erofs (device loop6): readahead error at folio 2 @ nid 89
[  374.660305][ T6267] erofs (device loop6): failed to decompress 6887 in[4096, 0] out[8192]
[  374.689262][T15395] erofs (device loop6): failed to decompress 6887 in[4096, 0] out[8192]
[  374.692983][T15395] erofs (device loop6): read error -117 @ 1 of nid 89
[  374.696759][   T33] audit: type=1800 audit(630.626:233): pid=15395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3733" name="file3" dev="loop6" ino=89 res=0 errno=0
[  375.348128][T15401] tipc: Started in network mode
[  375.350275][T15401] tipc: Node identity fec0ffffffffffff0000000000000001, cluster identity 4711
[  375.354134][T15401] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  375.652656][ T5895] peak_usb 4-1:0.29 can0: unable to request usb[type=0 value=1] err=-71
[  375.656132][ T5895] peak_usb 4-1:0.29: unable to read PCAN-USB X6 firmware info (err -71)
[  375.722766][ T5895] peak_usb 4-1:0.29: probe with driver peak_usb failed with error -71
[  375.750855][T15407] loop3: detected capacity change from 0 to 1024
[  375.755254][ T5895] usb 4-1: USB disconnect, device number 47
[  376.126250][T15409] loop6: detected capacity change from 0 to 32768
[  376.133915][T15409] (syz.6.3740,15409,0):ocfs2_read_virt_blocks:1007 ERROR: Inode #66 contains a hole at offset 0
[  376.150327][T15409] (syz.6.3740,15409,0):ocfs2_read_dir_block:511 ERROR: status = -5
[  376.156664][T15409] (syz.6.3740,15409,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  376.159717][T15409] (syz.6.3740,15409,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs?
[  376.159736][T15409] (syz.6.3740,15409,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  376.190832][T15409] (syz.6.3740,15409,0):ocfs2_initialize_super:2198 ERROR: status = -22
[  376.196892][T15409] (syz.6.3740,15409,0):ocfs2_fill_super:1177 ERROR: status = -22
[  376.203236][T15427] loop3: detected capacity change from 0 to 164
[  376.211497][T15427] ISOFS: unable to read i-node block
[  376.220613][T15427] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  376.360632][T15429] PKCS7: Unknown OID: [5] (bad)
[  376.364112][T15429] PKCS7: Only support pkcs7_signedData type
[  376.398737][ T5895] kernel write not supported for file /sg0 (pid: 5895 comm: kworker/0:5)
[  376.498079][   T54] Bluetooth: hci2: link tx timeout
[  376.500563][   T54] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  377.564598][T15462] delete_channel: no stack
[  377.791246][   T24] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  377.944494][   T24] usb 4-1: Using ep0 maxpacket: 32
[  377.961104][   T24] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  377.964982][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.984754][   T24] usb 4-1: config 0 descriptor??
[  378.200894][   T24] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  378.225740][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  378.230934][   T24] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  378.234258][   T24] usb 4-1: media controller created
[  378.338251][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  378.365646][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  378.574780][ T5239] Bluetooth: hci2: command 0x0406 tx timeout
[  379.023241][   T24] az6027: usb out operation failed. (-71)
[  379.034735][   T24] az6027: usb out operation failed. (-71)
[  379.045073][   T24] stb0899_attach: Driver disabled by Kconfig
[  379.056899][   T24] az6027: no front-end attached
[  379.056899][   T24] 
[  379.074054][   T24] az6027: usb out operation failed. (-71)
[  379.085036][   T24] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  379.127816][   T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input26
[  379.213520][   T24] dvb-usb: schedule remote query interval to 400 msecs.
[  379.216803][   T24] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  379.292655][   T24] usb 4-1: USB disconnect, device number 48
[  379.689233][   T24] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  380.283857][T15501] loop3: detected capacity change from 0 to 40427
[  380.469588][T15524] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3791'.
[  380.599109][T15528] loop3: detected capacity change from 0 to 1764
[  380.856084][T15548] sctp: [Deprecated]: syz.6.3803 (pid 15548) Use of struct sctp_assoc_value in delayed_ack socket option.
[  380.856084][T15548] Use struct sctp_sack_info instead
[  381.089628][T15566] tipc: Started in network mode
[  381.091975][T15566] tipc: Node identity ac14140f, cluster identity 4711
[  381.094192][T15566] tipc: New replicast peer: 255.255.255.255
[  381.096446][T15566] tipc: Enabled bearer <udp:syz2>, priority 7
[  381.177662][T15572] loop3: detected capacity change from 0 to 4096
[  381.204234][   T33] audit: type=1326 audit(637.129:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15573 comm="syz.6.3815" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  381.237048][   T33] audit: type=1326 audit(637.149:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15573 comm="syz.6.3815" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  381.249772][   T33] audit: type=1326 audit(637.149:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15573 comm="syz.6.3815" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  381.278876][   T33] audit: type=1326 audit(637.149:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15573 comm="syz.6.3815" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  381.304301][   T33] audit: type=1326 audit(637.149:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15573 comm="syz.6.3815" exe="/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  381.313300][   T33] audit: type=1326 audit(637.149:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15573 comm="syz.6.3815" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  381.322780][   T33] audit: type=1326 audit(637.149:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15573 comm="syz.6.3815" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  381.812199][T15588] loop6: detected capacity change from 0 to 32768
[  381.835921][T15588] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  381.892415][T15588] XFS (loop6): Ending clean mount
[  381.897173][T15588] XFS (loop6): Quotacheck needed: Please wait.
[  381.941162][T15588] XFS (loop6): Quotacheck: Done.
[  381.984391][T12959] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  382.233258][   T24] tipc: Node number set to 2886997007
[  382.716910][T15625] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3831'.
[  383.232098][T15621] loop6: detected capacity change from 0 to 40427
[  383.249101][T15621] F2FS-fs: Quota file already specified
[  385.369408][T15659] loop3: detected capacity change from 0 to 32768
[  385.468827][T15661] pimreg3: entered allmulticast mode
[  385.977615][T15683] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3860'.
[  386.009832][   T47] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  386.528400][T15701] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3867'.
[  386.635643][   T47] usb 4-1: Using ep0 maxpacket: 32
[  386.692029][   T33] audit: type=1326 audit(648.627:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15706 comm="syz.4.3870" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7eff25f8ebe9 code=0x0
[  387.075795][   T47] usb 4-1: unable to get BOS descriptor or descriptor too short
[  387.118719][   T47] usb 4-1: config 1 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 250, changing to 11
[  387.122565][   T47] usb 4-1: config 1 interface 0 has no altsetting 0
[  387.130964][   T47] usb 4-1: New USB device found, idVendor=056a, idProduct=030c, bcdDevice= 0.40
[  387.136465][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.140893][   T47] usb 4-1: Product: syz
[  387.142270][   T47] usb 4-1: Manufacturer: syz
[  387.143743][   T47] usb 4-1: SerialNumber: syz
[  387.223526][T15712] loop6: detected capacity change from 0 to 1764
[  387.243844][T15712] iso9660: Corrupted directory entry in block 2 of inode 1920
[  387.332230][T15716] input: syz1 as /devices/virtual/input/input27
[  387.570377][   T47] usbhid 4-1:1.0: can't add hid device: -71
[  387.572690][   T47] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  387.588846][   T47] usb 4-1: USB disconnect, device number 49
[  388.258897][T15760] loop6: detected capacity change from 0 to 4096
[  388.267202][T15760] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  388.426819][ T5882] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  388.576395][ T5882] usb 4-1: Using ep0 maxpacket: 8
[  388.584779][ T5882] usb 4-1: unable to get BOS descriptor or descriptor too short
[  388.590320][ T5882] usb 4-1: config 17 has an invalid interface number: 8 but max is 1
[  388.596756][ T5882] usb 4-1: config 17 has 1 interface, different from the descriptor's value: 2
[  388.603872][ T5882] usb 4-1: config 17 has no interface number 0
[  388.613028][ T5882] usb 4-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0
[  388.623520][ T5882] usb 4-1: config 17 interface 8 has no altsetting 0
[  388.632938][ T5882] usb 4-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  388.642552][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.646716][ T5882] usb 4-1: Product: syz
[  388.656002][ T5882] usb 4-1: Manufacturer: syz
[  388.657970][ T5882] usb 4-1: SerialNumber: syz
[  388.886599][ T5882] usb 4-1: selecting invalid altsetting 0
[  388.916100][ T5882] usb 4-1: USB disconnect, device number 50
[  389.524138][T15791] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3910'.
[  389.679296][   T33] audit: type=1326 audit(651.618:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15794 comm="syz.4.3912" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x0
[  389.748164][ T5882] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  389.900868][ T5882] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  389.905751][ T5882] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  389.910018][ T5882] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  389.913987][ T5882] usb 4-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  389.917894][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.923604][ T5882] usb 4-1: config 0 descriptor??
[  390.341064][ T5882] sony 0003:054C:024B.000E: unexpected long global item
[  390.343684][ T5882] sony 0003:054C:024B.000E: parse failed
[  390.355024][ T5882] sony 0003:054C:024B.000E: probe with driver sony failed with error -22
[  390.546355][   T24] usb 4-1: USB disconnect, device number 51
[  390.600811][T15812] netlink: 'syz.4.3919': attribute type 29 has an invalid length.
[  390.606829][T15812] netlink: 'syz.4.3919': attribute type 29 has an invalid length.
[  390.611666][T15812] netlink: 500 bytes leftover after parsing attributes in process `syz.4.3919'.
[  390.635061][   T47] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  390.795970][   T47] usb 7-1: Using ep0 maxpacket: 8
[  390.799243][   T47] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  390.802553][   T47] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid maxpacket 166, setting to 64
[  390.805963][   T47] usb 7-1: config 0 interface 0 has no altsetting 0
[  390.809912][   T47] usb 7-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  390.812709][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.817203][   T47] usb 7-1: Product: syz
[  390.819010][   T47] usb 7-1: Manufacturer: syz
[  390.820687][   T47] usb 7-1: SerialNumber: syz
[  390.825043][   T47] usb 7-1: config 0 descriptor??
[  390.830706][   T47] snd_usb_toneport 7-1:0.0: Line 6 TonePort UX2 found
[  391.035283][   T47] snd_usb_toneport 7-1:0.0: Line 6 TonePort UX2 now disconnected
[  391.039086][   T47] snd_usb_toneport 7-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  391.239849][ T5882] usb 7-1: USB disconnect, device number 19
[  391.701303][T15841] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  391.920242][T15853] loop6: detected capacity change from 0 to 1024
[  391.991400][T15857] loop3: detected capacity change from 0 to 1024
[  392.009252][T15857] hfsplus: Bad value for 'gid'
[  392.029330][T15857] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  392.464288][T15875] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3948'.
[  392.467961][T15875] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3948'.
[  393.056281][ T5895] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  393.206642][ T5895] usb 4-1: Using ep0 maxpacket: 32
[  393.270147][T15910] PKCS8: Unsupported PKCS#8 version
[  393.638196][T15924] loop6: detected capacity change from 0 to 32768
[  393.652255][T15924] XFS: ikeep mount option is deprecated.
[  393.817650][T15924] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  393.908610][T15924] XFS (loop6): Ending clean mount
[  393.917490][T15924] XFS (loop6): Quotacheck needed: Please wait.
[  393.988881][T15924] XFS (loop6): Quotacheck: Done.
[  394.081951][T12959] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  394.401557][T15947] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  394.499067][T15954] loop6: detected capacity change from 0 to 16
[  394.505068][T15954] erofs (device loop6): mounted with root inode @ nid 36.
[  394.681781][T15965] loop6: detected capacity change from 0 to 256
[  394.701711][T15965] FAT-fs (loop6): Directory bread(block 64) failed
[  394.705980][T15965] FAT-fs (loop6): Directory bread(block 65) failed
[  394.708436][T15965] FAT-fs (loop6): Directory bread(block 66) failed
[  394.710634][T15965] FAT-fs (loop6): Directory bread(block 67) failed
[  394.715660][T15965] FAT-fs (loop6): Directory bread(block 68) failed
[  394.718540][T15965] FAT-fs (loop6): Directory bread(block 69) failed
[  394.720646][T15965] FAT-fs (loop6): Directory bread(block 70) failed
[  394.723395][T15965] FAT-fs (loop6): Directory bread(block 71) failed
[  394.725842][T15965] FAT-fs (loop6): Directory bread(block 72) failed
[  394.727926][T15965] FAT-fs (loop6): Directory bread(block 73) failed
[  395.793334][ T5895] usb 4-1: unable to get BOS descriptor or descriptor too short
[  395.800377][ T5895] usb 4-1: unable to read config index 0 descriptor/start: -71
[  395.812166][ T5895] usb 4-1: can't read configurations, error -71
[  395.939990][T15980] loop3: detected capacity change from 0 to 512
[  396.215297][T15982] loop3: detected capacity change from 0 to 2048
[  396.573585][T15999] loop3: detected capacity change from 0 to 2048
[  396.678250][T16001] loop6: detected capacity change from 0 to 4096
[  396.698109][T16007] overlayfs: missing 'lowerdir'
[  396.851463][T16013] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4007'.
[  397.071700][ T5895] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  397.232438][ T5895] usb 7-1: Using ep0 maxpacket: 8
[  397.248779][ T5895] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[  397.249408][T16019] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4009'.
[  397.254404][ T5895] usb 7-1: config 179 has no interface number 0
[  397.258981][ T5895] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  397.265581][ T5895] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  397.270480][ T5895] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  397.311411][ T5895] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  397.326923][ T5895] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  397.342780][ T5895] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  397.346562][ T5895] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.367017][T16012] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  397.792626][ T5895] input: Generic X-Box pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:179.65/input/input28
[  397.941914][T16012] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.956977][T16012] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  398.070564][ T6630] udevd[6630]: setting owner of /dev/input/js0 to uid=0, gid=104 failed: No such file or directory
[  398.604697][ T5895] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  398.708377][ T5882] usb 7-1: USB disconnect, device number 20
[  398.710301][    C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  398.710326][    C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  398.757026][ T5895] usb 4-1: New USB device found, idVendor=0c45, idProduct=62a0, bcdDevice=a8.22
[  398.762158][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.770346][ T5895] usb 4-1: config 0 descriptor??
[  398.784635][ T5895] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:62a0
[  398.991961][ T5895] gspca_sn9c20x: Write register 1000 failed -71
[  398.993962][ T5895] gspca_sn9c20x: Device initialization failed
[  398.996082][ T5895] gspca_sn9c20x 4-1:0.0: probe with driver gspca_sn9c20x failed with error -71
[  399.002236][ T5895] usb 4-1: USB disconnect, device number 54
[  399.050570][ T5882] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  399.200766][ T5882] usb 7-1: Using ep0 maxpacket: 8
[  399.205640][ T5882] usb 7-1: config index 0 descriptor too short (expected 1821, got 853)
[  399.209571][ T5882] usb 7-1: config 0 has an invalid interface number: 103 but max is 2
[  399.212347][ T5882] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  399.215634][ T5882] usb 7-1: config 0 has 2 interfaces, different from the descriptor's value: 3
[  399.218591][ T5882] usb 7-1: config 0 has no interface number 1
[  399.221344][ T5882] usb 7-1: config 0 interface 103 altsetting 9 endpoint 0x7 has an invalid bInterval 0, changing to 7
[  399.225670][ T5882] usb 7-1: config 0 interface 103 altsetting 9 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  399.229918][ T5882] usb 7-1: config 0 interface 103 altsetting 9 has a duplicate endpoint with address 0x8, skipping
[  399.234687][ T5882] usb 7-1: config 0 interface 103 altsetting 9 has a duplicate endpoint with address 0x4, skipping
[  399.239229][ T5882] usb 7-1: config 0 interface 103 has no altsetting 0
[  399.247480][ T5882] usb 7-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=cd.b4
[  399.251146][ T5882] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.254228][ T5882] usb 7-1: Product: syz
[  399.255840][ T5882] usb 7-1: Manufacturer: syz
[  399.257701][ T5882] usb 7-1: SerialNumber: syz
[  399.263373][ T5882] usb 7-1: config 0 descriptor??
[  399.488398][ T5882] videodev: could not get a free minor
[  399.490816][ T5882] dsbr100 7-1:0.0: couldn't register video device
[  399.492948][ T5882] dsbr100 7-1:0.0: probe with driver dsbr100 failed with error -23
[  399.499869][ T5882] usb 7-1: USB disconnect, device number 21
[  399.984921][T16108] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4050'.
[  400.240893][T16120] input: syz0 as /devices/virtual/input/input29
[  400.491910][T16130] loop3: detected capacity change from 0 to 2048
[  400.603824][T16136] loop3: detected capacity change from 0 to 512
[  400.742345][ T5882] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  400.922142][ T5882] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  400.926366][ T5882] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 15
[  400.941230][ T5882] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  400.952177][ T5882] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  400.956795][ T5882] usb 7-1: SerialNumber: syz
[  400.981404][ T5882] cdc_ether 7-1:1.0: skipping garbage
[  400.983533][ T5882] usb 7-1: bad CDC descriptors
[  401.189477][ T5882] usb 7-1: USB disconnect, device number 22
[  401.221041][T16144] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4067'.
[  401.252601][T16146] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4068'.
[  401.994598][T16163] loop3: detected capacity change from 0 to 512
[  402.037198][T16163] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  402.051618][T16163] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  402.077892][T16163] EXT4-fs (loop3): write access unavailable, skipping orphan cleanup
[  402.095107][T16163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  402.154303][T16163] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.4075: dx entry: limit 65535 != root limit 120
[  402.164617][T16163] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.4075: Corrupt directory, running e2fsck is recommended
[  402.188451][ T6625] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.208494][T16168] loop6: detected capacity change from 0 to 512
[  402.233137][T16168] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  402.239118][T16168] EXT4-fs (loop6): orphan cleanup on readonly fs
[  402.241095][T16168] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.4077: iget: bad i_size value: 38620345925642
[  402.249610][T16168] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.4077: couldn't read orphan inode 15 (err -117)
[  402.260369][T16168] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  402.296529][T16160] 9pnet_fd: p9_fd_create_tcp (16160): problem connecting socket to 127.0.0.1
[  402.425200][T12959] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.212268][T16193] loop3: detected capacity change from 0 to 1024
[  403.238426][   T47] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  403.402360][   T47] usb 7-1: Using ep0 maxpacket: 32
[  403.407336][   T47] usb 7-1: config 0 has an invalid interface number: 242 but max is 0
[  403.415406][   T47] usb 7-1: config 0 has no interface number 0
[  403.422317][   T47] usb 7-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=eb.4e
[  403.425430][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.437581][   T47] usb 7-1: Product: syz
[  403.439150][   T47] usb 7-1: Manufacturer: syz
[  403.440613][   T47] usb 7-1: SerialNumber: syz
[  403.444311][   T47] usb 7-1: config 0 descriptor??
[  403.496739][T16201] netlink: 'syz.3.4093': attribute type 4 has an invalid length.
[  403.665414][   T47] cdc_subset 7-1:0.242: probe with driver cdc_subset failed with error -71
[  403.682110][   T47] usb 7-1: USB disconnect, device number 23
[  403.923956][T16231] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4107'.
[  403.927457][T16231] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4107'.
[  404.254659][T16242] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4112'.
[  404.497251][T16239] loop3: detected capacity change from 0 to 65536
[  404.954678][T16253] loop3: detected capacity change from 0 to 4096
[  405.205234][T16251] loop6: detected capacity change from 0 to 131072
[  405.218334][T16251] F2FS-fs (loop6): Invalid log sectorsize (67108873)
[  405.220508][T16251] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  405.224708][T16251] F2FS-fs (loop6): invalid crc value
[  405.283399][T16251] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  405.288479][T16251] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  405.291175][T16251] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  405.300588][T16251] F2FS-fs (loop6): sanity_check_inode: inode (ino=4, mode=1773) should not have inline_dentry, run fsck to fix
[  405.579953][T16274] loop3: detected capacity change from 0 to 2048
[  405.583064][T16274] EXT4-fs: Ignoring removed mblk_io_submit option
[  405.615688][T16274] EXT4-fs: Ignoring removed nobh option
[  406.064898][T16302] overlayfs: failed to clone upperpath
[  406.124206][T16306] tipc: Cannot configure node identity twice
[  406.154238][T16304] loop3: detected capacity change from 0 to 2048
[  406.234402][T16314] loop3: detected capacity change from 0 to 256
[  406.240901][T16314] exfat: Deprecated parameter 'utf8'
[  406.242926][T16314] exfat: Deprecated parameter 'namecase'
[  406.244760][T16314] exfat: Deprecated parameter 'utf8'
[  407.324125][   T33] audit: type=1326 audit(669.267:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16323 comm="syz.6.4149" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  407.422929][   T33] audit: type=1326 audit(669.367:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16345 comm="syz.3.4159" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  407.431094][   T33] audit: type=1326 audit(669.367:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16345 comm="syz.3.4159" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  407.440010][   T33] audit: type=1326 audit(669.377:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16345 comm="syz.3.4159" exe="/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  407.450914][   T33] audit: type=1326 audit(669.377:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16345 comm="syz.3.4159" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  407.473582][   T33] audit: type=1326 audit(669.377:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16345 comm="syz.3.4159" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  407.494921][   T33] audit: type=1326 audit(669.377:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16345 comm="syz.3.4159" exe="/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  407.511517][   T33] audit: type=1326 audit(669.377:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16345 comm="syz.3.4159" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  407.522690][   T33] audit: type=1326 audit(669.377:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16345 comm="syz.3.4159" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  407.590295][   T33] audit: type=1804 audit(669.537:252): pid=16362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4167" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="ramfs" ino=39536 res=1 errno=0
[  407.651332][T16369] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4168'.
[  407.734527][T16371] loop3: detected capacity change from 0 to 4096
[  408.055487][T16383] loop3: detected capacity change from 0 to 128
[  408.564573][T16394] netlink: 56 bytes leftover after parsing attributes in process `syz.6.4179'.
[  408.659158][T16402] loop6: detected capacity change from 0 to 128
[  408.662014][T16402] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  408.666976][T16402] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  408.714032][ T1233] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  408.741263][T16404] netlink: 'syz.6.4184': attribute type 1 has an invalid length.
[  408.743848][T16404] netlink: 232 bytes leftover after parsing attributes in process `syz.6.4184'.
[  408.747986][T16404] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4184'.
[  408.991613][T16408] loop6: detected capacity change from 0 to 32768
[  409.009854][T16408] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4186 (16408)
[  409.033737][T16408] BTRFS info (device loop6): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  409.038901][T16408] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  409.041914][T16408] BTRFS info (device loop6): using free-space-tree
[  409.210001][   T64] Bluetooth: hci3: Frame reassembly failed (-84)
[  409.218821][T12959] BTRFS info (device loop6): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  409.677174][ T5882] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  409.811758][T16452] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[  409.827151][ T5882] usb 7-1: Using ep0 maxpacket: 16
[  409.831512][ T5882] usb 7-1: config 0 has an invalid interface number: 105 but max is 0
[  409.836939][ T5882] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  409.841624][ T5882] usb 7-1: config 0 has no interface number 0
[  409.852523][ T5882] usb 7-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  409.856830][ T5882] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.860111][ T5882] usb 7-1: Product: syz
[  409.861866][ T5882] usb 7-1: Manufacturer: syz
[  409.863678][ T5882] usb 7-1: SerialNumber: syz
[  409.872552][ T5882] usb 7-1: config 0 descriptor??
[  410.092761][   T24] usb 7-1: USB disconnect, device number 24
[  411.260535][T16474] netlink: 'syz.4.4208': attribute type 3 has an invalid length.
[  411.275223][   T54] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  412.760796][T16503] CIFS: VFS: Malformed UNC in devname
[  412.804083][T16499] loop6: detected capacity change from 0 to 32768
[  412.853052][T16499] jbd2_journal_init_inode: Cannot locate journal superblock
[  412.861363][T16499] (syz.6.4219,16499,0):ocfs2_journal_init:973 ERROR: Linux journal layer error
[  412.865947][T16499] (syz.6.4219,16499,0):ocfs2_check_volume:2347 ERROR: Could not initialize journal!
[  412.869146][T16499] (syz.6.4219,16499,0):ocfs2_check_volume:2432 ERROR: status = -22
[  412.873959][T16499] (syz.6.4219,16499,1):ocfs2_mount_volume:1764 ERROR: status = -22
[  412.878702][T16507] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4223'.
[  412.882717][T16507] netlink: 66 bytes leftover after parsing attributes in process `syz.3.4223'.
[  412.892399][T16499] (syz.6.4219,16499,1):ocfs2_fill_super:1177 ERROR: status = -22
[  413.473519][ T5882] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  413.591842][T16543] loop6: detected capacity change from 0 to 512
[  413.624128][ T5882] usb 4-1: Using ep0 maxpacket: 32
[  413.629424][T16543] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.649765][ T5882] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  413.653925][ T5882] usb 4-1: New USB device strings: Mfr=115, Product=0, SerialNumber=0
[  413.657111][ T5882] usb 4-1: Manufacturer: syz
[  413.659700][T16543] EXT4-fs error (device loop6): ext4_empty_dir:3084: inode #12: comm syz.6.4239: Directory hole found for htree leaf block 0
[  413.666900][ T5882] usb 4-1: config 0 descriptor??
[  413.669492][T16543] EXT4-fs (loop6): Remounting filesystem read-only
[  413.696404][T12959] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.702508][   T36] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  413.708275][   T36] __quota_error: 1 callbacks suppressed
[  413.708286][   T36] Quota error (device loop6): write_blk: dquota write failed
[  413.712612][   T36] Quota error (device loop6): free_dqentry: Can't write quota data block 5
[  413.720398][   T36] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  413.726186][   T36] Quota error (device loop6): write_blk: dquota write failed
[  413.729149][   T36] Quota error (device loop6): free_dqentry: Can't write quota data block 5
[  413.882613][ T5882] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  413.902538][ T5882] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  413.910488][T16550] netlink: 'syz.6.4241': attribute type 12 has an invalid length.
[  413.911188][ T5882] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  413.917816][ T5882] usb 4-1: media controller created
[  413.936369][ T5882] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  414.077742][T16553] netlink: 6 bytes leftover after parsing attributes in process `syz.6.4243'.
[  414.087562][T16553] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  414.133405][ T5882] az6027: usb out operation failed. (-71)
[  414.144231][ T5882] az6027: usb out operation failed. (-71)
[  414.146694][ T5882] stb0899_attach: Driver disabled by Kconfig
[  414.163224][ T5882] az6027: no front-end attached
[  414.163224][ T5882] 
[  414.167670][ T5882] az6027: usb out operation failed. (-71)
[  414.170144][ T5882] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  414.186767][ T5882] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input30
[  414.204855][ T5882] dvb-usb: schedule remote query interval to 400 msecs.
[  414.207803][ T5882] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  414.234336][ T5882] usb 4-1: USB disconnect, device number 55
[  414.443912][ T5882] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  415.319522][T16570] policy can only be matched on NF_INET_PRE_ROUTING
[  415.319536][T16570] unable to load match
[  415.436453][T16578] syz_tun: entered allmulticast mode
[  415.440747][T16577] syz_tun: left allmulticast mode
[  415.447725][T16581] loop3: detected capacity change from 0 to 1024
[  415.570623][ T5882] usb 7-1: new full-speed USB device number 25 using dummy_hcd
[  415.723930][ T5882] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  415.726702][ T5882] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.734462][ T5882] usb 7-1: config 0 descriptor??
[  415.942285][ T5882] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  415.960117][ T5882] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 3
[  415.966445][ T5882] [drm] Initialized udl on minor 3
[  416.148058][ T5882] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[  416.151023][ T5882] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  416.185877][T16622] netlink: 'syz.4.4274': attribute type 2 has an invalid length.
[  416.229483][T16626] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4276'.
[  416.357288][ T5853] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  416.360570][ T5882] usb 7-1: USB disconnect, device number 25
[  416.365060][ T5853] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  416.368195][ T5853] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  416.502242][T16641] loop3: detected capacity change from 0 to 16
[  417.008305][T16644] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  417.014012][T16644] tipc: New replicast peer: 10.1.1.0
[  417.367070][T16648] loop6: detected capacity change from 0 to 256
[  417.411440][T16648] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  417.423688][T16648] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  417.454899][T16648] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  417.531031][T16648] exFAT-fs (loop6): error, invalid access to FAT (entry 0xffffffff)
[  417.538643][T16648] exFAT-fs (loop6): Filesystem has been set read-only
[  417.557323][T16648] exFAT-fs (loop6): error, invalid access to FAT (entry 0xffffffff)
[  418.031057][T10670] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  418.056644][T16661] loop6: detected capacity change from 0 to 32768
[  418.087030][T16661] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  418.150371][T12959] ocfs2: Unmounting device (7,6) on (node local)
[  418.204584][T10670] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  418.208329][T10670] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  418.225892][T10670] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  418.229143][T10670] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  418.238054][T10670] usb 4-1: SerialNumber: syz
[  418.465022][T10670] usb 4-1: 0:2 : does not exist
[  418.486669][T10670] usb 4-1: USB disconnect, device number 56
[  418.515440][ T6630] udevd[6630]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  418.829972][T16690] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4304'.
[  419.033710][T16702] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4311'.
[  419.043005][T16702] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4311'.
[  419.502922][T16733] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4325'.
[  419.616357][T16741] loop3: detected capacity change from 0 to 128
[  419.724939][T16745] loop3: detected capacity change from 0 to 8
[  419.777381][T16747] loop6: detected capacity change from 0 to 512
[  420.068996][T16767] loop3: detected capacity change from 0 to 256
[  420.075497][T16767] exfat: Deprecated parameter 'namecase'
[  420.240610][   T47] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  420.351616][T16769] loop3: detected capacity change from 0 to 32768
[  420.402589][   T47] usb 7-1: Using ep0 maxpacket: 16
[  420.414087][   T47] usb 7-1: unable to get BOS descriptor or descriptor too short
[  420.436311][   T47] usb 7-1: config 1 has an invalid interface number: 231 but max is 0
[  420.439602][   T47] usb 7-1: config 1 has no interface number 0
[  420.459971][   T47] usb 7-1: config 1 interface 231 has no altsetting 0
[  420.475252][   T47] usb 7-1: string descriptor 0 read error: -22
[  420.477825][   T47] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=5c.f5
[  420.490713][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.711674][   T47] usbtest 7-1:1.231: Linux gadget zero
[  420.713950][   T47] usbtest 7-1:1.231: high-speed {control in/out int-out} tests (+alt)
[  420.772924][T16775] loop3: detected capacity change from 0 to 32768
[  420.777925][T16775] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4345 (16775)
[  420.784294][T16775] BTRFS error: failed to open device for path /dev/loop3 with flags 0x23: -13
[  420.916954][T10670] usb 7-1: USB disconnect, device number 26
[  421.739299][T10670] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  421.899274][T10670] usb 7-1: Using ep0 maxpacket: 8
[  421.921085][T10670] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  421.925355][T10670] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  421.937325][T10670] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  421.960716][T10670] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  421.973384][T10670] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  421.989000][T10670] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  421.998669][T10670] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.382122][T10670] usb 7-1: usb_control_msg returned -32
[  422.384446][T10670] usbtmc 7-1:16.0: can't read capabilities
[  422.418595][T16808] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4359'.
[  422.490306][T16812] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  422.742054][T16829] usb 7-1: usbtmc_ioctl_clear_out_halt returned -32
[  423.221611][T16837] loop3: detected capacity change from 0 to 40427
[  423.370631][T16857] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4383'.
[  424.492017][ T5882] usb 7-1: USB disconnect, device number 27
[  424.574111][T16870] loop6: detected capacity change from 0 to 256
[  424.578461][T16870] exfat: Deprecated parameter 'namecase'
[  424.580849][T16870] exfat: Deprecated parameter 'utf8'
[  424.590903][T16870] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  424.802276][T16880] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  424.887763][ T5853] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  425.045937][ T5853] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  425.051228][ T5853] usb 4-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[  425.054471][ T5853] usb 4-1: Product: syz
[  425.057999][ T5853] usb 4-1: Manufacturer: syz
[  425.060782][ T5853] usb 4-1: SerialNumber: syz
[  425.065551][ T5853] usb 4-1: config 0 descriptor??
[  425.071985][ T5853] ch341 4-1:0.0: ch341-uart converter detected
[  425.124580][T16896] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4401'.
[  425.274246][T16902] overlayfs: failed to clone upperpath
[  425.441110][T16907] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4406'.
[  426.241362][T16924] netlink: 'syz.6.4413': attribute type 21 has an invalid length.
[  426.244588][T16924] netlink: 128 bytes leftover after parsing attributes in process `syz.6.4413'.
[  426.269877][ T5853] usb 4-1: ch341-uart converter now attached to ttyUSB0
[  426.470754][   T47] usb 4-1: USB disconnect, device number 57
[  426.484447][   T47] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[  426.493017][   T47] ch341 4-1:0.0: device disconnected
[  426.672690][T16932] loop6: detected capacity change from 0 to 40427
[  426.774222][T16932] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  426.782531][T16932] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  426.815892][T12959] syz-executor: attempt to access beyond end of device
[  426.815892][T12959] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  426.821645][T12959] CPU: 1 UID: 0 PID: 12959 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  426.821675][T12959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  426.821684][T12959] Call Trace:
[  426.821690][T12959]  <TASK>
[  426.821696][T12959]  dump_stack_lvl+0x189/0x250
[  426.821720][T12959]  ? __pfx_dump_stack_lvl+0x10/0x10
[  426.821737][T12959]  ? __pfx_queue_work_on+0x10/0x10
[  426.821749][T12959]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  426.821767][T12959]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  426.821795][T12959]  f2fs_handle_critical_error+0x37c/0x540
[  426.821822][T12959]  f2fs_write_end_io+0x886/0xb60
[  426.821853][T12959]  __submit_merged_bio+0x27a/0x6a0
[  426.821878][T12959]  __submit_merged_write_cond+0x255/0x530
[  426.821903][T12959]  f2fs_write_data_pages+0x261d/0x3000
[  426.821922][T12959]  ? __lock_acquire+0xab9/0xd20
[  426.821972][T12959]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  426.822033][T12959]  ? __mod_zone_page_state+0xd7/0x140
[  426.822061][T12959]  ? folios_put_refs+0x560/0x640
[  426.822086][T12959]  ? __lock_acquire+0xab9/0xd20
[  426.822112][T12959]  ? do_raw_spin_lock+0x121/0x290
[  426.822138][T12959]  ? do_raw_spin_unlock+0x4d/0x240
[  426.822154][T12959]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  426.822175][T12959]  do_writepages+0x32e/0x550
[  426.822203][T12959]  ? do_raw_spin_unlock+0x4d/0x240
[  426.822223][T12959]  filemap_fdatawrite+0x199/0x240
[  426.822242][T12959]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  426.822326][T12959]  ? do_raw_spin_unlock+0x4d/0x240
[  426.822348][T12959]  f2fs_sync_dirty_inodes+0x31f/0x830
[  426.822376][T12959]  f2fs_write_checkpoint+0x95a/0x1df0
[  426.822411][T12959]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  426.822468][T12959]  ? kill_f2fs_super+0x298/0x6c0
[  426.822487][T12959]  kill_f2fs_super+0x2c3/0x6c0
[  426.822506][T12959]  ? __pfx_kill_f2fs_super+0x10/0x10
[  426.822518][T12959]  ? radix_tree_delete_item+0x2b6/0x400
[  426.822542][T12959]  ? shrinker_free+0x2ce/0x3e0
[  426.822559][T12959]  deactivate_locked_super+0xbc/0x130
[  426.822578][T12959]  cleanup_mnt+0x425/0x4c0
[  426.822595][T12959]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.822615][T12959]  task_work_run+0x1d4/0x260
[  426.822636][T12959]  ? __pfx_task_work_run+0x10/0x10
[  426.822651][T12959]  ? __x64_sys_umount+0x122/0x160
[  426.822681][T12959]  ? exit_to_user_mode_loop+0x40/0x110
[  426.822703][T12959]  exit_to_user_mode_loop+0xec/0x110
[  426.822723][T12959]  do_syscall_64+0x2bd/0x3b0
[  426.822740][T12959]  ? lockdep_hardirqs_on+0x9c/0x150
[  426.822757][T12959]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.822770][T12959]  ? exc_page_fault+0x9f/0xf0
[  426.822790][T12959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.822802][T12959] RIP: 0033:0x7f016bd8ff17
[  426.822816][T12959] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  426.822827][T12959] RSP: 002b:00007ffeef536038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  426.822842][T12959] RAX: 0000000000000000 RBX: 00007f016be11c05 RCX: 00007f016bd8ff17
[  426.822851][T12959] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeef5360f0
[  426.822859][T12959] RBP: 00007ffeef5360f0 R08: 0000000000000000 R09: 0000000000000000
[  426.822867][T12959] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeef537180
[  426.822875][T12959] R13: 00007f016be11c05 R14: 000000000006830c R15: 00007ffeef5371c0
[  426.822901][T12959]  </TASK>
[  426.822907][T12959] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  427.642878][T16980] loop3: detected capacity change from 0 to 1024
[  427.856123][T16981] loop6: detected capacity change from 0 to 32768
[  427.860218][T16981] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4438 (16981)
[  427.870560][T16981] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  427.874653][T16981] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  427.878815][T16981] BTRFS info (device loop6): using free-space-tree
[  427.957114][ T5908] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  428.011232][T12959] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  428.146265][ T5908] usb 4-1: Using ep0 maxpacket: 32
[  428.174493][ T5908] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  428.180744][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.183884][ T5908] usb 4-1: Product: syz
[  428.185498][ T5908] usb 4-1: Manufacturer: syz
[  428.206003][ T5908] usb 4-1: SerialNumber: syz
[  428.217382][ T5908] usb 4-1: config 0 descriptor??
[  428.629797][ T5908] airspy 4-1:0.0: Board ID: 00
[  428.631496][ T5908] airspy 4-1:0.0: Firmware version: 
[  429.039414][ T5908] airspy 4-1:0.0: usb_control_msg() failed -71 request 0e
[  429.047751][ T5908] airspy 4-1:0.0: Registered as swradio24
[  429.050432][ T5908] airspy 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  429.058028][ T5908] usb 4-1: USB disconnect, device number 58
[  429.614175][T17031] loop3: detected capacity change from 0 to 2048
[  429.758824][T17038] loop3: detected capacity change from 0 to 128
[  430.110845][   T33] audit: type=1326 audit(692.069:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.118776][   T33] audit: type=1326 audit(692.069:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.127403][   T33] audit: type=1326 audit(692.079:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.135854][   T33] audit: type=1326 audit(692.079:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.143417][   T33] audit: type=1326 audit(692.079:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.157443][   T33] audit: type=1326 audit(692.089:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.171864][   T33] audit: type=1326 audit(692.089:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.187757][   T33] audit: type=1326 audit(692.089:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.195958][   T33] audit: type=1326 audit(692.089:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.202657][   T33] audit: type=1326 audit(692.089:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17051 comm="syz.4.4463" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  430.382871][T17071] pim6reg1: entered promiscuous mode
[  430.385743][T17071] pim6reg1: entered allmulticast mode
[  430.815491][ T5853] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  431.006546][ T5853] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  431.014385][ T5853] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  431.021588][ T5853] usb 7-1: config 220 has an invalid descriptor of length 13, skipping remainder of the config
[  431.028808][ T5853] usb 7-1: config 220 has no interface number 2
[  431.032707][ T5853] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  431.038586][ T5853] usb 7-1: config 220 interface 0 has no altsetting 0
[  431.041466][ T5853] usb 7-1: config 220 interface 76 has no altsetting 0
[  431.044566][ T5853] usb 7-1: config 220 interface 1 has no altsetting 0
[  431.050886][ T5853] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  431.055799][ T5853] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.059686][ T5853] usb 7-1: Product: syz
[  431.061575][ T5853] usb 7-1: Manufacturer: syz
[  431.063590][ T5853] usb 7-1: SerialNumber: syz
[  431.282233][ T5853] usb 7-1: selecting invalid altsetting 0
[  431.284999][ T5853] usb 7-1: Found UVC 7.01 device syz (8086:0b07)
[  431.289644][ T5853] usb 7-1: No valid video chain found.
[  431.295340][ T5853] usb 7-1: selecting invalid altsetting 0
[  431.357236][ T5853] usbtest 7-1:220.1: probe with driver usbtest failed with error -22
[  431.373734][ T5853] usb 7-1: USB disconnect, device number 28
[  431.378621][T17102] netlink: 'syz.3.4487': attribute type 1 has an invalid length.
[  431.389176][T17102] netlink: 'syz.3.4487': attribute type 2 has an invalid length.
[  432.543942][   T24] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  432.693768][   T24] usb 7-1: Using ep0 maxpacket: 16
[  432.698581][   T24] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  432.716097][   T24] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  432.719030][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.722886][   T24] usb 7-1: Product: syz
[  432.724331][   T24] usb 7-1: Manufacturer: syz
[  432.725829][   T24] usb 7-1: SerialNumber: syz
[  432.738186][   T24] r8152-cfgselector 7-1: Unknown version 0x0000
[  432.740246][   T24] r8152-cfgselector 7-1: config 0 descriptor??
[  434.738327][T17196] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  434.767350][T17200] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4532'.
[  435.068290][ T5908] r8152-cfgselector 7-1: USB disconnect, device number 29
[  435.540859][ T5239] Bluetooth: hci2: Malformed Event: 0x02
[  435.598049][T17222] loop6: detected capacity change from 0 to 256
[  436.075323][T17242] netlink: 'syz.6.4549': attribute type 10 has an invalid length.
[  436.086195][T17242] team0: Device hsr_slave_0 failed to register rx_handler
[  436.223770][T17254] netlink: 60 bytes leftover after parsing attributes in process `syz.6.4555'.
[  436.227431][T17254] netlink: 60 bytes leftover after parsing attributes in process `syz.6.4555'.
[  436.338307][ T5239] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  436.338407][ T5239] Bluetooth: hci2: Unknown advertising packet type: 0x5d
[  436.343762][ T5239] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  436.346536][ T5239] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  436.349351][ T5239] Bluetooth: hci2: Malformed LE Event: 0x0d
[  436.381376][T17261] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4556'.
[  439.492072][T17370] overlayfs: failed to clone upperpath
[  439.751488][T17373] loop6: detected capacity change from 0 to 4096
[  439.761551][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  439.947055][T17383] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  440.163076][T17390] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.166274][T17390] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.169157][T17390] bridge0: port 2(bridge_slave_1) entered forwarding state
[  440.274556][T17406] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4619'.
[  440.522082][   T47] usb 7-1: new full-speed USB device number 30 using dummy_hcd
[  440.677482][   T47] usb 7-1: config 0 has an invalid interface number: 128 but max is 0
[  440.680804][   T47] usb 7-1: config 0 has no interface number 0
[  440.685712][   T47] usb 7-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  440.689295][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.694789][   T47] usb 7-1: Product: syz
[  440.696493][   T47] usb 7-1: Manufacturer: syz
[  440.698343][   T47] usb 7-1: SerialNumber: syz
[  440.707286][   T47] usb 7-1: config 0 descriptor??
[  441.116383][   T47] usb 7-1: Firmware: major: 119, minor: 43, hardware type: UNKNOWN (5)
[  441.241296][ T5239] Bluetooth: hci1: unexpected subevent 0x03 length: 244 > 9
[  441.322336][   T47] usb 7-1: failed to fetch extended address, random address set
[  441.324648][   T47] usb 7-1: atusb_probe: initialization failed, error = -524
[  441.327200][   T47] atusb 7-1:0.128: probe with driver atusb failed with error -524
[  441.331625][   T47] usb 7-1: USB disconnect, device number 30
[  441.908908][T17468] loop6: detected capacity change from 0 to 164
[  441.931486][T17468] isofs: Unable to find the ".." directory for NFS.
[  441.942145][   T33] audit: type=1326 audit(959.889:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  441.966090][   T33] audit: type=1326 audit(959.889:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  441.984452][   T33] audit: type=1326 audit(959.889:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  441.996104][   T33] audit: type=1326 audit(959.889:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  442.004797][   T33] audit: type=1326 audit(959.889:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  442.016920][   T33] audit: type=1326 audit(959.889:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  442.025992][   T33] audit: type=1326 audit(959.909:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17471 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  442.041358][   T33] audit: type=1326 audit(959.919:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  442.066562][   T33] audit: type=1326 audit(959.919:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  442.085826][   T33] audit: type=1326 audit(959.919:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17469 comm="syz.3.4651" exe="/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  442.354581][T17484] loop6: detected capacity change from 0 to 2048
[  442.409100][T17484] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  442.470180][T17483] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  442.515134][T17483] EXT4-fs (loop6): Remounting filesystem read-only
[  442.522258][T17483] EXT4-fs (loop6): error restoring inline_data for inode -- potential data loss! (inode 18, error -30)
[  442.610333][T12959] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.841533][T17503] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4665'.
[  442.859038][T17505] loop9: detected capacity change from 0 to 7
[  442.863993][ T6630]  loop9:
[  442.865777][ T6630] loop9: partition table partially beyond EOD, truncated
[  442.876793][T17505]  loop9:
[  442.877766][T17505] loop9: partition table partially beyond EOD, truncated
[  443.547367][T17547] netlink: 'syz.4.4685': attribute type 25 has an invalid length.
[  443.550340][T17547] netlink: 184 bytes leftover after parsing attributes in process `syz.4.4685'.
[  444.469491][T17564] netlink: 'syz.4.4692': attribute type 1 has an invalid length.
[  444.481832][T17564] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4692'.
[  444.518353][T17566] pim6reg: entered allmulticast mode
[  444.521192][T17566] pim6reg: left allmulticast mode
[  445.250466][T17579] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4698'.
[  445.264808][T17579] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4698'.
[  446.064859][T17600] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4708'.
[  446.083137][T17600] tunl0: Caught tx_queue_len zero misconfig
[  448.064409][   T47] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  448.127284][   T33] kauditd_printk_skb: 321 callbacks suppressed
[  448.127296][   T33] audit: type=1800 audit(966.079:595): pid=17615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4715" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  448.235449][   T47] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  448.251838][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.254429][   T47] usb 7-1: Product: syz
[  448.256020][   T47] usb 7-1: Manufacturer: syz
[  448.261790][   T47] usb 7-1: SerialNumber: syz
[  448.273925][   T47] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  448.341209][ T2292] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  448.404510][T17626] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4720'.
[  449.020593][ T5908] usb 7-1: USB disconnect, device number 31
[  449.120612][    C0] hrtimer: interrupt took 87733 ns
[  449.435321][ T2292] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  449.438448][ T2292] ath9k_htc: Failed to initialize the device
[  449.457080][ T5908] usb 7-1: ath9k_htc: USB layer deinitialized
[  450.074793][T17674] bpf: Bad value for 'mode'
[  450.250551][T17664] loop6: detected capacity change from 0 to 32768
[  450.297455][T17664] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  450.346704][T17664] XFS (loop6): Ending clean mount
[  450.407721][T17664] XFS (loop6): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xe0, xfs_rmapbt block 0x14 
[  450.411388][T17664] XFS (loop6): Unmount and run xfs_repair
[  450.415514][T17664] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  450.418479][T17664] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  450.422906][T17664] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  450.426010][T17664] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  450.428975][T17664] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  450.433444][T17664] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  450.436378][T17664] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  450.439735][T17664] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  450.442853][T17664] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  450.445638][T17664] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x14 len 4 error 74
[  450.459002][T17664] XFS (loop6): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  450.472707][T17664] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  450.606286][T12959] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  451.186142][   T33] audit: type=1804 audit(969.139:596): pid=17712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4751" name="file0" dev="tmpfs" ino=7159 res=1 errno=0
[  452.750895][T17752] loop6: detected capacity change from 0 to 164
[  452.784821][T17752] Unable to read rock-ridge attributes
[  452.804590][T17752] Unable to read rock-ridge attributes
[  453.630392][T17795] loop6: detected capacity change from 0 to 512
[  453.641018][T17795] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  453.666620][T17795] EXT4-fs (loop6): 1 truncate cleaned up
[  453.669313][T17795] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  453.692731][T12959] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  455.414903][T17867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4819'.
[  455.557922][T17876] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4824'.
[  455.565681][T17876] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4824'.
[  456.104325][T17911] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.4840'.
[  456.108536][T17911] netlink: zone id is out of range
[  456.110667][T17911] netlink: get zone limit has 8 unknown bytes
[  456.417310][T17924] openvswitch: netlink: VXLAN extension 11 out of range max 1
[  456.696765][T17935] netlink: 'syz.4.4852': attribute type 2 has an invalid length.
[  456.784237][T17940] netlink: 'syz.4.4854': attribute type 27 has an invalid length.
[  461.054987][T18089] overlayfs: failed to clone upperpath
[  461.146285][T18097] netlink: 'syz.3.4920': attribute type 1 has an invalid length.
[  461.258918][T18105] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4923'.
[  461.683583][T18112] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  462.549973][T18128] netlink: 4388 bytes leftover after parsing attributes in process `syz.6.4932'.
[  462.973982][T18154] bridge: RTM_NEWNEIGH with invalid ether address
[  463.640728][T18182] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4957'.
[  463.643627][T18182] netlink: 216 bytes leftover after parsing attributes in process `syz.6.4957'.
[  463.646589][T18182] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4957'.
[  463.772572][T18187] netlink: 'syz.6.4959': attribute type 29 has an invalid length.
[  463.783433][T18187] netlink: 'syz.6.4959': attribute type 29 has an invalid length.
[  464.392606][T18216] lo speed is unknown, defaulting to 1000
[  464.395157][ T5239] Bluetooth: to_multiplier 40360 > 3200
[  464.786806][T18227] syz.6.4975 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  465.266323][T18251] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4988'.
[  465.277017][   T33] audit: type=1326 audit(983.229:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.288711][   T33] audit: type=1326 audit(983.239:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.312588][   T33] audit: type=1326 audit(983.269:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.322131][T18257] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4989'.
[  465.336137][   T33] audit: type=1326 audit(983.289:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.354328][   T33] audit: type=1326 audit(983.309:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.374745][   T33] audit: type=1326 audit(983.309:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.388827][   T33] audit: type=1326 audit(983.309:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.409917][   T33] audit: type=1326 audit(983.309:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.418281][   T33] audit: type=1326 audit(983.309:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  465.425735][   T33] audit: type=1326 audit(983.309:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18252 comm="syz.6.4987" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7fc00000
[  466.462059][ T5239] Bluetooth: hci1: command 0x0406 tx timeout
[  466.586390][T18310] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5015'.
[  466.689587][T18319] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  467.260126][T18336] Option '    ' to dns_resolver key: bad/missing value
[  468.995570][T18390] overlayfs: failed to resolve './file0': -2
[  470.217604][T18442] team0: entered allmulticast mode
[  470.219677][T18442] team_slave_0: entered allmulticast mode
[  470.221560][T18442] team_slave_1: entered allmulticast mode
[  470.225801][T18442] team0: left allmulticast mode
[  470.227668][T18442] team_slave_0: left allmulticast mode
[  470.229454][T18442] team_slave_1: left allmulticast mode
[  470.780631][T18450] netlink: 'syz.4.5074': attribute type 1 has an invalid length.
[  471.869596][T18498] netlink: 'syz.6.5097': attribute type 1 has an invalid length.
[  471.875208][T18498] netlink: 56 bytes leftover after parsing attributes in process `syz.6.5097'.
[  471.889860][T18500] macsec0: entered allmulticast mode
[  471.899230][T18500] veth1_macvtap: entered allmulticast mode
[  471.901595][T18500] macsec0: left allmulticast mode
[  471.904097][T18500] veth1_macvtap: left allmulticast mode
[  472.855555][T18542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5118'.
[  472.901599][T18542] vxlan0: entered promiscuous mode
[  472.917095][ T5695] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  472.922811][ T5695] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  472.926566][ T5695] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  472.933121][ T5695] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  473.269875][T18563] bridge2: the hash_elasticity option has been deprecated and is always 16
[  473.283678][T18565] netlink: 16386 bytes leftover after parsing attributes in process `syz.6.5129'.
[  473.869562][T18581] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5137'.
[  473.874270][T18581] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5137'.
[  473.917518][T18583] overlayfs: failed to clone upperpath
[  474.330252][T18603] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (8)
[  474.558725][    C1] vcan0: j1939_tp_rxtimer: 0xffff888120194000: rx timeout, send abort
[  475.006713][   T33] kauditd_printk_skb: 91 callbacks suppressed
[  475.006729][   T33] audit: type=1800 audit(2000000008.620:698): pid=18630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.5158" name="/newroot/1484/file0" dev="tmpfs" ino=7831 res=0 errno=0
[  475.061870][    C1] vcan0: j1939_tp_rxtimer: 0xffff888120194000: abort rx timeout. Force session deactivation
[  475.700050][T18663] netlink: 'syz.4.5173': attribute type 83 has an invalid length.
[  475.752723][T18668] overlayfs: failed to clone upperpath
[  476.858635][T18717] netlink: 'syz.3.5199': attribute type 2 has an invalid length.
[  476.884903][T18719] overlayfs: failed to clone upperpath
[  477.019248][T18729] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  477.826837][T18749] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5213'.
[  478.105690][T18763] overlayfs: failed to clone upperpath
[  478.259426][T18786] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5226'.
[  479.973485][T18855] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5260'.
[  483.259405][T19002] delete_channel: no stack
[  483.266382][T19001] delete_channel: no stack
[  483.859630][T19013] netlink: 'syz.4.5333': attribute type 3 has an invalid length.
[  483.896574][T19013] netlink: 188 bytes leftover after parsing attributes in process `syz.4.5333'.
[  484.306013][T19043] netlink: 'syz.3.5346': attribute type 2 has an invalid length.
[  484.309043][T19043] netlink: 199816 bytes leftover after parsing attributes in process `syz.3.5346'.
[  486.185289][T19145] netlink: 'syz.6.5394': attribute type 1 has an invalid length.
[  486.188949][T19145] netlink: 'syz.6.5394': attribute type 1 has an invalid length.
[  486.500714][T19163] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5403'.
[  486.515094][T19163] netlink: 35 bytes leftover after parsing attributes in process `syz.4.5403'.
[  486.522220][T19163] netlink: 'syz.4.5403': attribute type 6 has an invalid length.
[  486.525436][T19163] netlink: 'syz.4.5403': attribute type 5 has an invalid length.
[  486.528599][T19163] netlink: 35 bytes leftover after parsing attributes in process `syz.4.5403'.
[  487.611054][T19201] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[  487.617170][T19201] PKCS7: Only support pkcs7_signedData type
[  487.847437][T19214] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5425'.
[  488.010621][   T33] audit: type=1326 audit(2000000239.549:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.039021][   T33] audit: type=1326 audit(2000000239.549:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.120437][   T33] audit: type=1326 audit(2000000239.549:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.180223][   T33] audit: type=1326 audit(2000000239.549:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.240585][   T33] audit: type=1326 audit(2000000239.549:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.273628][   T33] audit: type=1326 audit(2000000239.549:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.288946][   T33] audit: type=1326 audit(2000000239.549:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.301393][   T33] audit: type=1326 audit(2000000239.559:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.312058][   T33] audit: type=1326 audit(2000000239.559:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.320125][   T33] audit: type=1326 audit(2000000239.559:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.4.5423" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  488.544299][T19235] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5435'.
[  488.852545][T19253] wireguard: wg1: Could not create IPv4 socket
[  489.009763][T19268] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5450'.
[  489.038535][T19268] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.041410][T19268] bridge_slave_1: left allmulticast mode
[  489.043435][T19268] bridge_slave_1: left promiscuous mode
[  489.045696][T19268] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.533797][ T5239] Bluetooth: hci1: unexpected event 0x01 length: 13 > 1
[  489.546239][T19297] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5464'.
[  489.627767][T19303] netlink: 'syz.3.5467': attribute type 34 has an invalid length.
[  489.884367][T19320] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  489.887424][T19320] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  490.650333][T19345] netlink: 'syz.4.5486': attribute type 6 has an invalid length.
[  490.736950][T19351] netlink: 'syz.4.5489': attribute type 2 has an invalid length.
[  490.770927][T19351] k*]: entered promiscuous mode
[  491.159580][T19376] netlink: 'syz.3.5501': attribute type 11 has an invalid length.
[  491.386673][T19382] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  491.865642][T19399] netlink: 'syz.3.5511': attribute type 11 has an invalid length.
[  491.871572][T19399] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5511'.
[  492.081831][T19417] overlayfs: failed to clone upperpath
[  495.305663][T19531] sctp: [Deprecated]: syz.6.5571 (pid 19531) Use of struct sctp_assoc_value in delayed_ack socket option.
[  495.305663][T19531] Use struct sctp_sack_info instead
[  495.348272][   T33] kauditd_printk_skb: 124 callbacks suppressed
[  495.348287][   T33] audit: type=1326 audit(2000000247.960:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19532 comm="syz.6.5572" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x0
[  495.689606][T19549] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5580'.
[  496.363314][T19595] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  496.524801][   T33] audit: type=1326 audit(2000000249.140:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.3.5607" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  496.533155][   T33] audit: type=1326 audit(2000000249.140:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.3.5607" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  496.543918][   T33] audit: type=1326 audit(2000000249.150:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.3.5607" exe="/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  496.550648][   T33] audit: type=1326 audit(2000000249.150:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.3.5607" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  496.559039][   T33] audit: type=1326 audit(2000000249.150:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19602 comm="syz.3.5607" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe410f8ebe9 code=0x7ffc0000
[  497.327237][T19689] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551613)
[  497.330644][T19689] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647
[  498.588554][   T33] audit: type=1326 audit(2000000251.050:839): auid=4294967295 uid=33792 gid=0 ses=4294967295 subj=unconfined pid=19730 comm="syz.4.5667" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  498.598518][   T33] audit: type=1326 audit(2000000251.050:840): auid=4294967295 uid=33792 gid=0 ses=4294967295 subj=unconfined pid=19730 comm="syz.4.5667" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  498.607179][   T33] audit: type=1326 audit(2000000251.050:841): auid=4294967295 uid=33792 gid=0 ses=4294967295 subj=unconfined pid=19730 comm="syz.4.5667" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  498.622186][   T33] audit: type=1326 audit(2000000251.060:842): auid=4294967295 uid=33792 gid=0 ses=4294967295 subj=unconfined pid=19730 comm="syz.4.5667" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  498.930131][ T5239] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  499.164105][T19757] 9pnet_fd: Insufficient options for proto=fd
[  500.297588][ T5239] Bluetooth: hci2: unexpected cc 0x040d length: 63 > 7
[  500.304978][ T5239] Bluetooth: hci2: unexpected event for opcode 0x040d
[  500.311642][T19821] tipc: Failed to remove unknown binding: 66,1,1/0:3321958217/3321958219
[  500.617888][T19837] netlink: 420 bytes leftover after parsing attributes in process `syz.3.5717'.
[  500.620670][T19837] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5717'.
[  500.625846][T19837] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5717'.
[  500.629037][T19837] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5717'.
[  501.193511][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  503.137893][   T47] IPVS: starting estimator thread 0...
[  503.205306][T19953] netlink: 84 bytes leftover after parsing attributes in process `syz.3.5771'.
[  503.257053][T19958] netem: unknown loss type 0
[  503.259194][T19958] netem: change failed
[  503.263115][T19947] IPVS: using max 45 ests per chain, 108000 per kthread
[  503.268597][ T5239] Bluetooth: hci2: command 0x0406 tx timeout
[  504.256959][T20020] netlink: 76 bytes leftover after parsing attributes in process `syz.4.5803'.
[  504.302255][   T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  504.306803][   T54] Bluetooth: hci2: Injecting HCI hardware error event
[  504.310585][   T54] Bluetooth: hci2: hardware error 0x00
[  506.253777][T20076] veth1_to_bond: entered allmulticast mode
[  506.256985][T20075] veth1_to_bond: left allmulticast mode
[  506.382308][   T54] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  507.095915][T20098] overlayfs: failed to clone upperpath
[  508.024753][T20119] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  508.896310][T20146] netlink: 'syz.6.5862': attribute type 4 has an invalid length.
[  508.923082][T20146] netlink: 'syz.6.5862': attribute type 4 has an invalid length.
[  509.425211][T20165] netlink: 'syz.6.5870': attribute type 39 has an invalid length.
[  510.750543][T20202] netlink: 'syz.6.5886': attribute type 13 has an invalid length.
[  511.385928][T20254] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (8)
[  512.002487][T20296] netlink: 'syz.6.5930': attribute type 10 has an invalid length.
[  512.011710][T20296] 8021q: adding VLAN 0 to HW filter on device bond0
[  512.017039][T20296] team0: Port device bond0 added
[  512.317358][T20326] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5945'.
[  512.358542][T20328] netlink: 52 bytes leftover after parsing attributes in process `syz.6.5946'.
[  512.361475][T20328] netlink: 52 bytes leftover after parsing attributes in process `syz.6.5946'.
[  512.998438][T20368] netlink: 384 bytes leftover after parsing attributes in process `syz.4.5961'.
[  513.002811][T20368] netlink: 'syz.4.5961': attribute type 2 has an invalid length.
[  514.825279][T20423] overlayfs: failed to clone upperpath
[  514.850350][T20423] overlayfs: failed to clone lowerpath
[  515.481394][T20454] 9pnet_fd: Insufficient options for proto=fd
[  515.531139][T20459] netlink: 48 bytes leftover after parsing attributes in process `syz.6.6005'.
[  515.661097][T20468] netlink: 36 bytes leftover after parsing attributes in process `syz.6.6009'.
[  516.816520][T20500] netlink: 'syz.3.6023': attribute type 11 has an invalid length.
[  516.832501][   T33] kauditd_printk_skb: 2 callbacks suppressed
[  516.832516][   T33] audit: type=1326 audit(2000001037.444:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff25f85ba7 code=0x7ffc0000
[  516.856841][   T33] audit: type=1326 audit(2000001037.444:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7eff25f2add9 code=0x7ffc0000
[  516.882692][   T33] audit: type=1326 audit(2000001037.444:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff25f85ba7 code=0x7ffc0000
[  516.891021][   T33] audit: type=1326 audit(2000001037.444:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7eff25f2add9 code=0x7ffc0000
[  516.905869][   T33] audit: type=1326 audit(2000001037.444:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff25f85ba7 code=0x7ffc0000
[  516.932347][   T33] audit: type=1326 audit(2000001037.444:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7eff25f2add9 code=0x7ffc0000
[  517.097512][   T33] audit: type=1326 audit(2000001037.444:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  517.109180][   T33] audit: type=1326 audit(2000001037.444:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff25f85ba7 code=0x7ffc0000
[  517.117839][   T33] audit: type=1326 audit(2000001037.444:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7eff25f2add9 code=0x7ffc0000
[  517.127584][   T33] audit: type=1326 audit(2000001037.444:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20497 comm="syz.4.6022" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7eff25f85ba7 code=0x7ffc0000
[  517.139594][T20514] : entered promiscuous mode
[  517.473720][T20525] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6033'.
[  517.527363][T20527] netlink: 'syz.3.6034': attribute type 83 has an invalid length.
[  517.637636][T20533] fuse: Unknown parameter 'grou00000000000000000000'
[  518.004887][T20569] netlink: 'syz.6.6055': attribute type 11 has an invalid length.
[  519.782420][T20644] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.6087'.
[  520.287680][T20660] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6095'.
[  520.485164][T20662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  521.191331][T20683] trusted_key: encrypted_key: insufficient parameters specified
[  521.659479][T20685] netlink: 201872 bytes leftover after parsing attributes in process `syz.3.6104'.
[  521.666182][T20685] netlink: zone id is out of range
[  521.668450][T20685] netlink: zone id is out of range
[  521.670665][T20685] netlink: zone id is out of range
[  521.672954][T20685] netlink: zone id is out of range
[  521.677128][T20685] netlink: zone id is out of range
[  521.679523][T20685] netlink: zone id is out of range
[  521.681863][T20685] netlink: zone id is out of range
[  521.684386][T20685] netlink: zone id is out of range
[  521.686673][T20685] netlink: zone id is out of range
[  522.987389][T20745] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6132'.
[  523.271484][   T33] kauditd_printk_skb: 52 callbacks suppressed
[  523.271498][   T33] audit: type=1326 audit(2000001043.883:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20762 comm="syz.4.6141" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7eff25f8ebe9 code=0x0
[  524.264728][T20796] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6157'.
[  526.159366][T20881] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.6197'.
[  526.398084][T20895] netlink: 'syz.6.6203': attribute type 9 has an invalid length.
[  526.606515][T20907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6210'.
[  526.965876][T20942] sctp: [Deprecated]: syz.6.6227 (pid 20942) Use of int in maxseg socket option.
[  526.965876][T20942] Use struct sctp_assoc_value instead
[  527.202060][T20959] 9pnet_fd: Insufficient options for proto=fd
[  527.841134][   T33] audit: type=1326 audit(2000001048.452:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  527.850551][   T33] audit: type=1326 audit(2000001048.452:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  527.859445][   T33] audit: type=1326 audit(2000001048.472:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  527.870385][   T33] audit: type=1326 audit(2000001048.472:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  527.879335][   T33] audit: type=1326 audit(2000001048.472:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  527.886894][   T33] audit: type=1326 audit(2000001048.472:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  527.895288][   T33] audit: type=1326 audit(2000001048.482:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  527.902506][   T33] audit: type=1326 audit(2000001048.482:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  527.910880][   T33] audit: type=1326 audit(2000001048.482:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20974 comm="syz.4.6241" exe="/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  529.311356][T21058] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6278'.
[  530.003100][T21075] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6286'.
[  530.008788][T21075] netlink: 'syz.6.6286': attribute type 3 has an invalid length.
[  530.701831][   T33] kauditd_printk_skb: 46 callbacks suppressed
[  530.701842][   T33] audit: type=1326 audit(2000001051.312:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21096 comm="syz.4.6297" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x0
[  530.785976][T21105] overlayfs: failed to resolve './cgroup': -2
[  533.127501][T21218] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap2
[  533.155350][ T5853] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  533.907210][T14341] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  534.363735][T21274] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6374'.
[  534.377381][ T5853] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  534.946596][T14341] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  534.951897][T14341] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  535.608293][T21336] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6400'.
[  535.852916][T21352] net_ratelimit: 12 callbacks suppressed
[  535.852932][T21352] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  535.908096][ T5908] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  536.667233][T21393] netlink: 'syz.4.6429': attribute type 9 has an invalid length.
[  536.737739][T21400] netlink: 'syz.4.6432': attribute type 9 has an invalid length.
[  536.921948][T21412] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6437'.
[  537.728525][   T33] audit: type=1326 audit(2000001058.341:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21433 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  537.737392][   T33] audit: type=1326 audit(2000001058.341:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21433 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  537.746590][   T33] audit: type=1326 audit(2000001058.341:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21433 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  537.758949][   T33] audit: type=1326 audit(2000001058.371:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21433 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  537.768009][   T33] audit: type=1326 audit(2000001058.371:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21433 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  537.776782][   T33] audit: type=1326 audit(2000001058.371:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21435 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7eff25fc14a5 code=0x7ffc0000
[  537.786388][   T33] audit: type=1326 audit(2000001058.391:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21433 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7eff25f8d84a code=0x7ffc0000
[  537.793293][   T33] audit: type=1326 audit(2000001058.391:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21433 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7eff25fc14a5 code=0x7ffc0000
[  537.915274][   T33] audit: type=1326 audit(2000001058.521:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21435 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  537.980635][   T33] audit: type=1326 audit(2000001058.591:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21433 comm="syz.4.6447" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  538.083282][T21443] netlink: 'syz.6.6451': attribute type 1 has an invalid length.
[  538.182786][T21451] netlink: 104 bytes leftover after parsing attributes in process `syz.3.6455'.
[  539.185443][    C0] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  539.684048][T21525] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6488'.
[  540.061894][T21543] tmpfs: Bad value for 'mpol'
[  540.698243][T21565] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6507'.
[  541.390063][T21618] netlink: 830 bytes leftover after parsing attributes in process `syz.3.6527'.
[  542.512440][T21658] netlink: 'syz.6.6546': attribute type 4 has an invalid length.
[  542.514712][T21658] netlink: 17 bytes leftover after parsing attributes in process `syz.6.6546'.
[  543.314496][   T33] kauditd_printk_skb: 19 callbacks suppressed
[  543.314507][   T33] audit: type=1326 audit(2000001063.920:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21699 comm="syz.6.6563" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x0
[  543.682452][T21721] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  543.839926][T21730] bridge_slave_1: entered allmulticast mode
[  543.842464][T21730] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  543.934677][T21739] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  544.487702][T21765] bridge4: entered promiscuous mode
[  544.620219][   T54] Bluetooth: hci1: ISO packet for unknown connection handle 0
[  544.747822][T21789] tipc: Enabled bearer <udp:s>, priority 7
[  544.845071][T21795] C: renamed from team_slave_0 (while UP)
[  544.852426][T21795] netlink: 'syz.6.6603': attribute type 3 has an invalid length.
[  544.855616][T21795] netlink: 152 bytes leftover after parsing attributes in process `syz.6.6603'.
[  544.862385][T21795] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  545.194803][   T33] audit: type=1326 audit(2000001065.800:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21807 comm="syz.6.6609" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  545.208993][   T33] audit: type=1326 audit(2000001065.800:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21807 comm="syz.6.6609" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  545.221445][   T33] audit: type=1326 audit(2000001065.810:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21807 comm="syz.6.6609" exe="/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  545.238546][   T33] audit: type=1326 audit(2000001065.810:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21807 comm="syz.6.6609" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  545.254313][   T33] audit: type=1326 audit(2000001065.830:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21807 comm="syz.6.6609" exe="/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  545.265170][   T33] audit: type=1326 audit(2000001065.830:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21807 comm="syz.6.6609" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  545.274291][   T33] audit: type=1326 audit(2000001065.830:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21807 comm="syz.6.6609" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x7ffc0000
[  545.506304][T21824] netlink: 68 bytes leftover after parsing attributes in process `syz.6.6616'.
[  546.720761][T21849] netlink: 212376 bytes leftover after parsing attributes in process `syz.6.6625'.
[  546.833870][T21855] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6628'.
[  546.838860][T21855] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6628'.
[  547.051608][   T33] audit: type=1326 audit(2000001067.660:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21864 comm="syz.6.6633" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f016bd8ebe9 code=0x0
[  547.209434][T21879] xt_socket: unknown flags 0xe4
[  547.250932][T21882] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0)
[  547.254387][T21882] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647
[  547.267825][    C0] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  547.392680][   T33] audit: type=1326 audit(2000001068.000:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21892 comm="syz.4.6647" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff25f8ebe9 code=0x7ffc0000
[  547.835365][T21907] overlayfs: failed to clone upperpath
[  548.079436][T21922] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6660'.
[  548.194900][T21930] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6664'.
[  548.198304][T21930] ==================================================================
[  548.201123][T21930] BUG: KASAN: use-after-free in xfrm_alloc_spi+0x570/0xf30
[  548.203910][T21930] Read of size 4 at addr ffff888027238544 by task syz.3.6664/21930
[  548.207204][T21930] 
[  548.209013][T21930] CPU: 0 UID: 0 PID: 21930 Comm: syz.3.6664 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  548.209036][T21930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  548.209047][T21930] Call Trace:
[  548.209054][T21930]  <TASK>
[  548.209064][T21930]  dump_stack_lvl+0x189/0x250
[  548.209090][T21930]  ? __kasan_check_byte+0x12/0x40
[  548.209114][T21930]  ? __pfx_dump_stack_lvl+0x10/0x10
[  548.209132][T21930]  ? lock_release+0x4b/0x3e0
[  548.209156][T21930]  ? __virt_addr_valid+0x4a5/0x5c0
[  548.209204][T21930]  print_report+0xca/0x240
[  548.209222][T21930]  ? xfrm_alloc_spi+0x570/0xf30
[  548.209240][T21930]  kasan_report+0x118/0x150
[  548.209262][T21930]  ? xfrm_alloc_spi+0x570/0xf30
[  548.209281][T21930]  xfrm_alloc_spi+0x570/0xf30
[  548.209300][T21930]  ? xfrm_alloc_spi+0x2a0/0xf30
[  548.209320][T21930]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  548.209335][T21930]  ? xfrm_find_acq+0x87/0xa0
[  548.209354][T21930]  xfrm_alloc_userspi+0x70b/0xc90
[  548.209376][T21930]  ? apparmor_capable+0x137/0x1b0
[  548.209402][T21930]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  548.209421][T21930]  ? __nla_parse+0x40/0x60
[  548.209445][T21930]  xfrm_user_rcv_msg+0x7a3/0xab0
[  548.209465][T21930]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  548.209492][T21930]  ? __pfx___mutex_trylock_common+0x10/0x10
[  548.209510][T21930]  ? rcu_is_watching+0x15/0xb0
[  548.209524][T21930]  ? trace_contention_end+0x39/0x120
[  548.209540][T21930]  ? __mutex_lock+0x335/0x1360
[  548.209563][T21930]  netlink_rcv_skb+0x208/0x470
[  548.209586][T21930]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  548.209605][T21930]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  548.209629][T21930]  ? netlink_deliver_tap+0x2e/0x1b0
[  548.209648][T21930]  ? netlink_deliver_tap+0x2e/0x1b0
[  548.209669][T21930]  xfrm_netlink_rcv+0x79/0x90
[  548.209686][T21930]  netlink_unicast+0x82f/0x9e0
[  548.209706][T21930]  ? __pfx_netlink_unicast+0x10/0x10
[  548.209725][T21930]  ? netlink_sendmsg+0x642/0xb30
[  548.209743][T21930]  ? skb_put+0x11b/0x210
[  548.209759][T21930]  netlink_sendmsg+0x805/0xb30
[  548.209783][T21930]  ? __pfx_netlink_sendmsg+0x10/0x10
[  548.209803][T21930]  ? aa_sock_msg_perm+0xf1/0x1d0
[  548.209817][T21930]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  548.209835][T21930]  ? __pfx_netlink_sendmsg+0x10/0x10
[  548.209854][T21930]  __sock_sendmsg+0x21c/0x270
[  548.209873][T21930]  ____sys_sendmsg+0x505/0x830
[  548.209890][T21930]  ? __pfx_____sys_sendmsg+0x10/0x10
[  548.209907][T21930]  ? import_iovec+0x74/0xa0
[  548.209924][T21930]  ___sys_sendmsg+0x21f/0x2a0
[  548.209941][T21930]  ? __pfx____sys_sendmsg+0x10/0x10
[  548.209966][T21930]  ? __fget_files+0x2a/0x420
[  548.209979][T21930]  ? __fget_files+0x3a0/0x420
[  548.209997][T21930]  __x64_sys_sendmsg+0x19b/0x260
[  548.210011][T21930]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  548.210030][T21930]  ? rcu_is_watching+0x15/0xb0
[  548.210046][T21930]  ? do_syscall_64+0xbe/0x3b0
[  548.210067][T21930]  do_syscall_64+0xfa/0x3b0
[  548.210086][T21930]  ? lockdep_hardirqs_on+0x9c/0x150
[  548.210106][T21930]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.210121][T21930]  ? exc_page_fault+0x9f/0xf0
[  548.210139][T21930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.210155][T21930] RIP: 0033:0x7fe410f8ebe9
[  548.210169][T21930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.210211][T21930] RSP: 002b:00007fe411d43038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  548.210229][T21930] RAX: ffffffffffffffda RBX: 00007fe4111b5fa0 RCX: 00007fe410f8ebe9
[  548.210242][T21930] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000000000000003
[  548.210251][T21930] RBP: 00007fe411011e19 R08: 0000000000000000 R09: 0000000000000000
[  548.210261][T21930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  548.210271][T21930] R13: 00007fe4111b6038 R14: 00007fe4111b5fa0 R15: 00007fff9ab23fe8
[  548.210287][T21930]  </TASK>
[  548.210292][T21930] 
[  548.364404][T21930] The buggy address belongs to the physical page:
[  548.367028][T21930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888027239b00 pfn:0x27238
[  548.371080][T21930] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  548.373979][T21930] raw: 00fff00000000000 ffffea0000a25408 ffffea0000cf8f08 0000000000000000
[  548.377391][T21930] raw: ffff888027239b00 00000000000e0000 00000000ffffffff 0000000000000000
[  548.380726][T21930] page dumped because: kasan: bad access detected
[  548.383335][T21930] page_owner tracks the page as freed
[  548.385524][T21930] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6335, tgid 6334 (syz.2.168), ts 80448648833, free_ts 527086712823
[  548.393011][T21930]  post_alloc_hook+0x240/0x2a0
[  548.395013][T21930]  get_page_from_freelist+0x21e4/0x22c0
[  548.397293][T21930]  __alloc_frozen_pages_noprof+0x181/0x370
[  548.399698][T21930]  alloc_pages_mpol+0x232/0x4a0
[  548.401718][T21930]  allocate_slab+0x8a/0x370
[  548.403583][T21930]  ___slab_alloc+0xbeb/0x1410
[  548.405537][T21930]  kmem_cache_alloc_noprof+0x283/0x3c0
[  548.407747][T21930]  xfrm_state_alloc+0x24/0x2f0
[  548.409723][T21930]  __find_acq_core+0x8a7/0x1c00
[  548.411726][T21930]  xfrm_find_acq+0x78/0xa0
[  548.413556][T21930]  xfrm_alloc_userspi+0x6b3/0xc90
[  548.415655][T21930]  xfrm_user_rcv_msg+0x7a3/0xab0
[  548.417667][T21930]  netlink_rcv_skb+0x208/0x470
[  548.419634][T21930]  xfrm_netlink_rcv+0x79/0x90
[  548.421545][T21930]  netlink_unicast+0x82f/0x9e0
[  548.423533][T21930]  netlink_sendmsg+0x805/0xb30
[  548.425559][T21930] page last free pid 20947 tgid 20943 stack trace:
[  548.428229][T21930]  __free_frozen_pages+0xbc4/0xd30
[  548.430360][T21930]  __slab_free+0x303/0x3c0
[  548.432204][T21930]  qlist_free_all+0x97/0x140
[  548.434119][T21930]  kasan_quarantine_reduce+0x148/0x160
[  548.436418][T21930]  __kasan_slab_alloc+0x22/0x80
[  548.438408][T21930]  __kmalloc_noprof+0x224/0x4f0
[  548.440448][T21930]  tomoyo_realpath_from_path+0xe3/0x5d0
[  548.442716][T21930]  tomoyo_path_perm+0x213/0x4b0
[  548.444770][T21930]  security_inode_getattr+0x12f/0x330
[  548.446983][T21930]  vfs_statx+0x18e/0x550
[  548.448743][T21930]  do_statx+0xfc/0x180
[  548.450421][T21930]  io_statx+0xd4/0x1c0
[  548.452102][T21930]  __io_issue_sqe+0x181/0x4b0
[  548.454068][T21930]  io_issue_sqe+0x165/0xfd0
[  548.455947][T21930]  io_wq_submit_work+0x6e9/0xb90
[  548.457979][T21930]  io_worker_handle_work+0x7cd/0x1180
[  548.460214][T21930] 
[  548.461205][T21930] Memory state around the buggy address:
[  548.463484][T21930]  ffff888027238400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  548.466699][T21930]  ffff888027238480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  548.469992][T21930] >ffff888027238500: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  548.473226][T21930]                                            ^
[  548.475756][T21930]  ffff888027238580: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  548.478920][T21930]  ffff888027238600: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  548.482201][T21930] ==================================================================
[  548.485577][    C0] vkms_vblank_simulate: vblank timer overrun
[  548.488112][T21930] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  548.491034][T21930] CPU: 0 UID: 0 PID: 21930 Comm: syz.3.6664 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  548.496082][T21930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  548.500273][T21930] Call Trace:
[  548.501588][T21930]  <TASK>
[  548.502741][T21930]  dump_stack_lvl+0x99/0x250
[  548.504416][T21930]  ? __asan_memcpy+0x40/0x70
[  548.505943][T21930]  ? __pfx_dump_stack_lvl+0x10/0x10
[  548.507971][T21930]  ? __pfx__printk+0x10/0x10
[  548.509796][T21930]  vpanic+0x281/0x750
[  548.511303][T21930]  ? __pfx_vpanic+0x10/0x10
[  548.513053][T21930]  ? irqentry_exit+0x74/0x90
[  548.514821][T21930]  panic+0xb9/0xc0
[  548.516313][T21930]  ? __pfx_panic+0x10/0x10
[  548.518066][T21930]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  548.520386][T21930]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  548.522692][T21930]  ? xfrm_alloc_spi+0x570/0xf30
[  548.524616][T21930]  check_panic_on_warn+0x89/0xb0
[  548.526254][T21930]  ? xfrm_alloc_spi+0x570/0xf30
[  548.527852][T21930]  end_report+0x78/0x160
[  548.529375][T21930]  kasan_report+0x129/0x150
[  548.531046][T21930]  ? xfrm_alloc_spi+0x570/0xf30
[  548.532921][T21930]  xfrm_alloc_spi+0x570/0xf30
[  548.534709][T21930]  ? xfrm_alloc_spi+0x2a0/0xf30
[  548.536584][T21930]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  548.538424][T21930]  ? xfrm_find_acq+0x87/0xa0
[  548.540132][T21930]  xfrm_alloc_userspi+0x70b/0xc90
[  548.541971][T21930]  ? apparmor_capable+0x137/0x1b0
[  548.543708][T21930]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  548.545400][T21930]  ? __nla_parse+0x40/0x60
[  548.547000][T21930]  xfrm_user_rcv_msg+0x7a3/0xab0
[  548.548717][T21930]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  548.550496][T21930]  ? __pfx___mutex_trylock_common+0x10/0x10
[  548.552754][T21930]  ? rcu_is_watching+0x15/0xb0
[  548.554385][T21930]  ? trace_contention_end+0x39/0x120
[  548.556334][T21930]  ? __mutex_lock+0x335/0x1360
[  548.557875][T21930]  netlink_rcv_skb+0x208/0x470
[  548.559480][T21930]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  548.561434][T21930]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  548.563167][T21930]  ? netlink_deliver_tap+0x2e/0x1b0
[  548.564751][T21930]  ? netlink_deliver_tap+0x2e/0x1b0
[  548.566334][T21930]  xfrm_netlink_rcv+0x79/0x90
[  548.567942][T21930]  netlink_unicast+0x82f/0x9e0
[  548.569527][T21930]  ? __pfx_netlink_unicast+0x10/0x10
[  548.571312][T21930]  ? netlink_sendmsg+0x642/0xb30
[  548.573000][T21930]  ? skb_put+0x11b/0x210
[  548.574357][T21930]  netlink_sendmsg+0x805/0xb30
[  548.575958][T21930]  ? __pfx_netlink_sendmsg+0x10/0x10
[  548.577751][T21930]  ? aa_sock_msg_perm+0xf1/0x1d0
[  548.579296][T21930]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  548.580940][T21930]  ? __pfx_netlink_sendmsg+0x10/0x10
[  548.582600][T21930]  __sock_sendmsg+0x21c/0x270
[  548.584135][T21930]  ____sys_sendmsg+0x505/0x830
[  548.585861][T21930]  ? __pfx_____sys_sendmsg+0x10/0x10
[  548.587587][T21930]  ? import_iovec+0x74/0xa0
[  548.589195][T21930]  ___sys_sendmsg+0x21f/0x2a0
[  548.590774][T21930]  ? __pfx____sys_sendmsg+0x10/0x10
[  548.592608][T21930]  ? __fget_files+0x2a/0x420
[  548.594167][T21930]  ? __fget_files+0x3a0/0x420
[  548.595808][T21930]  __x64_sys_sendmsg+0x19b/0x260
[  548.597615][T21930]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  548.599710][T21930]  ? rcu_is_watching+0x15/0xb0
[  548.601560][T21930]  ? do_syscall_64+0xbe/0x3b0
[  548.603125][T21930]  do_syscall_64+0xfa/0x3b0
[  548.604562][T21930]  ? lockdep_hardirqs_on+0x9c/0x150
[  548.606119][T21930]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.608023][T21930]  ? exc_page_fault+0x9f/0xf0
[  548.609711][T21930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.611686][T21930] RIP: 0033:0x7fe410f8ebe9
[  548.613334][T21930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.619592][T21930] RSP: 002b:00007fe411d43038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  548.622425][T21930] RAX: ffffffffffffffda RBX: 00007fe4111b5fa0 RCX: 00007fe410f8ebe9
[  548.625170][T21930] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000000000000003
[  548.627749][T21930] RBP: 00007fe411011e19 R08: 0000000000000000 R09: 0000000000000000
[  548.630525][T21930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  548.633432][T21930] R13: 00007fe4111b6038 R14: 00007fe4111b5fa0 R15: 00007fff9ab23fe8
[  548.636189][T21930]  </TASK>
[  548.637957][T21930] Kernel Offset: disabled
[  548.639540][T21930] Rebooting in 86400 seconds..

VM DIAGNOSIS:
08:42:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000035 RBX=0000000000000035 RCX=0000000000000000 RDX=00000000000003f8
RSI=00000000000018a5 RDI=00000000000018a6 RBP=00000000000003f8 RSP=ffffc90009a669f0
R8 =ffff88801f838237 R9 =1ffff11003f07046 R10=dffffc0000000000 R11=ffffffff854effb0
R12=dffffc0000000000 R13=ffffffff99af98c4 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854f002c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fe411d436c0 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffdad387b28 CR3=000000013149c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fe411187498 00007fe411187470 XMM03=00007fe4111874a8 00007fe4111874a0
XMM04=00007fe411ced100 00007fe411187460 XMM05=00007fe411187478 00007fe4111874c0
XMM06=00007fe4111874b8 00007fe4111874b0 XMM07=00007fe4111874a8 00007fe4111874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fe411012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff8881084e0af0 RCX=2873a076601d3d00 RDX=0000000000000000
RSI=ffffffff8e139ee0 RDI=ffff8881084e0af0 RBP=00000000ffffffff RSP=ffffc900071572c0
R8 =0000000000000000 R9 =ffffffff822dff2d R10=dffffc0000000000 R11=fffff94000877c89
R12=0000000000000246 R13=ffff8881084e0000 R14=ffffffff8e139ee0 R15=0000000000000000
RIP=ffffffff8b794e8d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555563c5b500 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007eff26ce56c0 CR3=0000000026d02000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fe411012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
