last executing test programs:

3m50.101103672s ago: executing program 2 (id=499):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWRULE={0x80, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}, {0x14, 0x1, 0x0, 0x1, @synproxy={{0xd}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000002000000000f40600000a14000000020a01"], 0x3c}, 0x1, 0x0, 0x0, 0x4011}, 0x4000094)

3m49.939128904s ago: executing program 2 (id=501):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c80)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x54}}, 0x40000)

3m49.869134196s ago: executing program 2 (id=503):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0xa, &(0x7f0000000000)=0x4000003, 0x4)

3m49.868952062s ago: executing program 2 (id=504):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x557, &(0x7f0000000280)="$eJzs3c9qG8cfAPDvynb+Ob9fHAih7aEYcmhKGjm2+yeFHtJjaUMDfYBU2BsTLEfBkkPsBpocmksvJRRKaaD0AXrvMfQF+hSBNhBKMO2hF5eVV7FiS5ZsK7FSfT6w9szuyrOj2e94RiOhAAbWePajEPFqRHyTRBxrOjYc+cHx9fNWn9yaybYk1tY++zOJJN/XOD/Jf4/mmVci4tevIs4UtpZbXV6ZL5XL6WKen6gtXJ+oLq+cvbpQmkvn0mtT09Pn35meev+9d3tW1zcv/f39pw8+Ov/1qdXvfn50/F4SF+Jofqy5HntwuzkzHuP5czISFzadONmDwvpJst8XwK4M5XE+ElkfcCyG8qgH/vu+jIg1YEAl4h8GVGMc0Jjb92ge/NJ4/OH6BGhr/ZP110biUH1udGQ1eWZmlM13x3pQflbGL3/cv5dt0bvXIQA6un0nIs4ND7fv/3bvXBfnbC5D/wcvzoNs/PNWq/FP4en4J1qMf0ZbxO5udI7/wqMeFNNWNv77oOX49+mi1dhQnvtffcw3kly5Wk6zvu3/EXE6Rg5m+e3Wc86vPlxrd6x5/JdtWfmNsWB+HY+GDz77mNlSrbSXOjd7fCfitQ7j36RF+2fPx6UuyziZ3n+93bHN9T+8p9rs3NpPEW+0bP+NFa1k+/XJifr9MNG4K7b66+7J39qV37n9n6+s/Y9sX/+xpHm9tpp3CDvw46F/0nbHxpN80XQH93/z3PVAvu9mqVZbnIw4kHwSW/ZPbTy2kW+cn9X/9Knt+79W9392n37eZf3vnrjb9tR+aP/ZHbX/zhMPP/7ih3bld9f/vV1Pnc73dNP/dXuBe3nuAAAAAAAAoN8UIuJoJIXi03ShUCyuv7/jRBwplCvV2pkrlaVrs1H/rOxYjBQaK92jTe+HmMzfD9vIT23KT0fE8Yj4duhwPV+cqZRn97vyAAAAAAAAAAAAAAAAAAAA0CdGNz7/PxRNn//P/D60zxcHPH++8hsGV8f478U3PQF9yf9/GFziHwaX+IfBJf5hcIl/GFziHwaX+IfBJf4BAAAAAAAAAAAAAAAAAAAAAAAAAACgpy5dvJhta6tPbs1k+dkby0vzlRtnZ9PqfHFhaaY4U1m8XpyrVObKaXGmstDp75UrleuTU7F0c6KWVmsT1eWVywuVpWu1y1cXSnPp5XTkhdQKAAAAAAAAAAAAAAAAAAAAXi7V5ZX5UrmcLkpI7Cox3B+XIdHjxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw4d8AAAD//0gqNi0=")
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x20)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x20000008)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0xf1)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

3m49.719077562s ago: executing program 2 (id=506):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000000c0)={0x60001}, 0x8)
shutdown(r0, 0x0)

3m49.338400067s ago: executing program 2 (id=514):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0x9)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)=0x7)

3m48.917683098s ago: executing program 32 (id=514):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0x9)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)=0x7)

2m57.757129912s ago: executing program 1 (id=1109):
syz_mount_image$exfat(&(0x7f0000000140), &(0x7f0000000240)='./file2\x00', 0x22200c8c, &(0x7f0000000000)=ANY=[], 0x1, 0x1526, &(0x7f000000a000)="$eJzs3AuYjtX6MPD7Xms9jEl6m+QwrLXuhzcNlkmSHBISSZIkSU5JkiZJEhJDTklDEnKckMMQksM0Jo3z+ZBz0mRLkyQhIWF917Tb297/9un/7f1t+9tz/65rXbPued57PWu991zv+6xnZt5ve4ys16J+nWZEBP8U/P2XZACIAYChAHANAAQAUDmuchzgyjkFJCb/cydh/1oPpV3pGbArieuft3H98zauf97G9c/buP55G9c/b+P6521cf8bysu1zil/LLe+2f9/9fwC+//+fht///4vkVJj05cYK1/f8X6Rw/fM2rn/exvXP27j+eRvXP2/j+v+XCwBq/43DXP//Tv/obRauP2N52ZW+//xvaDEAcGXOnQAAV379f7Nd6Z8/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGN5wzl/mQKAP/Sv9LwYY4wxxhhjjDH2r+PzX+kZMMYYY4wxxhhj7P89BAESFASQD/JDDBSAWLgKCsLVUAiugQhcC3FwHRSG66EIFIViUBzioQSUBA0GLBCEUApKQxRugDJwIyRAWSgH5cFBBUiEm6Ai3AyV4BaoDLdCFbgNqkI1qA414HaoCXdALagNdeBOqAt3QT2oD3dDA7gHGsK90Ajug8ZwPzSBB6ApPAjN4CFoDg9DC3gEWsKj0ApaQxtoC+3+r/Jfgj7wMvSFfpAM/WEAvAIDYRAMhiEwFF6FYfAaDIfXIQVGwEh4A0bBmzAa3oIxMBbGwdswHibARJgEk2EKpMI7MBWmwXR4F2bATJgFsyEN5sBceA/mwXxYAO/DQvgAFsFiWAJLIR0+hAxYBpnwESyHjyELVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB0+gR2wE3bBbtgDe2EffAr74TM4AJ9DNnzxv8w/+z/yeyIgoECBChXmw3wYgzEYi7FYEAtiISyEEYxgHMZhYSyMRbAIFsNiGI/xWBJLokGDhISlsBRGMYplsAwmYAKWw3Lo0GEiJmJFvBkrYSWsjJWxClbBqlgNq2ENrIE1sSbWwlpYB+tgXayL9bAe3o134z3YEBtiI2yEjbExNsEm2BSbYjNshs2xObbAFtgSW2IrbIVtsA22w3bYHttjB+yAHbEjdsJO2Bk7YxImYRfsgl2xK3bDbtgdu2MP7IE9sRf2wpfwJXwZX8Z+WFf0xwE4AAfiQByMQ3AIvorD8DV8DV/HFByBI/ENfAPfxNF4BsfgWByH47CmmIATcRKSmIKpmIpTcSpOx+k4A2fiTJyNaTgH5+JcnIfzcT6+jwvxA/wAF+NiXIrpmI4ZuAwzMROX41nMwhW4ElfhalyDq3Edrsd1uBE34UbcgltwG27DT/AT3Ik7cTfuxr24Fz/FT/Ez/AxTMBuz8SAexEN4CA/jYczBHDyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4QvzXzfeW3ZACIpcSSuQT+USMiBGxIlYUFAVFIVFIRERExIk4UVgUFkVEEVFMFBPxIl6UFCWFEUaQCEUpUUpERVSUEWVEgkgQ5UQ54YQTiSJRVBQVRSVRSVQWt4oq4jZRVVQTT7gaooaoKTq6WqK2qCPqiLriLlFP1Bf1RQPRQDQUDUUj0Ug0Fo1FE/GAaCr642B8SORWpoUYgS3FSGwlWos2oq14Ex8T7cVo7CCeEB3Fk2IsjsHOor1LEs+ILmIidhXPiUn4vOgupmAP8aLoKXqJ3uIl0Ud0cH3z/foSKGbjQDFIDBZDxDy8S+RWrJ54XaSIEWKkeEMsxTfFaPGWGCPGinHibTFeTBATxSQxWUwRqeIdMVVME9PFu2KGmClmidkiTcwRc8V7Yp6YLxaI98VC8YFYJBaLJWKpSBcfigyxTGSKj8Ry8bHIEivESrFKrBZrxFqxTqwXG8RGsUlsFlvEVrFNbBefiB1ip9gldos9Yq/YJz4V+8Vn4oD4XGSLL8RB8TtxSHwpDouvRI74WhwR34ij4ltxTHwnjovvxQlxUpwSP4jT4kdxRpwV58RP4rz4WVwQF8Ul4QVIlEJKqWQg88n8MkYWkLHyKvk1XC0LyWtkRF4r4+R1srC8XhaRRWUxWVzGyxKypNTSSCtJhrKULC2j8gZZRt4oE2RZWU6Wl05WkInyJllR3iwryVtkZXmrrCJvk1VlNVld1pC3y5ryDllL1pZ15J2yrrxL1pP15d2ygbxHNpT3ykbyPtlY3i+byAdkU/mgbCYfks3lw7KFfES2lI/KVrK1bCPbynbyMdlePi4v/vp3a53kU7KzfFomyWdkF/ms7Cqfk93k87K7fEH2kC/KnrKX7C0vykvSy76yn0yW/eUA+YocKAfJwXKIHCpflcPka3K4fF2myBFypHxDjpJvytHyLTlGjpXj5NtyvJwgJ8pJcrKcIlPlO3KqnCany3flDDlTzpKzZZqcIwf/OtKCfyB/2l/IH/7L2bfJ7fITuUPulLvkbrlH7pX75D65X+6XB+QBmS2z5UF5UB6Sh+RheVjmyBx5RB6RR+VReUwek8flcXlCnpQ/yR/kafmjPCPPyrPyJ3lenpcXfn0OQKESSiqlApVP5VcxqoCKVVepgupqVUhdoyLqWhWnrlOF1fWqiCqqiqniKl6VUCWVVkZZRSpUpVRpFVU3qDLqRpWgyqpyqrxyqoJKVDf90/l/b37tVDvVXrVXHVQH1VF1VJ1UJ9VZdVZJKkl1UV1UV9VVdVPdVHfVXfVQPVRP1VP1Vr1VH9VH9VV9VbJKVgPUK2qgGqQGqyFqqHpVDVPD1HA1XKWoFDVSjVSj1Cg1Wo1WY9QYNU6NU+PVeDVRTVST1WSVqlLVVDVVTVfT1Qw1Q81Ss1SaSlNz1Vw1T81TC9QCtVAtVIvUIrVELVHpKl1lqAyVqTLVcrVcZakVaoVapVapNWqNWqfWqQ1qg9qkNqktaovKUtvVdrVD7VC71C61R+1R+9Q+tV/tVwfUAZWtstVBdVAdUofUYXVY5agcdUQdUUfVUXVMHVPH1XF1Qp1Qp9QpdVqdVmfUGXVOnVPn1Xl1QV1Ql9Sl3Mu+QAQiUIEK8gX5gpggJogNYoOCQcGgUFAoiASRIC6ICwoH1wdFgqJBsaB4EB+UCEoGOjCBDSgIg1JB6SAa3BCUCW4MEoKyQbmgfOCCCkFicFNQMbg5qBTcElQObg2qBLcFVYNqQfWgRnB7UDO4I6gV1A7qBHcGdYO7gnpB/eDuoEFwT9AwuDdoFNwXNA7uD5oEDwRNgweDZsFDQfPg4aBF8EjQMng0aBW0DtoEbYN2/9LxvT9T9HHXV/fTybq/HqBf0QP1ID1YD9FD9at6mH5ND9ev6xQ9Qo/Ub+hR+k09Wr+lx+ixepx+W4/XE/REPUlP1lN0qn5HT9XT9HT9rp6hZ+pZerZO03P0XP2enqfn6wX6fb1Qf6AX6cV6iV6q0/WHOkMv05n6I71cf6yz9Aq9Uq/Sq/UavVav0+v1Br1Rb9Kb9Ra9VW/T2/UneofeqXfp3XqP3qv36U/1fv2ZPqA/19n6C31Q/04f0l/qw/ornaO/1kf0N/qo/lYf09/p4/p7fUKf1Kf0D/q0/lGf0Wf1Of2TPq9/1hf0RX1J+9yL+9y3d6OMMvlMPhNjYkysiTUFTUFTyBQyERMxcSbOFDaFTRFTxBQzxUy8iTclTUmTiwyZUqaUiZqoKWPKmASTYMqZcsYZZxJNoqloKppKppKpbCqbKqaKqWqqmuqmurnd3G7uMHeY2qa2udPcae4yd5n6pr5pYBqYhqahaWQamcamsWlimpimpqlpZpqZ5qa5aWFamJampWllWpk2po1pZ9qZ9qa96WA6mI6mo+lkOpnOprNJMkmmi+liupquppvpZrqb7qaH6ZF7FWB6m96mj+lj+pq+JtkkmwFmgBloBprBZrAZaoaaYWaYGW6GmxSTYkaakWaUGWVGm9FmjBlrxpm3zXgzwUw0k8xkM8WkmlQz1Uw10810M8PMMLPMLJNm0sxcM9fMM/PMArPALDQLzSKzyCwxS0y6STcZJsNkmkyz3Cw3WSbLrDQrzWqz2qw1a816s95sNBvNZrPZbDVbzXaz3ewwO8wus8vsMXvMPrPP7Df7zQFzwGSbbHPQHDSHzCFz2Bw2OSbHHDFHzFFz1Bwzx8xxc9ycMCfMKXPKnDanzRlzxpwz58x587O5YC6a/AAQYwXE2qtsQXu1LWSvsTG2gM2NAwDIjYvZ4jbelrAlrbZFbNE/i421NsGWteVseetsBZtob/pNXNVWs9VtDXu7rWnvsLV+Ezew99iG9l7byN5n69u7/yxubO+3Tewjtql91DazrW1z29a2sI/YlvZR28q2tm1sW9vJPmU726dtkn3GdrHP/ibOsMvservBbrSb7H77mT1nf7JH7bf2vP3Z9rX97FD7qh1mX7PD7es2xY74TTzOvm3H2wl2op1kJ9spv4ln2dk2zc6xc+17dp6d/5s43X5oF9pMu8gutkvs0l/i3Dll2o/scvuxzbIr7Eq7yq62a+xau+6Pc11lt9itdpvdZz+1O+xOu8vutnvs3l/i3HUcsJ/bbPuFPWK/sYfsl/awPWZz7Ne/xLnrO2a/s8ft9/aEPWlP2R/safujPWPP/rL+3LX/YC/aS9ZbICRBkhQFlI/yUwwVoFi6igrS1VSIrqEIXUtxdB0VpuupCBWlYlSc4qkElSRNhiwRhVSKSlOUbqAydCMlUFkqR+XJUQVKpJuoIt1MlegWqky3UhW6japSNapONeh2qkl3UC2qTXXoTqrrPdWj+nQ3NaB7qCHdS43oPmpM91MTeoCa0oPUjB6i5vQwtaBHqCU9Sq2oNbWhttSOHqP29Dh1oCeoIz1Jnegp6kxPUxI9Q13oWepKz1E3ep660wvUg16kntSLetNL1Idepr7Uj5KpPw2gV2ggDaLBNISG0qs0jF6j4fQ6pdAIGklv0Ch6k0bTWzSGxtI4epvG0wSaSJNoMk2hVHqHptI0mk7v0gyaSbNoNqXRHJpL79E8mk8L6H1aSB/QIlpMS2gppdOHlEHLKJM+ouX0MWXRClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttMntIN20i7aTXtoL+2jT2k/fUYH6HPKpi/oIP2ODtGXdJi+ohz6mo7QN3SUvqVj9B0dp+/pBJ2kU/QDnaYf6QydpXP0E52nn+kCXaRL5AlCDAuEMlRhEOYL84cxYYEwNrwqLBheHRYKrwkj4bVhXHhdWDi8PiwSFg2LhcXD+LBEWDLUoQltSGEYlgpLh9HwhrBMeGOYEJYNy4XlQxdWCBPDm8KK4c1hpfCWsHJ4a1glvC2sGlYLH7mvRnh7WDO8I6wV1g7rhHeGdcO7wnph/fDusEF4T9gwvDdsFN4XVgrvD5uED4RNwwfDZuFDYfPw4bBF+EjYMnw0bBW2DtuEbcN24WNh+/Dx8Hz4RNgxfDLsFD4Vdg6fDpPCZ8Iu4bN/PN7hrxxPDvuHA8JXwldC7++VS6JLo+nRD6MZ0WXRzOhH0eXRj6NZ0RXRldFV0dXRNdG10XXR9dEN0Y3RTdHN0S3RrdFtUe/r5weHTjjplAtcPpffxbgCLtZd5Qq6q10hd42LuGtdnLvOFXbXuyKuqCvmirt4V8KVdNoZZx250JVypV3U3eDKuBtdgivryrnyzrkKLtG1de1cO9fePe46uCdcR/eke9I95Z5yT7un3TOui3vWdXXPuW7uedfdveBecC+6nq6X6+1ecn3cy66v6+eSXbIb4Aa4gW6gG+wGu6FuqBvmhrnhbrhLcSlupBvpRrlRbrQb7ca4MW6cG+fGu/FuopvoJrvJLtWluqluqpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB12X7kc97U74r5xR9237pj7zh1337sT7qQ75X5wp92P7ow76865n9x597O74C66S8671Mg7kamRaZHpkXcjMyIzI7MisyNpkTmRuZH3IvMi8yMLIu9HFkY+iCyKLI4siSyNpEc+jGRElkUyIx9Flkc+jmRFVkRWRlZFVkfWRLwvsSP0pXxpH/U3+DL+Rp/gy/pyvrx3voJP9Df5iv5mX8nf4iv7W30Vf5uv6qv56v5R38q39m18W9/OP+bb+8d9B/+E7+if9J38U76zf9on+Wd8F/+s7+qf89388767f8H38C/6nr6X7+1f8n38y76v7+eTfX8/wL/iB/pBfrAf4of6V/0w/5of7l/3KX6EH+nf8KP8m360f8uP8WP9OP+2H+8n+Il+kp/sp/hU/46f6qf56f5dP8PP9LP8bJ/m5/i5/j0/z8/3C/z7fqH/wC/yi/0Sv9Sn+w99hl/mM/1Hfrn/2Gf5FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+0/8Dr/T7/K7/R6/1+/zn/r9/jN/wH/us/0X/qD/nT/kv/SH/Vc+x3/tj/hv/FH/rT/mv/PH/ff+hD/pT/kf/Gn/oz/jz/pz/id/3v/sL/iL/hL/zxpjjDHG2D9E/p3j/f/C98SvLdcAALh6Z/Gc/znm5iK/7w8S8Z0iAPBMvx4P/aHVrZucnPzrY7MkBKUXA0Dkcv4vv5b7NV4BHeEpSIInpv3lDyYYJHqdp9zx8wPAXxk/eitA7J/kxMDl+I/jw81/cf2DxGNPjsuoEp6L++vzjy4GSCh9OacAXI4vj1/pr4xftD397eenwJepAB3+JKcgXI4vj58Ij8OzkPRnj2SMMcYYY4wxxn5vkKje7e/sP3/Zn8eryzm5W+0/xJf3nxWvyPwZY4wxxhhjjDH29z3fq/fTjyUlPdHtP6UD8M+OEwMAV3oV3OHO/+edK/3KxBhjjDHGGPtX+9ONN2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxq6Mf89H+jHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGN52/8JAAD//+gKQcg=")
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.freeze\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xec)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x1f4)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events.local\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001840)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x26e1, 0x0)

2m57.70519683s ago: executing program 1 (id=1112):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet(r0, &(0x7f0000001b80)=[{{&(0x7f0000000040)={0x2, 0x4e1f, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000080)=[{&(0x7f00000005c0)='e', 0x1}], 0x1}}, {{&(0x7f00000000c0)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000000600)=[{&(0x7f0000000100)="84", 0x1}], 0x1}}], 0x2, 0x4)
shutdown(r0, 0x1)
setsockopt(r0, 0x84, 0x7d, &(0x7f0000000200)="15a65a32e0792664be", 0x9)

2m57.598309816s ago: executing program 1 (id=1115):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000003280)={0x0, 0x0, &(0x7f0000003240)={&(0x7f0000000440)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {0x6, 0x0, 0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x884}, 0x40)

2m57.597729374s ago: executing program 1 (id=1118):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x120584c, 0x0)

2m57.546761517s ago: executing program 1 (id=1120):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r0, &(0x7f0000000100)=[{&(0x7f0000000240)=""/8, 0x8}], 0x1)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

2m55.368176707s ago: executing program 1 (id=1128):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfef, 0x0)
execve(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)

2m55.272735277s ago: executing program 33 (id=1128):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfef, 0x0)
execve(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)

1.23898109s ago: executing program 4 (id=3728):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r0, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @private2}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000200)={0x0, 0x2, 0x0, 0x3}, 0x10)

1.196010248s ago: executing program 0 (id=3729):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x7}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x40040}, 0x20000080)

1.124455949s ago: executing program 4 (id=3730):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
r1 = syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f0000008280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006180)="3ea4e4305830d12dd9009ddb857b480e92a48b3e45093694091ed788285937ce7b2473522335a690d828b02ab613f956aecae781037db019ffda49138a514ee99a088fd6a2a0028ea055aef75e65cdadd3589c49eb6088bdec10b6d405a915a037c1f8037e1b9301fe4296ab789db8c69c3636af08fbaffd5106dd3788c626c35510cc0ebafc64e8b300d0ffa3bcea4d2e036bbc8dae2e46312e9a637b3002b8931a66cbc28a30ee3287a18f1d162a5985f7ef467a43a807cb75d34504dce996e2a3f1bb43e867f141ed07ef08e0aea605cb5b10346efd6b41a23ea6741dba1e2416380b330788486bba4e359fc0d094cc5301530c1228fcd0e378e0260dbdd56788ad718cac668467d4c50a9878c501cabe3389dcf76acf0267489de4aec621656bdd3878de387af2a3dfa7dbf460daffbef878ce2536a57b05bc44a1e01ef54cca3ad250298c95a52ae9927030eb1096e00f265283a30b4ede2c934dc62c46929761e230567d2ba5999495a5a0977e3156a44365b177a07cae07864be9765ba56bc7ecb29264e6dad2e41eebfeb1ef4115b923c49a8e0919db1de67b1cc4c2f30a672d64efac91e63d7bbf75784aa49346338b22504452b36266eb5e924d4b215ce5037da7b98f09a8dcd086f36787cdd6fab9ce916d12b7b939f113be8b1872a75aa0d8977fe598227998c8b5fa3be8831006f6071d2522b1c9be03873844b0a6e2ca1489f2391981ed762f743e4bc35fd1ca7158bd995a7b801d8525ce381de5497916d59183636f72e9b58c72179f678d1d4434a1fd39d304c3b62cfca763ee8c6108bdca364a438145775a76462927207a7ae654801635dfe3c1915d2ab57a11675724b17c0becb9b20f95d5beea1dd5a6eb66ea864a7d22bdefdc6e13a2a4a8c7780b4250c92dd9bd99453f24268cedca6963ab64c024e56e6f3ae74cf8d1eb5bc3c7292f5fc7d37b4c48ca981b8f54528dedac99a19c1181698b1982668c49b1a6b55142944a0edf891659ea82570ceefe2ca50a95e7df6496acb6bd979ae4b5b6327a201288b8ddadfe0cb91bdd64e74f06deb0133385f5c9cb6e8e554e4fd29126f550adc440e6d42de1bd3ba0ed5d0ebc91bdaeecc7f253190a21eeb51a14b2d949fe86626a88fd33ccd40379f67de81341d225a116e60770ab972ed872c124cd7c0db88709a48487c1c9fa6442997431b99a1ac224a8523430ddcfd699ad27e16bbb54db40785b869328e8e804ed5fc2f4b3e4548a9e60d5b73b2ac8564e8424e0dd292924feb14fb76ed19b1d76edafb1bd5585717a9eb73a8bef605e3ef3f6f8518faab6559f5b4b7d2c07f73edf67d3780d8b5b2042788e5d2f7c7184a80a1951323632b62101094bd80acfae621e56cef19cd059c9ff72fe564944bf8063137fdc7905cb63489cf8d250bda94f453c94fb2f6f33f972c0ffc4830bc8d7fb98c4ed8ef2fa6e147002d488d97122d579a9b214b09f792279021a20a36a05c74c9a668bbc4ee5bba0d8f7e96fe9a61feb01b7c0537e47894c3e7b5d19ce1568f8d9f49f3adf9c02ac941a3edf68c841f29fbe82450c2bbdcb7270dd2f5722666bd21c0839541c907ff43da0a10a05e47ac636d4f9c59e2abfb00d31621ac3f0455723563e402bd3ec56a2b7e59a82262119b02eedda2baef71a5d5efd2533b7e6fc01d6cae9d514fe63b30fdbd92548760f876f8d77e7fd8500f83e6f4e6290e4df64c73d6ab61737797b05235dea939163cf55f322939014acef81d248baa46e1ffbca5a699f0824988b4313ae222bc8d3a3c1e875054a9494c9beac817179749b5cceabbb7cc40bdb8e18d598b683943a61fe105b868896d78e1e3a802774170ef3c1f339b6d20cfb5a260fa197aad2e18146ef53fa9c783772dc9e251c2140fe89709d007c5343681cdf4569d5f3190c0d799504aa0a9001e26a11708fbe929f63ff691a3a0c7a06125d3b3d13b3241abee4fa8c6d27b26eaa58b454e34fe20128a15cf7f96bfec32904af4b2e04c26bf9393d45b0d66a1a2f15780a67ff34daa1bad27262ec78f27f9ff77157ed5201bf257e1d1d06f2cd3a4cbc02bb9003caebc7e7e9fe7a256de9fc2cce105644c833ee659e3f6d526142d154a881cb70ba8df353a5714bfee5480cf8bff86c62c3a56d45f821d99413f8ea8207a41b7d577e5a1788d051c8c19cc1fc8be844f18227b7eeed330a213a58009c7ea3cfd5c77093b5315c90d36fe15ecd9d9e7e4208aac31abc3928d162449ee68f04aa2aaf5b8711529b97944a873085ed6b59b53b2ef8a397733d5207eb27a81c646eb7079aff7403181b0d658abcdc3445096844b3139ee23cb30f9527b5c84105604e8aa57b32e0470dffa95719415b74ce519ac27b20a38045a9792043d3c5b426deb70b3418d9475c6b85580e7e414c5a9ff35ce7c6fe2f2d5ee8d0aef619d8c2c06e0af87a9bad9dfa2f6ddb57c2e636563a9ee58c8613be2b329f4c16efbe56ae671e712e90712cc4f519276cd7cfa3e421e87ace7e5469665b4345322c77de68639a6f561a0d203d4823d4c3a84f1b2b04c60cd2fe855652c1000b0f5e1bcc2355496522a5046a849d407b5d86123432a41d64b549c1713dc3f0b4a787420c9d3dd3052dbac55dc15ca6584d08bbcc7ece7144fc179d302c5e0833b1f667e0f4110ad9b31f5b7e19e11fc1bf5ea0f9a81806ab5bfa8caff29b84c53c04a85d175c05a74d55b548ae69bb365760ebd841cfd094ce2d7cbf447285f53f5e7cb4ccda0a607c9cf7c3aec55966aca8b8ce33eb30a138c3e4d85e4def697e0e00defa03f2c501010baa3470450bec0acdfcdc7f530584e7c2600ba58722303a11c9387edcfbdc85f1128155374f9844f381c2a8a15bb7df67db46f30b9232d3d6037d86dbbbed316bcc5be6fb3ab78a19c9df2889188c7321ffed7795dfd67f3853e516cbaef5d079aac33cbd2cd920b560945744ae03611257ccc66e9523de5282efbf9871092795c05685cfe8749ff4a4cf42aa19fe4f935a71ba462860f1243824fc2888cccc6866f1c81f05bf993b58621cc8f9c6e72a7db971e1bb40632d75c119acbcdcb88b5f1ed4fa5162da82ea66c21f2064867d86abf308a1c65c0a16879d56e2e76ac4110acca20be3abb731effad3aef7f0da4acb9aed0283111670d5ceeba5a551dff13de90acc9dc3176923ad1791a73eb41a3f5c260e4df26a1b8782fa85e5cbf5c20a62bec97da4096264fafafc9f5dcb9a8ca2990a144d6bd138cddcba35fe3cd2609f0189d37e2d76f6d96ea2ba1d5ec9b42c94f254904cd938ea2004b43a111c2f5b53eca1bdb68f8e84fb5834098ea5dd6388d41c987763c8b2c9733f758dd74ce5eeda6cf28137a4d83a66f05d90fb1c9acb0214eb7e5d0869b201330b6fd1a2948e0ad0af0c4f3deb08fa875223ba27f1d42f63da665eaeac81ea9eca52ae1afaed3f4252976019de7d61059e29c8220e88a2d9a4e6202839c74dda2ae43ee2514b55aa812889e4f8e153f9859af16f130053024a8bac43fad387cd526ef42bea5cad61230bbf89db7946a03101d18dc1ae46d046212ec5285564e65d876283fb937d6e38caaceb5716c8b2628b3a349058fe27fa58d53d6e5a769996217960e50846b2cd1b9fbc686f157e19d69a2050098097d45c2879e89e6fa3c5c79339fa3881fd228c29588befa5eb769a1cc1b67e8426b386ee0e6a80d7dd261b0ffb14b321190f1a390c6a0e8052a750d4cb587720ae43f6ffbd7f9328985b2aece118d4838c2eb55e8592823f74550b5d49377464890903f2650999fecb01fce6f6e51eae4f193bfab5f35b854cb0221e75898f111e94d5861fb15086889a5f804df2f7fd41cd49b663d352c59c6e8455f8287aab47cfba4d860c81ae1f61eb8bba8f18bfec3da3eec80bf39a6ff8d028650da69c108f98cdd8359756ff2b911fa688131121523187f1e449baeb64e332558c9d5ad9794e514a4239fe3277749506d69b3ba9df2c48d0111c526674e1ec144de88c58c93ef06da80e14675d0b14842a1ca644af3d7fd5907a46ae58df07f060088573683d14ab5310d471e139a47f8080fc282f16eae908671f35a9c1a7b2941ec86e85e15207e824437f8f79b173cde14b9fdcb9ecd82b224d45f724df18760a2913d907ed48a696367985713ab99d2416213f9991766161ce075aa6da4a7fba3a47c67d04ad7e669afada886f046363fb03a0cc795e5a1840e419967b1a19f40be8bf2a512015d486d00c4026ea86324b5b541ef8388f070800421c137d8ebe7c9a539b529a4af69165c1a6ea23534ce8efa7efb2ac55969df429f3b32d2f2aecb5087359c1b83224e4cfa2c583a1e147dc0202334a2c953383cc69e3a807299d86358b6f42a499eaa5d5680cd670fb49af6488c7cce6efae45682f98d63371eced65de02a82bf560a335ba630283dd77bd3d15296bc21bc337fc1b6d34d77ea7f681055459447f01b65623218dbadbd1958a249ebb76fea35d56299a017c4d7920fb0433d5769bc5130d8a5ed950f8084ba0036078374b82ad14a232f137214bcaa82ea7fcf7393ff4226aa1effda1d44a6100896ebcffb9414baf53c77c84113ef99f89f9f282b19b0e057893ef9c81399e1db0e3a25549dbdc69895e5eebbc545e468401d18dd20afd2913f89c3c0d95d54d5145f5cf434287e01b73b2646a7dc42e0f64fcdc1f3853aa41a6242c6cbafebfd62d147dce9368259beefe4d28179750893fcbdab5956f582372c1c616db2a23537a353e08e275fece1a7c0c0bd9483160fc643ceed9d687d520e944923f1eeccfe7f2e5e1c5876810efa0deb7f00c8f606ca5c14e3bab922243d013288622cad6667696e6759742376f7546339ad37a9246c98a6500686aaec51e2391285e7bdac34fbd4a1df2147bbee2d56c7189b4aeb3880bbc63e6b922b27133497be09318b064166ee8b5ca1c360dc510592bb3077293ff7e48bbfd2221a8c823eef8e677b51b40c7a8bfed1def9e19af5a418b65567ad9cecf4c16232683740dfceef0bde563a0942db0d77493b2d683d413d9fbd0ac8fca1ecaf6e57fd7ae680a493d8c697d3cc038cfcfc55a9a30152ce450dfec029a4edbd38f10222149a87d358f881847d4daf8b182d6b1313d616a767dbd9d71c7a3ca896021216665fcb2c8fbddb593013118cc8ab5044bd6f99bb278ad871917c9b1684cecb2d0e8babaf33fd98c02d8451aa48f3b2a6d6e9a5d12910c7aff613cbcdda418a76abff697229b47783577d0ce2f0041e1360a10f607612405b9b06180d85617ff9c5993a986b32071cf4c43b97f53eef9311929cb8035ec5c2f65cdc40bd757d612de5b9a7eca6e7e70365dd47256ff9f6e22e91ff22bbbee51e153d5321dc76ee8a664505da2039da1fc87e3727f085a47ce3eb52b95edb41ea295b79752c672348621e4d49c48b7d065d116cd1ebe6203e9ed62a9d3367eec2ed7cf3e4762b5f71c6ab34a953482414b762a455ded6e0ede9e07c3b9915aa51aded822c57a72ee3ed236b7c8c3b26db5092baba5d4d385d1e3c0e0d860da91b33a85c20e30da31b890f85a88a5c105e8aa32d6033beafff9ff510a7c7fa566b86eb473c702fcf08449c581650c42b90843b1baabbe95b476983fc98397abb52450a65505212b25c94a2fe3d64816eb9a76e8e8e945b7dd544aa039e61fc6331d88ee4ba297bf0d59a04c95579b62f316da65064247cc1d45792f1510103708d636c53f201b1dc2004a479bccef0bab9bff46eaaedbaa445417ee040c568ca95e606d9d9431798e91491f48434551cb8d8b4b81b389d43845e04d98dc0edbb74eae8d13ef3f662a26d7e548218952bfb4d697bd5c3700cea776ac3eb0ebae5c101bc341688371e31bda8cf7819ff4fa3a478faf97582d497112e510b2986f4238d3d4219024ac82eddc2dfe6d42dd1652ec09548768cb0a46e475493a75a75c54c47ec1e6265d34a87634e09394c77a41b01f374a79333951eec0423e037e0a5dd3cd12dbcc25fbb028613aa7382bade63c1d300b0a6d021f65fca7905e622eb54bde35d59c169f970e3de01272229e78382c7e87cc052da8b7b2dda1d29bc42fd2b7091feab28c14dd9cca5c8946afd8a466c681025128d3f752a8bfd2a8bc0c1bd89c01ad7803d8fe9ea1247e25d8ec18e0c18b8e6293b85cca5535a075b799519623d98a9bb393df5f17065a7f11142320e3138fae891346ca10040fda33128909b485ca1fa733f7d44e424d8dabe3f38d4249c3cb3f22d10521e536be978ff2dee276098db46b56e782596a68d5144ea1f2dff227956f4f860135ec2e0cee212a51b63c60e775fa2e0a7dbcb6f3d27f09dbaf55343bd2af3aee72ed39e15919d3e5b2bc67710c88a68806f1713313887e72e6af52f7de7009399b81cadfe76bff2b61e53b259218bf854d52644bd8e722e170bf9b109ee819b960b8d9da0d2dacf48083bd8a766d3818eae48ba408e18c63c8b59e282553a71f62083e6a007ffa6ce8ad271b7202da28f1d6be4332f404c1e2b98acc4d783785c1eab14361db6382594a9bbc3304f121f198948c91fe58d96aa6a8e12cc3f46f283e635548d96341fe3052aed45be1970010bb76325873b7902f0f73bf21fbe0a5cef6ec0b50902174c3515c89421a496737024b22db73916c4a41d294b8eec3913421b784a2629132461d4e6d5498a88b87abe2e385df8688b70b075e2139def62c18c60f96c1715e203850155ea7bc8d67e77428e9c96a3edf06d984f29959217633a907e7aa0f9792313fd30c6f767b79981ccbf1bf87942cf082090761f9faf5afb90f56a80908cdf34387d3c9ac4d27321b8b2c64f66eb3bc0f7937b0771b68eee977d5f3682fedb04e51868e4e588eb625a71db0057655af47806eaa6b875304738f1129d95ef85921db8b584af8e389297c8d59eb4f5f784474e5e293f48c5cc45e490878c31d32bcbfc88d51f96eee3cfaaea0e443505825a52603a06aa8cdc8920af575650833e7715dc2205ecba7e304eb121cb0d65609b853974fe9ddee9b9cb9fe4d1c08fed5b2f3d0f51e104635dba4857520e0cf319438659cb765bbbe6bed3a6451a85e3efe32707b2c84d7fbb99cd80b3529605b221b808cf34bfe776607cb4074cb9371306c74f3c38a4b48f8a8da8a02be28a08f5a0da463aa85863ef54276c4f414667d3812deb6b0e882381932585e3d08c6f3c2c13b9987088b345e1216b3d525c99820c0b6688d9c0271f648da1881e58fbf5bc02acf226d9e90a64911ebb27b415f3ff4f7bdeb9fdd5bb1f39a99f909f80af444b902d1bd96562882da6e0ce9efb2adfdcd78803164a5ebacd12d6246571066e8f05a37d9eebbf41a88926b6bcb287f4ef47728ec00bd96ccd72eefd5815fa9e2840a100e08be686e6b664c938a0eaa7588e87d69809af59268f3c4e92a98a663f83481668e0f3ee684a6728fa38c75cf66ac73dcee17dfa5ca94601b1e5ff91215492270e24c4abe4dce8686e99d3c64e7c3f5972152da99388bb59e282a1e300627e542cfea5a390dd11f0c95f52702982c0e8c690c1e7bca2ecffb7287b617090ace76f818fa8a9078978e1e249a7f4fa281fb3174fec950f6b9afaabb3279e22c9c37a4ea1c05df6c49c1b89b2ed23ca3673f388f502edd3edc358549c039eeec6ca4ae3404bbfb688c3d90cbd4a092e035ec48c3bb1ef08e2b1b6326622419356669a8399954dcbeddb197de9fb5407e105d800b6cfa91de41b2eb3ad2ead5487b9c7b11e76f2ad08711b00cb8f3da6794398a961853bdcbde90086ff13d69154442c8caa36d56862581a9f326f85c6722be613caf2329d4ff9734c99016390e793b6ef90c540ad3c7478d7b221a71e0f10575ce5f666e2425903f3c358c4dc5b29133da5027b541898b501cfa144e166d1b1d7470d05aeda051a1cd5bc3bafee7ccf8564682cd728d0dfaa4f731438de2ca3095f105c0bad8f3b039a427729ba1f96238403e3d1c8a2bdf1730253d6c78e42f4dc5a6079e95ea5013a9d335e628ee7d2dd1c7f2d25342b2be5c9fef9fd5eeddc8665c1a39705231538d0f3a19e9c021a7d6d2d1c6b3f4b483e6198ca6d269db9e82746c5ea36c70f29fc98462ecaeed27547de6435a82112b2ec9a8c1e759f82d04810824d97f1ca45071f6ac242b90b218f2c2c9b4cd42b56dbeb5e947a8e8b476749ab8cc7d910fdb17529440107a565737b69440cac0b418858d62fb7af804c5e483faa849a6375ea62581eff9c4dd3ccacdbab7af9fe9b2be75cb2e322c296cb91a792ab424f77ff348d07dfc2a5c5af476cc7c44de169dc1702ddbd5e4d7fb11172d8eab6df3b70c7b66fec5177a533ed44641c291ed9d8cea6832c24c3cd279c9f3bbb355fe47364d23af48cf8a86d27727ab2adf771641ff447291fa9ba99cf5c2cec5c968d565aabe16cd07d752f7d5b2c78e77cbd2dcb2bc151a35207026c98b755eb0e6fdc94628de7653f7a461e0b51f5c089fc4db6deca2243e3e5532bcc279dfccd2651db61565968dfce800e995626a4bf045e3522b996dee4bd10980ede518f4a5d986f41c53f0e2820853337869645c31c41c9563f1c01ce651e916f7472b04929feecd09ff768bdf74f0b40a0c58555f2a390db9bb7990dc31f995ac4bbf1f90271cd4b90ef7fcd096c34040fbd4a74aefdc5a6b8edf38da8084c87564b10e6e2cd7d0ea6849cff02c06e4df741c278f0d29ed6c6c739376e1c262f9d780fec67aeb519cfa669c9d6487ba527e0ccf5012954dbb3ecdbd3f5be1c018784cf83b3bd040e7116be8401e760f82cfc86ac19a18f28c894662f8dd13b1aea577c81bf2447753b57853765eae4353b65475e10c3b36bf0d0dc3199dabff76a06f70b173fac295db1f52100547050f052b9d287155bc8b04435ef35902395ae894bed80080fd3becba14c51da2cf34e2999cdbbf652dc6862e8e65f675b1d7e5da57fbfb497e8111dfe77164372d707a5857325c47afb462f7a38f617d158e8a28fda6d121e532e44b2ca9cef3c34a7a8d748c4edd061b62f6ab7344317b0dbd8ce4836142719a7c0835901236180840246527f3ba39cb64614e95d4af008d281b53853532abdc663051d041af7d1aa9766ab185efb77fcf278f09577e01e507a2034f435b66cab7692a1733d1ad3d5d566396fcacfd1bbdf542e35136a49e2d3cbc21ce157ff051a0c1b636b159f370366565a8ddadaa1502b425ef27a1ff070c52bd17595ee507dc984aeb14d2aba07fe786f3733e3527d5bbfcacfb09d3d5cf94738d1b13d2590b1bb1ea2eb400e9605f90b4b23c125622da85ece62e4493938099a4058e0b3dda2532c6d62bd033ee7a1cd7683620a6501e3ca420f9a64f462bbd4f125d154beff38c8f4a1278f9d6194289234d7e9fd397feb24fe1a8636e334d1342fa590b4578b3c677aae57119bea99ff7a5635b98ee867a282e5f3444b70415c0c33942f041c28589ba0de67d7b7ebe43ec6656f60c82c9d75bc8dac80791cd59a9c576ccf726cc97befcb9aeedf32b9ec6f4aaf043ab9bfc4712ee6bc4906dcd9766658ce56fea361518bb54ccca4bbb82eb64e417a37899ab31736ffddf51f97aa710b29f18ada97a200bd65d655364149db2c41cf32bac2c4bf799bb2356335a4fa01016da72bc7dd99b3f902f8b80a89d19bb04f8c49cdc5a78b17b52d52c06f18baa9839332f3ae59909748cd4dac49c1901f3c2dec64ccb40a49fed1699fe1140f8602384a930fed2ed6f9c120c9e6158aae34d8ec8a4fb0cb7ae19c2865e3939b499b5a08183c342ff4af2b3400980879aaa6e29784e90bfc915b9f31e79b742420952bda798a8b88c77134cc5752630e57fa23f9b174535e3244c9fa475d1b2829fdb768d22d6564e55556fd3750bbb223f3b5748a57c899d324f359c3842fddf8055e1b40588365393b84aa798fcc8b321ba1eeac33d340eda01fdf697e81bb5b55852f6b355a7dd2082cf087949cf9fbbf697af8f81c20f25a1c0b92fcb06dddc50c5d9e989a15a2fb7d0544f1844e3f46711165bab1658615f440b71f93ddb713ba91e8f4d91dd17243082d61cf43fd08861d42f41f1ebc68be633bfcc79b14cdfd7b171ed4b282a926055ce26e7fcf40d1e8e7d05ce6660fdb825dff76d735bce7b43c98e5b6c4763ccff99b45c1439859ccfc61756c298eef7424c465aadcd71455448827e39e5ec21293f2007617fae73b74de8efe349c726a9dac11524720fed5214101b4f26ad6fec2215a54980512a57358545899c6898692d805134d606b3022d16954747d247db0093dbec65fa7d101439ccee58a8790ee0daec0976a743d8f7aabbaf8d9945e95ceede27387e2faebe8d1eae6feedb78cdf016c6c5888e56ab4830b002513f87aed9bb4988784c0debd8f566ea9c8467bab4a52a52de9e262f16ffe222ac1ac6f6d5de557eead4554f03bc8ebd681daa2ae6cf93587d32dcf53a184f5019f0fad0729095a5788b04fc6987064b80c6bba46e36fdd767ca9c6819445e95ec7d60c3f9b2716c206a589e413fd7bf1d8fd3f1245ff54d6db4d7b45f20cb4f6dc8bcde65484d70ac38921f89261d27fc85203b801867850457a3b61fd55e805bd3c40a336bf87101d8914d21c8c968e934ce265cca3efe21d3ae1b78848f7b50a9a2e9b51bfca2ff7e0292ede0aa013af1c09242d6e53f23a216b8ccc64402a46eef3411c06cabb5435b1d2d8ddffc2c3dbbbb0e707e03ae0c518414dc7304dec25084891255011dd133d235e663ff38ee78c9abb93c9f692c5195222c881e35431d638367c7e570c962646424dae41fa2b2af118a93add1e088aaf7e1dd108c7096f4f9868a8af02cc15db7493ef011d320c6d64f6de56a51748e9dc4b7bd1bd515d3e9522a65e87e25477f71a6bddaf7ee5a01d424ac153efaa52f1e56fbef9f66efe5642f7dae41e419a64be65635a088885717942d475daa806ab151b087525446227d0d75a493d5a98486365b3981b3bb77a7c6c6ed44a120a98d0f2d35e8ce83837004c39bf09ac5723b1d7d7392f6e94462e86de853c6841027c697236331e19aa45693b2dbeffea7b00f0b284e49b04935327b9808576b397cb48d6b1960d06058f1cf2d0641d7c99e79dc9d47efd1d5bde85bb51ffe4a687c2d364713ee0ca4981f371c7a418b61118431984324f84f8cdd6e2849c00c1f14b1732a08ffa08d39c312dd809f15c8a651cbec053e870ac04c131946d80a8e684c8f309881f98220d7e532773d4d8304ae53428390ca7914a408030fae3b47619352d8a1edc33856530f806b8efe61bedcbe199aca4dbe79bdacb08b361e31f59c00463071fb19edbc0cb84c59130770fcd17643f7c37c1f54753f40fbeeeee31b22d89944ac6ee913e63145e3e35f804d2cbd08d9f2e278be717872a4fae63d8a8b462f715c3191d394a67a724fab2e4ec31c439fb2fa01295aeb56910fd406316bdfed587c1b42a733542a55793303e59dc23a40bc9b9f5713a3dc21b95b591ac9863f31a4ecd160e7d9b7b2ec2b137e67", 0x2000, &(0x7f0000001ec0)={&(0x7f00000021c0)={0x50, 0x0, 0x8, {0x7, 0x29, 0x9f53, 0x10000008, 0xc0f7, 0x48e, 0x8, 0x8001, 0x0, 0x0, 0x80, 0x101}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000000000)="d2c113c29ca1f0329c09333c4e57bb838cfea716579dab7d1cbdce058b04b86cd2573f5a46ec9ad1bb3c276903ebcad8758f3bdb0ea994c5ea01d7771c5b21040018c812e3b3d2c92d14193a28633e7a06c3239d8e97c69f11a821f535082d74ee0c1925c46bfba566d8c9647889a9dde67089b24871471415a695730085f81a0b7c8dc2eae85ccd015b85d7d1fecd2528f2a8369ee0315327ba0d506a583c716ea4fa23575566c8cf1a2a844691717179b82f10998b7d540188e57e864820665ab70db2d483c4fdcb115ea6bbd4a888f9d383f6fea063635b69686590f540c638a77fe8e8cb266cf72667e61871faf1d1810c749c30c5a7b61609d81114f7aa0355967a7513f659d021338ddb687b0f7372386170902b612c56f58dc73a1ccecb389ccd39f926ee91220a5c053dc277919ed4e32b63da14781cb46227a71388f2aeb37e8971d4a554824bb05f7e6861a916c94204feae48f115680a40b7b2da6ec3af295979016cb78ee53d347a2a8de81c26d0468db8b59df449513e109f26ccdff64403180deba17211813b69ef3f0c42f498a6f3d05a4e7f47f99a8b9ff6bb375fcd1cf444a794a7c2a274f2786c8c220b1f80f2d0c1f311960b37357e31198a44f1e25aaa320f6daad7a42c0367de29a2d0d5567098dfc4ac2b0393a7accfaed79afeec5c9d526503e8fbbd3d1f6365c698775999e5109bada3ec51a9d4b884631086bcfa4fe99135a7c482d9e3d2cbd0a58a42f8cd737a812c21185d909bab234d412bd450da975be70eac2a8db479f7030ff5f41817cd798d59a2db9d8d829765459531044ba3bfa6fc89d046c75e707133e5211fd05d20f63d4f493b23bcd966e3f4314a512451b761fb3b3ed815da07c604f71d2a86937142ede6fce427766dbde15f74f2c45d4c3c08e815b507bb05ee97ddf7ed79ea2ddd5c6ef057d455d84c79bdfd6e68ba6f5cd806a6b9dfd5ed65e394554fb59df7aba2676779a547cf8a7c97379abc760e94e01264a2a23c8c63296ec0d9a4e0aa5c9c470fe46beb8db8322372f3649b7d2ad0b8d09e77e4757a2f40835860b56d41382fabc35d891deedd2168ff3b20f3345ec3238ce795fd9b0311fbd7cf10bbefe4e9349bdf7ea5294f3fc3ded1203c01c9a057641ea122eea48e30b942fdebdc4e7263353361dfcf3562eb3f7eb491fe5394ac1e9af734950b3de71b557bd1baf334d39c5dd9e6842a3ef24004eafc5eb85fbdad5c1e49f60f565da146b119f27ec9077774e21300edf2883f34e299ae0465779ab80ba2d097f5d791a72785f35090dbc369864476c33d3279382a49ac45be1706211659d6fac1ae12d772fa270eb3746a69082e67664f4be335f2d172d52f5083a0768e5d4332352be40eb41e3406de4498e740a470141032ea251c144cdb5352d8049281898c72f13a5d3509c9c77308fe45016abfd7d42b1a022a60b9a5bbcece7c0a10bf9f157995465729b38fdcadd0d977574636206982a6b4e8f24bc75e3eb054fb9ae81e878afd24cfa9756f053bb89f0e4a42e195bd2af8a91a6dd5c9fbccd938681a7387ed22a0e3a8284d3182aa7ef1905a267850fc405494d7079f6d0364287cf7b16dc2310b15bc49fb68d1a96075cb5f30f4fc2ec0c51d0b7e806e78f108f4060a55b8c23b3c89a2f2fa321d5138019c417a504d230ec496583933daba2998e20d8f9a2e6798f681e1d4df88fa4e084513d3648ed4f6624d8b894470cf325e837ad177a634bf58d21378fa0d3370bcb724fa88314bbd0749bbe6ff9dd5d7826701891c180278833c3327a8b1500c3e86fbdaacaaba0e0f708052ddecaae4fe142689c812aeccc7211f61159e0787a8f639d1f0a4db373c17317fea5d3ca1c6060fc44a2d02502f0230334acb69861f0cdb82220827f5887a14e7eab133ce4ecd9a414b2a6b31d8c631325319bbb65ad01aaea7e157fea6cbb434c67f4582028c32f5890ceb243dc972e61e122cb36840d5838dff32d4b613ae1909f3970404fb1973f1e80b0e388141b2e24d47276be045880a4ac18fd136c08cf266b35c75e9b796f6210817439833b613195fe4688b22127a978d20f8b32e3df3297e09a565e659857d8052bf69c5006c5870bd25e6c3aeb411553924d06ccb849cdeca659448cb220d259b4ee20d256d44149814b5e13ab365c448369a43553e01874acded99d24da7d1c9c283dae95b0b5311344af85c7c9a8483fb18a5bfd7a4fb4bbade211edfa4c30f3d1b5bc9672a02adb5d638faea66424e2c82540937dc4cf21392fe16e05811f1bcfb83132deb1cf2a522f9b543758b25d6949400af5d2a7a566f4ab0f5fe0b0a8e8379850e3ed78cb823f5b59b3df4de700427b197720ec69b86c76080b2cfdc4a2619e9d2a901e247e591d79dea91257c0d4a3c7ebb86af42de6833aaaa2d69b71e684236705744b79c62079236759def4a37a0b97742dcdc1af8e54385ad496af31cffe7539e4a69d65ae28845439e5e3eea34785e6065c32f3c7b71ef4edfdb16ca9ee9d5d4e066a60f9919461ce932a61c4100276dad7a22447c681bfebac9186f23dd38509090e0c0fd60219d33174d0d1f5a2b3eb194ae1c7003b159dd560e909fcd0b14b803ded8a94f2a61ca59f9015a673c018515b7605512ecdec58b60aafcba88e88b790e6dabc09a6721613d4e60ffd8d01b07ccacc1c7f2415347f5f5aa9eb7e5d27090403a55d0364721bf0363e34bdf9d92c8e83fe39e8d23e0a038717c00f82dd27709ea69a7a857575f0e039b067750b0e226dd01091b6aecae409d563a72e0805c8c101401a9d4356c532ec27cf25ad0ea92eb137e5bb367623155b3e62baa1cb29d86e4765a635d180d26f37f58a24683494cca93547b1f9ff0cc81c085cc4509b746c5327f1f169ca3bd059d324ac91e3c05bb225e5f81655d2f5b5f0cd6389d35be14f63cf76ef856634c5c42f5f6763a457be1745d9ddc4e7a77cbe86398585dd18159eb7dadc2da143cabd5794c4caafab774c5b0ad661f6f9e7bd5163af6f214bbd6351560cfb5e9fe42d3b67912e0bb52926429a43c27aa6c52e904660029285c4b763d6becb5cd4e9a029fb092ae20df18e073627d896a8de5f89474cbc2d2a525edbaa635a9704ec9f30bc0d18dea437a986553da723befb7f91d73a9976a528d2ff2ff80aef0fb80b4c84fca0d810e1f0c3857aef2616c9908aa7dc6a02e28085ccbb88e13c8c8c1acc631e4121e39b453a5897602dfcff5629f88d75ae7375cb9d08969dc6e870870c7aaad3c62f1f39c363d7edfda2d5ce1e9e62b25cf3b31bf4da9b90616a79d3be8f031837844c13fa6ea8af83db6eaa6abcb5158c38abe7fd39b8710c7d8d830ac93d5d3cec1d038c7947861c4ea118b3c205be5c441d35ef856c9a81f970c2850397e735a2fb991fe2dd0f293224ed263963a1041dcefc67b77b25b82d6ab047eb282702ddab528cc4bfb8c82d86352057e893bfd4b41e3396d64d7f1a78f6a0d4cd420d4bf84eb791a513163f837556c1a2e7c4e84ab9bfaa3a23a7114bfd301ea1f6b5e5c94e076e8f42a4da7e05224589005625245672ef85a11d6ac4b379b72660583ccb62b3d6cf00090c9c0ef7f3e3bce7bc6e10baa0498799de647451281afb45cf053c7a57eca0732a8f9e9f02437be51649bc7d1a391aca1561fb6b2d47817394e97e426afda0fb9fdd248579b8eb768ef9e249dbef8b0ebbd0e8dec2f149e2356df3a9f728b5392875ea476b54a1c990040ef4e63373566611c5b555b5d60a0e69f32e05db3f9047ea3e261ee6e3d87516bb0fff783333eef6444c8d9d17f8b23514d6358c62cd34dbf0e9dd60f54f286c533d68f2610c82eaedd9e512884f37211f190a08cd3766c7ca6a5043ee9dbabf5994c48d03a2fa5ccedce7ffbe9cee1e9d54036ca4ca7c4fdc339011448c7aad3d14b639dc179e7a97f03b606b0e47a32b8c9ab82c59fbba5e0ab663538aba9ba71d27216614f59bdccb050cc2512f65f465e8476d36855df64b8bb181907e91f45c6262dba02b35dc238bb32b9cc7070d31f7f95f2193b5fca347874a64041ab629cb5c3a3d77ba999793badacf01c4244ae13c0d77fe01fae16c489fcd58010afc3084ffadb9bf7264f23f1ad0e8d9d762dcc431163c343054181812c9cd1a6ecdc9964caa0a2ba8cd29271e6824891129b89efc1ea2996100f1932940a49a324e8eb688d05ac7d6ba273aade15c2be8cc74ef1eafad9b9ebfdfa36edc5c6d109485a48ac6a8395ccdf23779919953cf3c61c3a635c7e782f84098f3cc6bea7644cf3924c2352c97c76bc7141227dd29f1d47ef209adc3aaefd8cf204fb265e6b262e83736c2f26b22d80870af83095338c23a47a5a86af2ae7decd1aaabd925ae900bfe8e82728e14fd82677769bc9962dbb507a61e206821ac9c0940b12d79ecb7a916b9f6573fa3d9a7ef773f66de8cf8db6536d986a29d7b50a2973d228ec48468c5ebec6253130c578e5ec2848b62e8e1082a3d584e84b86e24211a9546e1abf79e568827af5d9ba98ba7b33b5cd9cb7a81dc873ea11276049d9d6206d2ed0933ada7ef9b6823f24b756ebea834297743ffb146350f320ec9044df55b20df0ff84584c16350f465b5ad7d364f9b166fb534c2a0e65f6bb4d61feeb84463ceb4a4f7853c0c2410955881a60170b0bbc131f6699e2616752851063c7e8b0a82e4357b84e48bad8002610e5770c17ee0cb301f9dfe8d5cbb66c6962b5edcae17b5c5dd42026737ea9e2c79bfb9392d290b44d66ade6eb62e26321ee214a6d15facb7cca610b6209392179a50f3dcba1494d3f302745461f6172d329a12d68405be5ee05ad2a641a7aa3da1d1fd3198671bf1af5b39e2bdeed49df80cf0c6e0edc5c4812350097bda47d3fafb3827d73eeb0b29320c74dae6d4d61d8fc269652835f5a7f98710c644dd50d3af618651b41916bbabb9ea7cc46c8208dd7fb99474be66e1a970c899f17129a9ed17ccce0d93411e71b8f1c7790c787f7a97a50d54acbc6f4eee49a38882c34e3477c97e1c6da0b39a1e9d0d25a3cea9364033bf4f625a02412174d03dafd642526867578f71f2e52920833b8d23713d5ac48165f49545f6c7c75b5b4ef2e0682f8f2e191fdb6c0ba529856f887391f8d5aa3f7dfc5230170b97662611e53a4436bf4e98a5ceaeb16a79bb95f962b2675cb6da9f1cfcdc1ab604ef7749fe87ccb5a3660f463ff5f488b5c544cf847be84dab22d038730a7021cdc7f7ab714c1561c98a39cc92cd6aaf53c82b28665114ac18b2149ee7f1b52f894c28a49eb45d4cf6a0e65df39b3c717039ae41958fe810c1e05ad62ceef2980e0cfd891bfae0db61fb1c8d65b6812ef1bf5d426f955ab4826eae69f531979699685f5312882032a5f47ed8cf2e98e67d9f6c299d2060a04b4aa677500b48a33586b10f71293d57de846d2683621b588630a6ef06a41437bd99366787b787a68c71779132d0ee73aa5f97d5b9ca18a7ae26b7002512df1073e2eccdb4d2f137a15d9604e10547fa465aeb4f2e5899b531adeb5e72fb76c2c1c9d18ceb4a23a5f6174ba86a7119d82e35cb5a5d1c6a093351aaee0094b32b92417dc50c1d3806fffdafd2ec0e3ba176d84bdb7d59755e9083e61ded802e2a089ae9d6746f738b55845bcd4ff0a21888c2c6b972db043973fb323fd1c15e70137aa6a4bce3f60f27c1d1488f3751e5425a5776c7cc3a3c8acbfbd2171407e1a242e8e241e6e9e1287d8995265a8092ec59ad99652e63a41b744f34392017f29c1b1ca4ce7728200743d4497a70cfd2369d0ecf9e0ba6f28da25b2d918a06ad1173091b8d750b8c2120321818a0912bf47b96c9a8962930a843ea8419b24b8618b7b43482291906e151bf39d3634756d9e1ff5a6e787d1fc4be7349c38a3b882e059a5da930a9cb2a01eb8b24b54def2a2949538fc063542921947f1997dbee59842a50a043d431649ea0adde68c43259ab51592107b2618c5f761364d4d3d5d0f4d4ae1b94650cb4b695db5831c6dd789140b87525d9ed46fb8dce8fa75d68f317dfc3858d810928fb3530b7ae8701d622b0e69ab16cbbd46c8165c467850d081292da8147fe07f472776d1e2c75c17bdc0f8bafbc964da953a5efe64af69944f0f8858b2a4dece04428ede8967d0e93827910400af8a859b59579d9628191b291732bae90a3b50f8b2b7728725568a83e006ed21e940d4b7e7291ad6365138aa2d59c0b303cc298f7a70d0c39e4f17a878083631b1f96a65d7b4c5a4403929180694f55b71ba29685bdf472f0e21a1c8b3c2dbfc4892ffbc0f0f23f38ed0b785080c11b0766ffc5a0c2c750080b764df159e42ac8eb82681baec5b0ad7948153679162c223f63bf22545718accf2a30bc4402f6b54996baa00508c6def488975a2e2bf2a8dbcff49293e83f998f8baebe722cdfef96c46ac3d945d56ada194353f7cd03d2b86cb9844f7d63f008fbe553fe0023f6968e8bea9054ed3c567e5c55b283fb2337fbd20510e5e098537f5c1baa6b509f63b1e812840aaf470690894a2725f4460a106a3b0e14b12b47c3fc1a083ae7e8cd2e710b5d428b2063f7bb91105255cc0fcc8ac51398ec3df6416d283c4aba6ed44846e82be02d242c710c973c5f0a9b3b16da8a96f5cd2a164a3fa040075b0cb99944f1b34f7e79ae039d15a6c992cb40aa403de90992c064e1771f2a396734480f43b024dc799b8e242df235dc0d33cfdce41755722907f4533a1480d78e99320412326c27e15434fd3fdb19ed33a07063a8a62b39ce14be2ea1e0adadec65fcf4f19901bd801b87e90fc91f1270b420fb530b71b7aea9ad23c4a4ad28d4b63444bc2fa7b44247d5e9f0ca0209a489035b4521b5e886a419df1f9d0e27b9c5007ee75fd3909d4e0156973bdf2ff8d1a88cad1d534ba93648ecb34a30b1e760f1ee8cfb90c27c36385fd68ee48982e5f0c190e8786b7ef0e1dfd3cb1cc00efc19a92020b509d3e2c74b4265bdc765085bc49c6fc61476aa22cff375a78c59f33394cc6ff460584ebbd8dba2cbfe97feb1c9147068dbc1d3e25631ad8478d826d88c28b2cf967d07d3ff845cbb25699406d106eabd31066e9cf8abbe7598f71cca663a6f63bfb63caa95d3a363e69e9a3bc889d026df28c37e41786bf8c9a1ccc06c3499986a72bb10367f32b1b8a55365c2a5b46061b58b81c5da69ad39db6c468906f1c1225527f1b26a3dbad94b1419f3671086b061117206a634cd08beee1fcdfb4a3a7cc78b3cb1293dc900d0859505018b38033a1cc9a0051968af1f8fa60350865328b6834f9c30bb1734949fcdab62cc6904b285322da3d49f188019648cac314d65a7c57f4e25864f17e346e7ebbe411695a237622356ecc10e66c8ba33e7106a756b8d3abc1a1aababc26413adcfda74a59b9002a7e2e3edb3e7551d32c461c2e40c25cb9de751ffda44d7f353513c5bbbc473594127c09775844dec5dc922caea5532dfa98fe80d80243233a4f0c15520d9dc76da3623aabef3582380ca4d2f9558d6c71b672f259b94f26710aa1d933b3ad79c8755a96c18fcfd62a972ca80ea0d33afbfc80045ba7dab492aa06c73ea3a598b2bc6eb1549627d183c25c3486814960eb1e1b02200a92f51b8642683f88185a9ee91c6dbb576dd8a869e1338b81ec205d979242bd963308af90ec23e01d253a70440edd3ebfac8e489db0a70bb5c887f22e7a5de33918374a9ae5229d419b1948eeb23bdf8dce3c5df3b81d1a3e3b38e095f261cb9e00f5567413a5c13abb469fdf64adc830cc442a099609cf0ebd3ffe936d77d6099d816be2b4cdd31e4fdf5af5904120ec65e81138416462f9e9bbe9ba6d5980c7de01288bd9f4741848802c32f3774678367c70014e531ad7f95b5527d022232ada51148012328f1693b2d08b8eba80dc26d8e9fc369b410331ed720e410ded5bd03ce69942ffb97489a2c5b6e4da93cc73811738a141c3a16d4ff6edf2ad1b3d3ae45a21c5ca2613b92e7871dea89d3cd699b86520c80f6a391cc2911538f8108dc90203b0e74ee43a087e033265e0745a9c991facff49339c40601420bb72ef014bc4b9a51cad1dcde9f1567b4ae9d11b1416ff3d8dee15f4672bdbca4348e7e71f8d75a73851bc0ad539312b7d52c498602a5eda4630296fb40aaa90d8f6122da7fb56d02755f861df193bdc5effd8a0e54c2ef78a284f7543c2b25a81bf545be3a3f549aabe86700bf058877e3fec53813f9992814a2cebf341cedcad346dba70596da899add4d723d98366ab60997cae7e5b9d417252734d9145ab8c5ece5b5b0efdc2f2578838c500ee17b866323a951979c6f1a50da2833bc437bcddd6efaed0244df44e6069daf359289d9c50c073f0fef4be1fb3802be5ea643761ed6347a35a3f537cbde402911c28d7c7c7e6b8612facbe87221f3505ff078d0dbb28ec469fe6eba2efcb4efdcfc5745299c0850e21ee2c9ef77db8070d589c547cc7379b58677d16077093514849869ab5bf8f896fa933ba3edc676dcb73e91386cc48f01782ba635564e0f91988cf98a3a17544abfedcdc1d80540e9499bf98180feb80325194cbc369be3275ed390f8e91b8d75b1364e9fabe50a1e3b9531c3fe1aaf6523e54bb05738bd3a67ca5de01b2e479ef7678a86b13d6b747fb3cb5fe1be8913228705fc232ce422186cb79c3b66c944f6124eb414322806d47978044336221f26d3a09ed8dceb52e3c7e3413535faf1f7868cb47bbbf02c37b4cc877a1d5f4023083d5b36650b673a4e51387c64d44daf58057adaa5610d22a15329804cd51a42f663311c4e5ece9d99b5a813c4025e8e0a98c0f3ec13cf07de0b18d7e1ba7d3eb143f5825f62ae5b5f6d92b167f9dbb2177e84f23322566814296277fc2933956f818f5475b6aa031545e6e2265679d16cbedff96c4f419d5fabe99ee652feac8acf9a90771ab8ade8291b42d25ebbdc03faac02b9599fdb83621f6ae1e2e7f946520f3cff881cd600c17b4a00c08d0996f7d2bb97d35647f72b80ba8ad3b4a16cb71094b2d1193a5fa1456e4671788bc51c0d506f4809ca34620d4a75a62ddfa20ab5c4d347a08eb8784d4c572fcb473b766f5e1ce9d92db70ebee83accd58b8253da36b9542686edce545261f309144a3d64900f796620003b36ee3d44a06cc4d088f73aa45288b90476d2e1e461795d473d59500aa23a6b7724a2f0d6473dc2f0af6ea311a648e193072016e199b920bc8c0830ae18f1c17e33d73badadc0f9d34cd52b54f4d3d480a7ddfe0f140f8de1a382a4c5a722d3e0f875b69054d88b8bab94e9394ba8d28937f1ffd871d1666a377620e7f032633fe58ebc87e533bd6461b537cdde38352ece085378dd7b24fa3fd5a3dc3f5b77492e4fc91238a8bfcc4e20bb396bd3317155981ec593926f2e9f15e5ac1aa533e122441649a681d88142a93386a6ed6b2d5b18d7fb57541e31a69acee17345b08c6667ebbc53a082fbcd980b4751937ba729dd2fd9b43d06091517922dd3ea524db002db7525902a465081843191d2d7ac76adb7724ac2bb88e4cb2f3188dbf0cd47acf5011b4519ec100a44b2ee6a1dacac5aade2cdcdca777c6b5edf596b05691d247f671491f68bf2e113a7e8674309ea98ab794d05c664ade246288796270e10f4a308420a62bf0df1d1636330e88bf4cc78051e5f715c8f97b8a83119b3fb5129ac6d0733256bec96d8cf435fa005e14d88884a0ca24266a4e78e25e2519796ba31971e4d0cb44ea58c5ddf54a15e3b449642e395679fc5ba600cc6bb7f2b004bfb0d621e51f9cf16309e4a02ce4f23f4a2d225aa8c84840bf2d3522a5f7a983cfbbfe4adb62d6ea622ebb784072bc6673878c5eaa865a7657b619f48cf0c51a4b0d47b20f426adc7f8ab68238b97abf68443f0eaac3796bfd99e0bc644e4f6fc43e551eccd615db802dfb031444e09aedcb04846bb894a2cf42dd0a578dc94d727736e502194ae25bf8556373969cb7f27788b6edf5b2bf25a79c7f89289f827ed4be611d65f6bd89698b130aaadd0f2d914819f41a0185dfc73adcea80d2ee592bf32d15010cb32a95ef112bccb2b780b461637ffa1641d34e1b114cdd3dd1ceb365933efef1781f9ec620a73097594c945969c2ea036e36b2380b33599c3e1d4eb2b7f210324aee3bba5a944b71cf0246ceed878897fe00e30d0bd32b3dde08c8805e30efe39cbc9d11b97491d82fbb5d93b1997e5f3128252472ecd256b9f79611175b6f686629ee744d0ba2494607a4476ea5f934c936403509c14bddbc2403ad5d97bfed0da36707b66f39ffdcee7ab39602e740c1ca9761570cdbab5f56b2060db428921457445b15c4c92b9c4b0ebb0746936bc3053836fa884e97c96e44d18a5a52feca033ec4caf950927bf9a281ea1aacb2a8b1a1f74b20de25ad5f3e459ab8b61ba5d00eaedcb6b5467dcd8608cfd48cc8c1a01f2c9f68bc9ef9adf2fd81cb3e28277c52d58f42ea87c8896383c2fa88dd15dba7172990893fe28ad1b50095b2ca20856de64693f3a663be6e34a9ccbb09add5724c5599495d0c95d2b900444651048bf418070b324016678d694b82565931159ffc37d3eefd7b482c41637cdd69b8f7051b6e88cf87a01d26d0689057ca0f66f65a2c3fbca608f7dec52d8e41ea98d21be162eeb38b27e9465d5525e0ffac3bd989adae19bdcf98edc48ff9d9d2a2f0850fa2cac8421ee6e211b1930f9fe9cb7138e8058ae476aa93c0ca49b170eb4ebbbb6fb4020d000eae537b4dd4bdfc63e3fb281848c057b94fc14dc12f8833d5ada50c8f0178137964c3b1524c59eae7ae19066a8003b9f4036b0be91f6f24baf6839f360473907135a8eb777dfe4dcf18d15fb8e16d069c48c5a128f046667f66bb22d36e986c73d2ebaa1a9638a9e8c049d0c766e2008fb19c4aabd96e3443c48377214b01dec0f73538fa5a882553a60664e549030fc9cc21a74a73cf79cfdbbfa3676a474910a295044d804b9f6a30104fc8250da4efcfddc379c3a1b84a2050ee78b18ba84ec5cb4db62540ea7be026b48d2b9294f06aa48e44087dbc494d92fe3e8648792c2b9f5d0d580afac814f8fc74208239b5f8fa6c20fc75c9d73fbe448a4fd1eb1af10165c37e7aa72c83c47dbb92bf3203bc0bea3b3ae261636b9a6b621725aed16de5c33502f152ca3704b1e83a60cfc5807177d9e561b12f43c3ded0951c4ec7af0ab29f55e3745df0f10bedcdcee2d443c0023d7547018c94e2cbb04a5c67a81d33df4dda99f80777b1db00f91bf8abb96ca360353c08b8979d00860ee3af86988171d6739a0f546f64ec34c045afd1be790176228204782836484f6d118d734c8e1b302788aa20e704502da74cd11bc5a22bb717a1d10d5176a4426e88cc132479aa7e8370772b9776ea38d5bd217b08c50f94072acbdf93e732e6ce41f92159b626e59e39925b458465ec3b0191a56d8e1c3a76110200e38380ccfcc1a05f85608bc3ea0bdbbf326bfe003158c8c9e01e90a7ae164cc20de5b23146baa9786111", 0x2000, &(0x7f0000004b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002240)={0x20, 0x0, 0x7, {0x0, 0x11}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
umount2(&(0x7f00000002c0)='./file0\x00', 0x1)
fsync(r1)

1.075072276s ago: executing program 0 (id=3731):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbmon(0x0, 0xc7, 0x103900)
openat$sysfs(0xffffffffffffff9c, 0x0, 0xa0042, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000240)='./file0\x00')
open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0)

972.433315ms ago: executing program 4 (id=3732):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f00000004c0)='W', 0x1, 0x4, &(0x7f0000000100)={0xa, 0x4e24, 0x3, @loopback, 0x8}, 0x1c)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000200)={0x0, 0x2ed3, 0xf34, 0xe3}, &(0x7f0000000240)=0x10)

353.168707ms ago: executing program 3 (id=3736):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x7, 0x6, 0x8c, 0x44}, 0x50)

352.989781ms ago: executing program 3 (id=3737):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000880)=@can_newroute={0x3c, 0x18, 0x1, 0x70bd27, 0x25dfdbfd, {0x1d, 0x1, 0x6}, [@CGW_CS_XOR={0x8, 0x5, {0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x7}}, @CGW_MOD_XOR={0x15, 0x3, {{{0x3}, 0x5, 0x0, 0x0, 0x0, "025f9f22b600145a"}, 0x5}}, @CGW_MOD_UID={0x8, 0xe, 0xee00}]}, 0x3c}}, 0x0)

274.341694ms ago: executing program 3 (id=3738):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000000)='.\x00', 0x2046022, &(0x7f00000002c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000))
r0 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
read$msr(r0, &(0x7f00000049c0)=""/102392, 0x18ff8)
setpriority(0x1, 0x0, 0x100000001)
socket$inet_mptcp(0x2, 0x1, 0x106)
mq_open(0x0, 0x1, 0x34, &(0x7f0000000380)={0x80000000, 0x14})
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)

273.842589ms ago: executing program 3 (id=3739):
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000003c0)={0x0, 0x7, 0x0, [0x0, 0x8, 0x9, 0x8, 0x9b0], [0x7fffffffffffffff, 0x0, 0x1f5, 0x3, 0x9, 0x7, 0x4, 0x8, 0x3, 0x8, 0x1, 0x0, 0x6, 0x6, 0x0, 0x4, 0x6, 0x9, 0x9, 0x9, 0x5, 0xffffffff7fffffff, 0xf, 0x8, 0x9, 0x76f, 0x1fffffffe0, 0x7, 0xa, 0xf, 0x6, 0x1, 0x80000001, 0x0, 0x88, 0x9, 0xdb, 0xfffffffffffffff4, 0xc25c, 0x7, 0x8, 0x8, 0x0, 0x4, 0x1, 0x9, 0x1, 0x9, 0x1, 0x117, 0x5, 0x8000000000000001, 0xfe, 0x4, 0x0, 0x3, 0x4, 0xb, 0xf, 0x0, 0x0, 0x8, 0x4, 0x5, 0x4, 0x2, 0xc66c, 0x9, 0x3, 0x10000, 0x8, 0x7, 0xc, 0x2, 0x8, 0x5, 0xa1, 0x6, 0x9, 0x6, 0x5, 0x2, 0x1, 0xffffffffbfd3f0e9, 0xffffffffd5f54280, 0x2, 0x5, 0x0, 0x0, 0xb7c, 0xffffffffffffff00, 0x96f0, 0x7ff, 0xe91, 0xb, 0x1, 0x8, 0x4, 0x5, 0x7fffffff, 0x1dee, 0x0, 0x8, 0x1, 0x4f48, 0xd, 0x80000000, 0x7fffffff, 0x100, 0x2, 0x3, 0xffff, 0x2, 0x8000000000000001, 0x7ff, 0x7, 0x0, 0x7, 0x1ac5cf3d, 0x7fffffffffffffff, 0xffffffff]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000100000000017c00000400fc800c000180060006006558000008000280040011"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

181.448212ms ago: executing program 0 (id=3740):
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$search(0xa, r0, &(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, r0)

181.064863ms ago: executing program 3 (id=3741):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

114.402604ms ago: executing program 0 (id=3742):
add_key(&(0x7f0000000040)='rxrpc\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
setresgid(0xffffffffffffffff, 0xee01, 0x0)

114.161566ms ago: executing program 4 (id=3743):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="600000001100010028bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="010000000080000008001c"], 0x60}, 0x1, 0x0, 0x0, 0x24000040}, 0x810)

45.717144ms ago: executing program 4 (id=3744):
syz_emit_ethernet(0x7e, &(0x7f0000000000)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x3, 0x0, @broadcast=0x1000000, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, @broadcast, @dev={0xac, 0x14, 0x14, 0x34}, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@private, 0x1}]}, @timestamp_addr={0x44, 0x34, 0x0, 0x1, 0x0, [{@multicast1}, {@rand_addr, 0x10000}, {@dev}, {@private}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}]}}}}}}}, 0x0)

45.55295ms ago: executing program 0 (id=3745):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/70, 0x46)

45.156676ms ago: executing program 3 (id=3746):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbmon(&(0x7f0000000280), 0x3, 0x800)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec21, 0x1000, 0x400001, 0x40000333}, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

342.65µs ago: executing program 0 (id=3747):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@allocspi={0x1b0, 0x16, 0x1, 0x0, 0x0, {{{@in=@broadcast, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffd, 0x0, 0x10, 0x1, 0x0, 0xa0}, {@in=@local, 0x0, 0x33}, @in=@broadcast, {}, {0xe8, 0x0, 0x0, 0x40000000}, {0x2, 0x0, 0xa}, 0x1, 0x0, 0xa}, 0x5, 0x5}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x0, 0x7}}, @policy={0xac, 0x7, {{@in6=@empty, @in=@rand_addr=0x64010100, 0x4e24, 0x3, 0x4e20, 0x0, 0xa, 0x80, 0x20, 0x2c}, {0xb7a, 0x4, 0x311, 0x2, 0x1, 0x9, 0x4, 0x3}, {0x9, 0x6, 0x9, 0x10}, 0x0, 0x0, 0x2, 0x1, 0x3, 0x23ba7929145c39a3}}]}, 0x1b0}}, 0x20004000)

0s ago: executing program 4 (id=3748):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000000)={0x15, 0x1, 0x10000, 0xe0a, 0x7f, "3f3c5e0000ff775cfffffffff903e7ffffff00", 0x8, 0x5})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xff)

kernel console output (not intermixed with test programs):

oop3: detected capacity change from 0 to 256
[  156.865611][ T8534] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1071'.
[  157.016842][ T8548] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1076'.
[  157.317645][ T8562] ip6gre1: entered allmulticast mode
[  157.393614][ T8567] overlayfs: failed to clone upperpath
[  158.102850][ T8582] vlan3: entered promiscuous mode
[  159.224363][ T8599] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1100'.
[  159.235270][ T8599] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511)
[  159.239025][ T8599] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  159.592590][ T8614] loop3: detected capacity change from 0 to 16
[  159.601444][ T8614] erofs: Unexpected value for 'user_xattr'
[  159.864621][ T5938] bond0: (slave syz_tun): Releasing backup interface
[  159.868081][ T5938] syz_tun (unregistering): left promiscuous mode
[  159.870698][ T5938] syz_tun (unregistering): left allmulticast mode
[  160.419280][ T8643] loop3: detected capacity change from 0 to 164
[  160.430525][ T8643] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  160.638980][ T8645] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  160.792867][ T8645] Symlink component flag not implemented
[  160.795401][ T8645] Symlink component flag not implemented
[  160.798028][ T8645] Symlink component flag not implemented (7)
[  160.800596][ T8645] Symlink component flag not implemented (116)
[  161.575468][  T793] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  161.727446][  T793] usb 4-1: config 0 has an invalid descriptor of length 97, skipping remainder of the config
[  161.731926][  T793] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  161.737540][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.742046][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.746174][  T793] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  161.750979][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 97, changing to 7
[  161.757836][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 24929, setting to 1024
[  161.765321][  T793] usb 4-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[  161.768978][  T793] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.772262][  T793] usb 4-1: Product: syz
[  161.774190][  T793] usb 4-1: Manufacturer: syz
[  161.776538][  T793] usb 4-1: SerialNumber: syz
[  161.780817][  T793] usb 4-1: config 0 descriptor??
[  161.981799][   T13] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.998020][  T793] usb 4-1: ucan: probing device on interface #0
[  162.000571][  T793] usb 4-1: ucan: invalid endpoint configuration
[  162.003123][  T793] usb 4-1: ucan: probe failed; try to update the device firmware
[  162.030044][  T793] usb 4-1: USB disconnect, device number 8
[  162.084268][   T13] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.137473][   T13] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.143551][ T8662] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  162.179002][   T13] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.262413][ T5235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  162.270119][ T5235] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  162.274514][ T5235] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  162.279478][ T5235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  162.282361][ T5235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  162.414625][ T8665] chnl_net:caif_netlink_parms(): no params data found
[  162.848755][ T8671] loop3: detected capacity change from 0 to 32768
[  162.884611][ T8671] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  163.065099][ T7149] ocfs2: Unmounting device (7,3) on (node local)
[  163.071803][ T8665] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.074848][ T8665] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.090007][ T8665] bridge_slave_0: entered allmulticast mode
[  163.094064][ T8665] bridge_slave_0: entered promiscuous mode
[  163.099574][ T8665] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.102475][ T8665] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.112067][ T8665] bridge_slave_1: entered allmulticast mode
[  163.126742][ T8665] bridge_slave_1: entered promiscuous mode
[  163.224624][ T8665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.243105][ T8665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  163.443221][ T8665] team0: Port device team_slave_0 added
[  163.444970][ T8687] delete_channel: no stack
[  163.490905][ T8665] team0: Port device team_slave_1 added
[  163.510154][   T13] bridge_slave_1: left allmulticast mode
[  163.513267][   T13] bridge_slave_1: left promiscuous mode
[  163.516414][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.538808][   T13] bridge_slave_0: left allmulticast mode
[  163.551946][   T13] bridge_slave_0: left promiscuous mode
[  163.560258][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.345363][ T5235] Bluetooth: hci2: command tx timeout
[  164.668973][   T13] bond1 (unregistering): (slave macvlan2): Removing an active aggregator
[  164.676094][   T13] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[  164.780289][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.784378][   T13] bond_slave_0: left promiscuous mode
[  164.791240][   T13] bond_slave_0: left allmulticast mode
[  164.798860][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.802903][   T13] bond_slave_1: left promiscuous mode
[  164.808839][   T13] bond_slave_1: left allmulticast mode
[  164.813078][   T13] bond0 (unregistering): Released all slaves
[  165.025045][   T13] bond1 (unregistering): Released all slaves
[  165.201264][ T8665] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.204807][ T8665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.219888][ T8665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  165.226442][ T8665] batman_adv: batadv0: Adding interface: batadv_slave_1
[  165.229401][ T8665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  165.240548][ T8665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  165.452551][ T8665] hsr_slave_0: entered promiscuous mode
[  165.454807][ T8665] hsr_slave_1: entered promiscuous mode
[  165.461474][ T8665] debugfs: 'hsr0' already exists in 'hsr'
[  165.463879][ T8665] Cannot create hsr debugfs directory
[  165.534355][ T8717] mmap: syz.3.1150 (8717) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  165.566873][   T13] hsr_slave_0: left promiscuous mode
[  165.570503][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  165.573669][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  165.581457][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  165.584784][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.607901][   T13] veth1_macvtap: left promiscuous mode
[  165.610312][   T13] veth0_macvtap: left promiscuous mode
[  165.612903][   T13] veth1_vlan: left promiscuous mode
[  165.617371][   T13] veth0_vlan: left promiscuous mode
[  166.430163][ T5235] Bluetooth: hci2: command tx timeout
[  166.568062][   T13] team0 (unregistering): Port device team_slave_1 removed
[  166.629744][   T13] team0 (unregistering): Port device team_slave_0 removed
[  168.010618][ T8665] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  168.027108][ T8665] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  168.057432][ T8665] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  168.073884][ T8665] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  168.390733][ T8665] 8021q: adding VLAN 0 to HW filter on device bond0
[  168.420818][ T8786] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  168.456330][ T8665] 8021q: adding VLAN 0 to HW filter on device team0
[  168.471442][ T6304] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.474625][ T6304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  168.505401][ T5235] Bluetooth: hci2: command tx timeout
[  168.509346][ T6304] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.512478][ T6304] bridge0: port 2(bridge_slave_1) entered forwarding state
[  168.746436][ T8665] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.876404][ T5979] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  168.904484][ T8665] veth0_vlan: entered promiscuous mode
[  168.910925][ T8665] veth1_vlan: entered promiscuous mode
[  168.933197][ T8665] veth0_macvtap: entered promiscuous mode
[  168.939540][ T8665] veth1_macvtap: entered promiscuous mode
[  168.949938][ T8665] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.958492][ T8665] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.966150][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.969610][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.974469][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.978809][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.029201][ T5979] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  169.036061][ T5979] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.042130][ T5979] usb 4-1: config 0 interface 0 has no altsetting 0
[  169.048436][ T5979] usb 4-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00
[  169.056182][ T5979] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.062285][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.067182][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.070215][ T5979] usb 4-1: config 0 descriptor??
[  169.093908][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.098623][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.612269][ T5979] lenovo 0003:17EF:60EE.0007: hidraw0: USB HID v0.01 Device [HID 17ef:60ee] on usb-dummy_hcd.3-1/input0
[  169.694563][ T5979] lenovo 0003:17EF:60EE.0007: Failed to switch middle button: -71
[  169.699067][ T5979] lenovo 0003:17EF:60EE.0007: Fn-lock setting failed: -71
[  169.704035][ T5979] lenovo 0003:17EF:60EE.0007: Sensitivity setting failed: -71
[  169.740098][ T5979] usb 4-1: USB disconnect, device number 9
[  170.585313][ T5235] Bluetooth: hci2: command tx timeout
[  172.909668][ T8918] loop3: detected capacity change from 0 to 512
[  172.963317][ T8918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  172.990891][ T8918] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 6 (only 1 groups)
[  173.021614][ T7149] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  173.218751][ T8946] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1222'.
[  173.233447][ T8948] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  173.355573][ T8958] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1229'.
[  173.358886][ T8958] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  173.839864][ T8976] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1235'.
[  173.843042][ T8976] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1235'.
[  173.869536][   T34] audit: type=1326 audit(173.730:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8973 comm="syz.4.1234" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f40ee78ec29 code=0x0
[  174.675797][ T8987] random: crng reseeded on system resumption
[  174.687065][ T8987] Restarting kernel threads ...
[  174.689587][ T8987] Done restarting kernel threads.
[  174.909236][ T9003] warning: `syz.4.1247' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  176.136341][  T250] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  176.369156][  T250] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  176.373100][  T250] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.407521][  T250] usb 5-1: config 0 descriptor??
[  176.433261][  T250] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  176.634122][  T250] gp8psk: usb in 128 operation failed.
[  176.839196][  T250] gp8psk: usb in 146 operation failed.
[  176.841640][  T250] gp8psk: failed to get FW version
[  176.844830][  T250] gp8psk: FPGA Version = 0
[  176.940710][ T9072] bpf: Bad value for 'uid'
[  177.045705][  T250] gp8psk: usb in 138 operation failed.
[  177.052242][  T250] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  177.066832][  T250] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  177.085662][  T250] usb 5-1: USB disconnect, device number 2
[  177.451721][ T9093] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1286'.
[  177.455841][ T9093] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1286'.
[  177.979319][ T9126] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1291'.
[  177.983503][ T9126] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  177.993437][ T9126] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  179.679765][   T55] Bluetooth: hci3: unexpected event 0x08 length: 0 < 4
[  179.790642][ T9211] ipvlan0: entered promiscuous mode
[  179.954981][ T9227] netlink: 'syz.3.1309': attribute type 10 has an invalid length.
[  179.973005][ T9227] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.988370][ T9227] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  180.004550][ T9227] bond0: entered promiscuous mode
[  180.007073][ T9227] bond_slave_0: entered promiscuous mode
[  180.009560][ T9227] bond_slave_1: entered promiscuous mode
[  180.012062][ T9227] batadv0: entered promiscuous mode
[  181.152117][ T9295] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1335'.
[  181.156283][ T9295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1335'.
[  181.248383][ T9302] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1338'.
[  181.346163][ T5993] tipc: Subscription rejected, illegal request
[  181.546663][ T9326] trusted_key: encrypted_key: master key parameter is missing
[  181.636153][   T34] audit: type=1326 audit(181.490:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.0.1352" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x0
[  181.703174][ T9338] overlayfs: failed to resolve './file0': -2
[  181.705507][   T55] Bluetooth: hci3: command 0x1003 tx timeout
[  181.707637][ T5235] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  181.853062][ T9347] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1358'.
[  182.256109][   T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  182.425321][   T24] usb 5-1: Using ep0 maxpacket: 32
[  182.429341][   T24] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  182.432799][   T24] usb 5-1: config 0 has no interface number 0
[  182.435641][   T24] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.440013][   T24] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.444120][   T24] usb 5-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  182.447983][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.454340][   T24] usb 5-1: config 0 descriptor??
[  182.554726][ T9362] netlink: 'syz.0.1364': attribute type 16 has an invalid length.
[  182.558384][ T9362] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1364'.
[  182.762675][   T34] audit: type=1326 audit(182.620:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9375 comm="syz.0.1371" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9e14b8ec29 code=0x0
[  183.086920][   T24] input: HID 28bd:0094 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0094.0008/input/input9
[  183.175814][   T24] uclogic 0003:28BD:0094.0008: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.4-1/input1
[  183.294130][   T24] usb 5-1: USB disconnect, device number 3
[  183.922974][ T9422] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1393'.
[  184.095121][ T9432] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1398'.
[  184.405302][  T250] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  184.575400][  T250] usb 5-1: Using ep0 maxpacket: 32
[  184.581988][  T250] usb 5-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b
[  184.585558][  T250] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.588693][  T250] usb 5-1: Product: syz
[  184.590169][  T250] usb 5-1: Manufacturer: syz
[  184.591821][  T250] usb 5-1: SerialNumber: syz
[  184.659946][ T9464] netlink: 'syz.3.1414': attribute type 6 has an invalid length.
[  184.697106][ T9466] cifs: Bad value for 'port'
[  184.764744][ T9470] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1417'.
[  184.801514][  T250] usb 5-1: palm_os_4_probe - error -71 getting connection info
[  184.804671][  T250] visor 5-1:1.0: Handspring Visor / Palm OS converter detected
[  184.811514][  T250] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  184.819819][  T250] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  184.835547][  T250] usb 5-1: USB disconnect, device number 4
[  184.851804][  T250] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  184.875853][  T250] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  184.883002][ T6139] udevd[6139]: setting owner of /dev/ttyUSB1 to uid=0, gid=18 failed: No such file or directory
[  184.889279][  T250] visor 5-1:1.0: device disconnected
[  185.270752][   T34] audit: type=1326 audit(185.130:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.3.1432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  185.281006][   T34] audit: type=1326 audit(185.130:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.3.1432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  185.291312][   T34] audit: type=1326 audit(185.130:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.3.1432" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  185.301613][   T34] audit: type=1326 audit(185.130:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.3.1432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  185.312143][   T34] audit: type=1326 audit(185.130:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.3.1432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  185.323722][   T34] audit: type=1326 audit(185.130:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.3.1432" exe="/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  185.333155][   T34] audit: type=1326 audit(185.130:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.3.1432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  185.358195][   T34] audit: type=1326 audit(185.130:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9500 comm="syz.3.1432" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  187.092918][ T9554] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  187.132956][ T9560] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1303
[  187.198156][ T9564] loop4: detected capacity change from 0 to 512
[  187.205869][ T9564] EXT4-fs: Ignoring removed orlov option
[  187.211532][ T9564] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  187.221237][ T9564] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  187.235745][ T9564] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1461: corrupted in-inode xattr: e_value size too large
[  187.251700][ T9564] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1461: couldn't read orphan inode 15 (err -117)
[  187.257110][ T9564] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.288424][   T34] audit: type=1804 audit(187.150:53): pid=9564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1461" name="/newroot/44/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop4" ino=18 res=1 errno=0
[  187.315253][   T34] audit: type=1800 audit(187.150:54): pid=9564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1461" name="bus" dev="loop4" ino=18 res=0 errno=0
[  187.340810][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.372816][ T9576] overlayfs: failed to clone upperpath
[  187.914186][   T34] audit: type=1326 audit(187.770:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9602 comm="syz.0.1479" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x0
[  189.394010][ T9634] lo speed is unknown, defaulting to 1000
[  189.397152][ T9634] lo speed is unknown, defaulting to 1000
[  189.414147][ T9634] lo speed is unknown, defaulting to 1000
[  189.443931][ T9634] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  189.501940][ T9634] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  189.693854][ T9634] lo speed is unknown, defaulting to 1000
[  189.698275][ T9634] lo speed is unknown, defaulting to 1000
[  189.701932][ T9634] lo speed is unknown, defaulting to 1000
[  190.274875][ T9657] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1502'.
[  191.188776][ T9696] overlayfs: failed to clone upperpath
[  191.258044][ T9700] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1522'.
[  192.092104][ T9727] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1536'.
[  192.201265][ T9740] tmpfs: Bad value for 'mpol'
[  192.211632][ T9742] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1542'.
[  192.823025][ T9775] loop4: detected capacity change from 0 to 32768
[  192.830911][ T9775] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1558 (9775)
[  192.859995][ T9775] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  192.867456][ T9775] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  192.926852][ T9775] BTRFS info (device loop4): enabling ssd optimizations
[  192.929670][ T9775] BTRFS info (device loop4): enabling free space tree
[  192.932447][ T9775] BTRFS info (device loop4): use zstd compression, level 3
[  193.088346][ T8665] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  193.363140][ T9825] dvmrp9: entered allmulticast mode
[  193.485298][ T9830] loop4: detected capacity change from 0 to 1024
[  193.488507][ T9830] EXT4-fs: Ignoring removed oldalloc option
[  193.490865][ T9830] EXT4-fs: Ignoring removed orlov option
[  193.493807][ T9830] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  193.519401][ T9830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.537020][ T9830] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1577: Allocating blocks 497-513 which overlap fs metadata
[  193.570858][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.279136][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  194.623751][ T9866] loop4: detected capacity change from 0 to 2048
[  194.647770][ T9866] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  195.083388][ T9897] netlink: 'syz.4.1605': attribute type 10 has an invalid length.
[  195.103593][ T9897] team0: Port device geneve1 added
[  195.142952][ T9903] IPv6: addrconf: prefix option has invalid lifetime
[  195.425303][   T24] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  195.575396][   T24] usb 5-1: Using ep0 maxpacket: 8
[  195.580103][   T24] usb 5-1: config 0 has an invalid interface number: 148 but max is 0
[  195.582959][   T24] usb 5-1: config 0 has no interface number 0
[  195.587040][   T24] usb 5-1: New USB device found, idVendor=0d46, idProduct=2012, bcdDevice=4d.36
[  195.589904][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.592353][   T24] usb 5-1: Product: syz
[  195.593729][   T24] usb 5-1: Manufacturer: syz
[  195.597235][   T24] usb 5-1: SerialNumber: syz
[  195.603189][   T24] usb 5-1: config 0 descriptor??
[  195.606916][   T24] kobil_sct 5-1:0.148: KOBIL USB smart card terminal converter detected
[  195.612224][   T24] usb 5-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  195.812739][   T10] usb 5-1: USB disconnect, device number 5
[  195.821727][   T10] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  195.827772][   T10] kobil_sct 5-1:0.148: device disconnected
[  196.268431][   T55] Bluetooth: hci1: command 0x0406 tx timeout
[  197.764394][T10012] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1660'.
[  197.771115][T10012] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1660'.
[  197.979011][T10021] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  198.359722][T10044] loop4: detected capacity change from 0 to 512
[  198.363738][T10044] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  198.380666][T10044] EXT4-fs (loop4): 1 truncate cleaned up
[  198.383330][T10037] lo speed is unknown, defaulting to 1000
[  198.388793][T10044] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.422033][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.473476][T10050] loop4: detected capacity change from 0 to 1764
[  199.230251][T10094] netlink: 'syz.4.1694': attribute type 10 has an invalid length.
[  199.247067][T10094] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.261800][T10094] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  200.662420][T10110] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1703'.
[  201.067723][T10117] overlayfs: failed to clone upperpath
[  201.849219][T10127] loop4: detected capacity change from 0 to 32768
[  201.957905][T10140] loop4: detected capacity change from 0 to 256
[  201.966739][T10140] exfat: Deprecated parameter 'namecase'
[  201.975095][T10140] exfat: Deprecated parameter 'utf8'
[  201.978746][T10140] exfat: Deprecated parameter 'namecase'
[  201.980723][T10140] exfat: Bad value for 'namecase'
[  202.198455][T10153] kAFS: unable to lookup cell 'syz0.riX<̧+R!K+K4[Ed<6c7(n@8A5W/7|{?hT8#&3r?3U<G`-ǾQ8%$lHYL5еY^!!\p"3!
[  202.198455][T10153] h1#-*E=)"6<H#.L([1huC8yaH'(lړ+#-nоYM%'
[  204.241403][   T34] audit: type=1326 audit(204.100:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.3.1727" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x0
[  204.286923][T10173] loop4: detected capacity change from 0 to 256
[  204.291201][T10173] exfat: Deprecated parameter 'namecase'
[  204.312153][T10173] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  204.318350][T10173] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  204.529972][T10176] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.543052][T10199] cgroup: subsys name conflicts with all
[  205.642503][T10205] loop4: detected capacity change from 0 to 1024
[  205.989353][T10220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1750'.
[  205.993369][T10220] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1750'.
[  206.534908][   T53] hfsplus: b-tree write err: -5, ino 4
[  206.582571][T10234] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1757'.
[  206.993570][T10258] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1768'.
[  207.576004][T10273] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1775'.
[  207.651587][  T250] usb 5-1: new low-speed USB device number 6 using dummy_hcd
[  207.831963][  T250] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  207.841095][  T250] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.848658][  T250] usb 5-1: config 0 descriptor??
[  208.013432][T10295] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  208.465350][   T34] audit: type=1326 audit(208.250:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  208.506098][  T793] IPVS: starting estimator thread 0...
[  208.515909][   T34] audit: type=1326 audit(208.250:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  208.559173][   T34] audit: type=1326 audit(208.250:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  208.572417][   T34] audit: type=1326 audit(208.250:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  208.580512][   T34] audit: type=1326 audit(208.250:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  208.589134][   T34] audit: type=1326 audit(208.250:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  208.596573][   T34] audit: type=1326 audit(208.250:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  208.606690][   T34] audit: type=1326 audit(208.250:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  208.607150][T10310] IPVS: using max 52 ests per chain, 124800 per kthread
[  208.614983][   T34] audit: type=1326 audit(208.250:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10300 comm="syz.0.1789" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  209.921942][  T250] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  209.926512][  T250] asix 5-1:0.0: probe with driver asix failed with error -71
[  209.932474][  T250] usb 5-1: USB disconnect, device number 6
[  210.479365][T10383] loop4: detected capacity change from 0 to 128
[  210.532454][T10383] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  210.553629][T10383] 9pnet: p9_errstr2errno: server reported unknown error I<d,b7}G}cw{OMM O>v.</Ouu
[  210.797416][ T8665] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  210.872061][T10392] loop4: detected capacity change from 0 to 64
[  211.736534][T10410] lo speed is unknown, defaulting to 1000
[  212.368966][T10451] netlink: 'syz.4.1852': attribute type 37 has an invalid length.
[  212.764250][T10466] loop4: detected capacity change from 0 to 512
[  212.770321][T10466] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  212.777445][T10466] FAT-fs (loop4): FAT read failed (blocknr 1568)
[  213.052094][T10485] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1866'.
[  213.270003][T10497] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1872'.
[  213.520567][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  213.524363][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  213.529057][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  213.532844][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  213.538734][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  213.542479][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  213.546662][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  213.550467][T10514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1880'.
[  214.144831][  T250] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  214.258288][T10543] F2FS-fs: Conflicting test_dummy_encryption options
[  214.595298][  T250] usb 5-1: Using ep0 maxpacket: 8
[  214.600787][  T250] usb 5-1: config 2 has an invalid interface number: 31 but max is 0
[  214.604204][  T250] usb 5-1: config 2 has no interface number 0
[  214.608968][  T250] usb 5-1: config 2 interface 31 has no altsetting 0
[  214.614794][  T250] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  214.620756][  T250] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.625880][  T250] usb 5-1: Product: syz
[  214.627740][  T250] usb 5-1: Manufacturer: syz
[  214.629746][  T250] usb 5-1: SerialNumber: syz
[  214.637638][  T250] ch9200 5-1:2.31: probe with driver ch9200 failed with error -22
[  214.851995][ T6002] usb 5-1: USB disconnect, device number 7
[  215.022908][T10553] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  215.491870][T10567] loop4: detected capacity change from 0 to 1024
[  215.500780][T10567] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.509069][T10567] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  215.515759][T10567] EXT4-fs (loop4): orphan cleanup on readonly fs
[  215.525609][T10567] EXT4-fs error (device loop4): ext4_quota_enable:7124: comm syz.4.1904: Bad quota inum: 458752, type: 1
[  215.530814][T10567] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=458752). Please run e2fsck to fix.
[  215.538885][T10567] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  215.543588][T10567] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  215.569578][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.571107][T10572] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  215.595663][   T24] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  216.246026][  T793] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  216.249266][   T55] Bluetooth: hci1: unexpected event for opcode 0x0c24
[  216.285795][T10609] MTD: Couldn't look up '/dev/nullb0': -15
[  216.288484][T10609] /dev/nullb0: Can't lookup blockdev
[  216.505711][   T34] kauditd_printk_skb: 29 callbacks suppressed
[  216.505729][   T34] audit: type=1326 audit(216.360:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.519205][   T34] audit: type=1326 audit(216.360:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.531142][   T34] audit: type=1326 audit(216.390:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.541379][   T34] audit: type=1326 audit(216.390:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.549179][   T34] audit: type=1326 audit(216.400:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.558783][   T34] audit: type=1326 audit(216.400:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.567794][   T34] audit: type=1326 audit(216.400:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.575141][   T34] audit: type=1326 audit(216.400:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.583088][   T34] audit: type=1326 audit(216.400:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.592441][   T34] audit: type=1326 audit(216.400:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10620 comm="syz.0.1930" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  216.687765][T10634] netlink: 'syz.0.1936': attribute type 8 has an invalid length.
[  217.323425][T10650] loop4: detected capacity change from 0 to 128
[  217.699476][T10673] IPVS: set_ctl: invalid protocol: 0 172.20.20.31:20000
[  217.744839][T10675] loop4: detected capacity change from 0 to 2048
[  217.749976][T10677] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) !
[  217.764150][T10675] udf: Unknown parameter 'unide'
[  218.073745][   T55] Bluetooth: hci1: unexpected event for opcode 0x200b
[  218.097890][T10698] __nla_validate_parse: 44 callbacks suppressed
[  218.097910][T10698] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1966'.
[  218.104278][T10698] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1966'.
[  218.152363][T10702] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1967'.
[  218.208568][  T793] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  218.367352][  T793] usb 5-1: Using ep0 maxpacket: 8
[  218.371819][  T793] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  218.379050][  T793] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  218.383860][  T793] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  218.389040][  T793] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  218.393134][  T793] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  218.400948][  T793] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  218.404767][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.408430][  T793] usb 5-1: Product: syz
[  218.412841][  T793] usb 5-1: Manufacturer: syz
[  218.415101][  T793] usb 5-1: SerialNumber: syz
[  218.423257][  T793] usb 5-1: config 0 descriptor??
[  218.433108][  T793] imon:imon_init_intf0: usb_submit_urb failed for intf0 (-90)
[  218.438277][  T793] imon 5-1:0.0: unable to initialize intf0, err -90
[  218.441138][  T793] imon:imon_probe: failed to initialize context!
[  218.443992][  T793] imon 5-1:0.0: unable to register, err -19
[  218.557746][T10723] batman_adv: batadv0: adding TT local entry 24:02:48:ff:05:00 to non-existent VLAN 3946
[  218.732645][  T793] usb 5-1: USB disconnect, device number 8
[  219.752871][T10736] loop4: detected capacity change from 0 to 32768
[  219.779075][T10736] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  219.785393][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  219.790869][T10736] XFS (loop4): Ending clean mount
[  219.833731][ T8665] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  220.270002][   T55] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  220.272810][   T55] Bluetooth: hci1: Injecting HCI hardware error event
[  220.278708][ T5235] Bluetooth: hci1: hardware error 0x00
[  220.287891][T10762] loop4: detected capacity change from 0 to 32768
[  220.310485][T10762] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  220.365819][T10762] XFS (loop4): Ending clean mount
[  220.387761][ T8665] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  220.762455][T10808] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2006'.
[  220.788164][T10810] netlink: 136 bytes leftover after parsing attributes in process `syz.3.2007'.
[  220.816309][T10798] loop4: detected capacity change from 0 to 32768
[  221.144861][T10820] IPv4: Oversized IP packet from 127.202.26.0
[  221.195522][ T6002] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  221.355525][ T6002] usb 5-1: Using ep0 maxpacket: 16
[  221.359989][ T6002] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  221.365217][ T6002] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576
[  221.368513][ T6002] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  221.373535][ T6002] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  221.382462][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  221.385690][ T6002] usb 5-1: SerialNumber: syz
[  221.394282][T10816] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  221.400144][ T6002] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  221.531744][T10844] netlink: 'syz.3.2024': attribute type 2 has an invalid length.
[  221.535123][T10844] netlink: 1184 bytes leftover after parsing attributes in process `syz.3.2024'.
[  221.602437][ T6002] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[  221.613894][ T6002] usb 5-1: USB disconnect, device number 9
[  222.425902][ T5235] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  222.927326][T10881] loop4: detected capacity change from 0 to 512
[  222.934813][T10881] EXT4-fs: Ignoring removed oldalloc option
[  222.962757][T10881] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  223.052409][T10881] EXT4-fs (loop4): 1 truncate cleaned up
[  223.059923][T10881] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.122647][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.631292][T10900] binder: 10898:10900 unknown command 0
[  223.631342][T10899] binder: 10898:10899 ioctl c0306201 200000000540 returned -14
[  223.633488][T10900] binder: 10898:10900 ioctl c0306201 200000000640 returned -22
[  223.915388][ T6002] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  224.248904][ T6002] usb 5-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  224.251996][ T6002] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.254658][ T6002] usb 5-1: Product: syz
[  224.256195][ T6002] usb 5-1: Manufacturer: syz
[  224.257798][ T6002] usb 5-1: SerialNumber: syz
[  224.261115][ T6002] usb 5-1: config 0 descriptor??
[  224.304275][T10930] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2060'.
[  224.466286][ T6002] airspy 5-1:0.0: usb_control_msg() failed -71 request 09
[  224.468729][ T6002] airspy 5-1:0.0: Could not detect board
[  224.470639][ T6002] airspy 5-1:0.0: probe with driver airspy failed with error -71
[  224.480525][ T6002] usb 5-1: USB disconnect, device number 10
[  225.369466][T10970] loop4: detected capacity change from 0 to 512
[  225.379107][T10970] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.2079: casefold flag without casefold feature
[  225.384626][T10970] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2079: couldn't read orphan inode 15 (err -117)
[  225.402312][T10970] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.415001][T10970] EXT4-fs error (device loop4): ext4_empty_dir:3077: inode #2: comm syz.4.2079: invalid size
[  225.441025][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.795302][ T6002] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  225.957983][ T6002] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  225.964186][ T6002] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  225.974166][ T6002] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  225.978964][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.984383][ T6002] usb 5-1: config 0 descriptor??
[  225.995131][ T6002] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  225.999218][ T6002] dvb-usb: bulk message failed: -22 (3/0)
[  226.013138][ T6002] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  226.019317][ T6002] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  226.022310][ T6002] usb 5-1: media controller created
[  226.026173][ T6002] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  226.038532][ T6002] dvb-usb: bulk message failed: -22 (6/0)
[  226.040838][ T6002] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  226.055481][ T6002] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input10
[  226.067067][ T6002] dvb-usb: schedule remote query interval to 150 msecs.
[  226.070087][ T6002] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  226.197117][ T6002] usb 5-1: USB disconnect, device number 11
[  226.251106][ T6002] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  228.046283][T11095] ip6tnl1: entered promiscuous mode
[  228.502109][T11106] vcan0: tx drop: invalid da for name 0x0000000000000002
[  228.581210][T11110] team0: Cannot enslave team device to itself
[  228.908001][T11126] futex_wake_op: syz.3.2150 tries to shift op by 32; fix this program
[  229.044815][T11134] loop4: detected capacity change from 0 to 128
[  229.145089][T11138] syz.4.2154: attempt to access beyond end of device
[  229.145089][T11138] loop4: rw=1, sector=145, nr_sectors = 85 limit=128
[  230.418399][   T34] kauditd_printk_skb: 43 callbacks suppressed
[  230.418414][   T34] audit: type=1326 audit(230.280:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.2177" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  230.454889][   T34] audit: type=1326 audit(230.290:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.2177" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  230.473138][   T34] audit: type=1326 audit(230.300:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.2177" exe="/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  230.477170][T11179] loop4: detected capacity change from 0 to 32768
[  230.500883][   T34] audit: type=1326 audit(230.300:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.2177" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  230.534476][   T34] audit: type=1326 audit(230.300:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.2177" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  230.548571][   T34] audit: type=1326 audit(230.300:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.2177" exe="/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  230.558376][   T34] audit: type=1326 audit(230.300:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.2177" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  230.569006][   T34] audit: type=1326 audit(230.300:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11184 comm="syz.0.2177" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  230.577130][T11179] read_mapping_page failed!
[  230.577172][T11179] ERROR: (device loop4): txCommit: 
[  230.577172][T11179] 
[  230.686206][T11195] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2183'.
[  231.020376][T11203] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2181'.
[  231.256609][T11209] loop4: detected capacity change from 0 to 32768
[  231.262882][T11209] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2187 (11209)
[  231.284306][T11209] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  231.290091][T11209] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  231.314621][T11209] BTRFS info (device loop4): rebuilding free space tree
[  231.345027][T11209] BTRFS info (device loop4): disabling free space tree
[  231.348348][T11209] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  231.353567][T11209] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  231.364369][T11209] BTRFS info (device loop4): enabling ssd optimizations
[  231.368939][T11209] BTRFS info (device loop4): turning on sync discard
[  231.371890][T11209] BTRFS info (device loop4): force clearing of disk cache
[  231.375010][T11209] BTRFS info (device loop4): max_inline set to 0
[  231.397853][T11209] BTRFS info (device loop4 state M): max_inline set to 0
[  231.402091][T11209] BTRFS info (device loop4 state M): max_inline set to 0
[  231.450039][ T8665] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  231.763826][T11238] loop4: detected capacity change from 0 to 1024
[  231.804915][T11238] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.816729][T11245] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2195'.
[  231.862960][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.596681][T11305] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2216'.
[  234.599899][T11305] netlink: 336 bytes leftover after parsing attributes in process `syz.4.2216'.
[  234.649989][   T34] audit: type=1326 audit(234.510:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11307 comm="syz.0.2217" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  234.665982][   T34] audit: type=1326 audit(234.510:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11307 comm="syz.0.2217" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  234.792136][T11323] netlink: 'syz.0.2225': attribute type 14 has an invalid length.
[  234.797424][T11323] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2225'.
[  234.812174][ T5993] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  234.812265][T11323] netlink: 'syz.0.2225': attribute type 14 has an invalid length.
[  234.819496][T11323] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2225'.
[  234.827202][ T5993] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  234.836034][ T5993] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  234.839750][ T5993] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  234.890720][T11331] trusted_key: syz.3.2228 sent an empty control message without MSG_MORE.
[  235.172479][T11337] overlayfs: failed to clone lowerpath
[  236.506038][T11338] ALSA: mixer_oss: invalid OSS volume ''
[  236.915420][ T5313] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  237.065373][ T5313] usb 5-1: Using ep0 maxpacket: 32
[  237.069569][ T5313] usb 5-1: config 0 interface 0 has no altsetting 0
[  237.074556][ T5313] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  237.080184][ T5313] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.083410][ T5313] usb 5-1: Product: syz
[  237.085395][ T5313] usb 5-1: Manufacturer: syz
[  237.087335][ T5313] usb 5-1: SerialNumber: syz
[  237.091742][ T5313] usb 5-1: config 0 descriptor??
[  237.444910][T11386] overlayfs: failed to clone lowerpath
[  237.543012][ T5313] gs_usb 5-1:0.0: Configuring for 2 interfaces
[  237.743138][ T5313] gs_usb 5-1:0.0: Couldn't get bit timing const for channel 0 (-EPROTO)
[  237.746463][ T5313] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -71
[  237.751813][ T5313] usb 5-1: USB disconnect, device number 12
[  238.460347][   T34] kauditd_printk_skb: 3 callbacks suppressed
[  238.460357][   T34] audit: type=1326 audit(238.320:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.2269" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  238.474124][   T34] audit: type=1326 audit(238.320:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.2269" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  238.485842][   T34] audit: type=1326 audit(238.320:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="syz.3.2269" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  238.494106][   T34] audit: type=1326 audit(238.320:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  238.505560][   T34] audit: type=1326 audit(238.320:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  238.512421][   T34] audit: type=1326 audit(238.320:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  238.532229][   T34] audit: type=1326 audit(238.320:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  238.539825][   T34] audit: type=1326 audit(238.320:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11420 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x7ffc0000
[  239.262814][T11444] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2279'.
[  239.396006][T11446] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2280'.
[  241.213525][T11502] CUSE: unknown device info ""
[  241.217110][T11502] CUSE: zero length info key specified
[  241.595476][ T5313] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  241.746143][ T5313] usb 5-1: Using ep0 maxpacket: 8
[  241.750176][ T5313] usb 5-1: config 0 has an invalid interface number: 246 but max is 0
[  241.753730][ T5313] usb 5-1: config 0 has no interface number 0
[  241.758907][ T5313] usb 5-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  241.762756][ T5313] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.766459][ T5313] usb 5-1: Product: syz
[  241.768297][ T5313] usb 5-1: Manufacturer: syz
[  241.770295][ T5313] usb 5-1: SerialNumber: syz
[  241.774625][ T5313] usb 5-1: config 0 descriptor??
[  241.825335][ T5313] msi2500 5-1:0.246: Registered as swradio24
[  241.827836][ T5313] msi2500 5-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  241.992710][ T6002] usb 5-1: USB disconnect, device number 13
[  242.053073][T11529] netlink: 'syz.0.2317': attribute type 13 has an invalid length.
[  242.085615][T11529] gretap0: refused to change device tx_queue_len
[  242.092860][T11529] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  242.543340][T11548] netlink: 'syz.3.2326': attribute type 1 has an invalid length.
[  242.642061][T11559] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2332'.
[  242.646601][T11559] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2332'.
[  242.657863][T11559] bridge0: port 3(vlan2) entered blocking state
[  242.661094][T11559] bridge0: port 3(vlan2) entered disabled state
[  242.663953][T11559] vlan2: entered allmulticast mode
[  242.666150][T11559] bridge0: entered allmulticast mode
[  242.672865][T11559] vlan2: left allmulticast mode
[  242.674606][T11559] bridge0: left allmulticast mode
[  242.711932][T11565] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2335'.
[  242.720503][T11565] sch_tbf: burst 6 is lower than device team_slave_0 mtu (1514) !
[  243.059286][T11575] loop4: detected capacity change from 0 to 32768
[  243.076046][T11575] 
[  243.076046][T11575]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  243.076046][T11575] 
[  243.106069][ T9165] ERROR: (device loop4): diWrite: ixpxd invalid
[  243.106069][ T9165] 
[  243.115019][ T9165] ERROR: (device loop4): txCommit: 
[  243.115019][ T9165] 
[  243.119034][ T9165] jfs_write_inode: jfs_commit_inode failed!
[  243.122846][ T8665] 
[  243.122846][ T8665]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  243.122846][ T8665] 
[  243.129657][ T8665] 
[  243.129657][ T8665]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  243.129657][ T8665] 
[  244.139360][T11633] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  245.358050][T11660] overlayfs: failed to resolve './file0': -2
[  245.667586][T11672] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2383'.
[  245.678377][T11672] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2383'.
[  245.694058][T11672] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2383'.
[  245.767786][T11682] fuse: root generation should be zero
[  245.894055][T11689] loop4: detected capacity change from 0 to 256
[  245.913829][T11689] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x467a0815, utbl_chksum : 0xe619d30d)
[  245.921305][T11689] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  246.708091][T11724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  246.711795][T11724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  246.722460][T11724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  246.728685][T11724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  246.733273][T11724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  246.746640][T11724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  246.750413][T11724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  246.756430][ T5235] Bluetooth: hci2: unexpected subevent 0x0a length: 1 < 30
[  246.887903][T11736] cgroup: Invalid name
[  247.371776][T11764] loop4: detected capacity change from 0 to 2048
[  247.394885][T11764] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  247.532703][T11772] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  247.548214][T11772] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1074 with error 28
[  247.553454][T11772] EXT4-fs (loop4): This should not happen!! Data will be lost
[  247.553454][T11772] 
[  247.558650][T11772] EXT4-fs (loop4): Total free blocks count 0
[  247.561128][T11772] EXT4-fs (loop4): Free/Dirty block details
[  247.563613][T11772] EXT4-fs (loop4): free_blocks=2415919104
[  247.567899][T11772] EXT4-fs (loop4): dirty_blocks=1088
[  247.570197][T11772] EXT4-fs (loop4): Block reservation details
[  247.572585][T11772] EXT4-fs (loop4): i_reserved_data_blocks=68
[  247.644678][ T1228] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  248.457540][   T10] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  248.695505][   T10] usb 5-1: config 0 has an invalid interface number: 168 but max is 0
[  248.702347][   T10] usb 5-1: config 0 has no interface number 0
[  248.708344][   T10] usb 5-1: config 0 interface 168 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  248.717038][   T10] usb 5-1: config 0 interface 168 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  248.721883][   T10] usb 5-1: config 0 interface 168 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  248.726824][   T10] usb 5-1: New USB device found, idVendor=06cd, idProduct=0135, bcdDevice=a8.a4
[  248.731072][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.739705][   T10] usb 5-1: config 0 descriptor??
[  248.743489][T11804] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  248.954924][   T10] usb 5-1: string descriptor 0 read error: -71
[  248.962800][   T10] keyspan 5-1:0.168: Keyspan 2 port adapter converter detected
[  248.966902][   T10] keyspan 5-1:0.168: found no endpoint descriptor for endpoint 1
[  248.974318][   T10] keyspan 5-1:0.168: found no endpoint descriptor for endpoint 84
[  248.982190][   T10] keyspan 5-1:0.168: found no endpoint descriptor for endpoint 2
[  248.990054][   T10] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  248.998829][   T10] keyspan 5-1:0.168: found no endpoint descriptor for endpoint 88
[  249.002255][   T10] keyspan 5-1:0.168: found no endpoint descriptor for endpoint 6
[  249.073384][   T10] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  249.080766][   T10] usb 5-1: USB disconnect, device number 14
[  249.092956][   T10] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  249.104174][   T10] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  249.115762][   T10] keyspan 5-1:0.168: device disconnected
[  249.346613][T11836] overlayfs: failed to clone upperpath
[  250.769890][T11860] 9pnet_fd: Insufficient options for proto=fd
[  251.319697][T11881] loop4: detected capacity change from 0 to 1024
[  251.357909][   T53] hfsplus: b-tree write err: -5, ino 4
[  251.479549][T11892] libceph: resolve '0' (ret=-3): failed
[  251.522863][T11895] evm: overlay not supported
[  251.851335][T11928] Option 'TXƮ' to dns_resolver key: bad/missing value
[  251.925740][T11936] loop4: detected capacity change from 0 to 256
[  251.959099][   T34] audit: type=1326 audit(251.820:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11934 comm="syz.0.2505" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9e14b8ec29 code=0x0
[  252.187949][T11948] 9pnet_fd: Insufficient options for proto=fd
[  253.661641][T11987] __nla_validate_parse: 46 callbacks suppressed
[  253.661662][T11987] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2527'.
[  253.696718][   T12] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  253.696827][T11987] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2527'.
[  253.700593][   T12] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  253.721765][   T12] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  253.734272][   T12] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  253.872441][   T34] audit: type=1326 audit(253.730:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz.0.2533" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  253.897931][   T34] audit: type=1326 audit(253.730:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz.0.2533" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  253.919584][   T34] audit: type=1326 audit(253.730:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz.0.2533" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  253.939056][   T34] audit: type=1326 audit(253.730:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz.0.2533" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  253.960886][   T34] audit: type=1326 audit(253.730:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz.0.2533" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  253.962141][T12005] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2536'.
[  253.991501][   T34] audit: type=1326 audit(253.730:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz.0.2533" exe="/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  254.004438][   T34] audit: type=1326 audit(253.730:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz.0.2533" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  254.014159][   T34] audit: type=1326 audit(253.730:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11998 comm="syz.0.2533" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  254.197845][ T5235] Bluetooth: hci2: unknown advertising packet type: 0x82
[  254.197912][ T5235] Bluetooth: hci2: Malformed LE Event: 0x02
[  254.600769][T12030] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  254.748781][T12031] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2547'.
[  254.862393][T12035] tc_dump_action: action bad kind
[  255.277910][T12061] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2562'.
[  255.630243][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  257.253398][T12130] Bluetooth: MGMT ver 1.23
[  257.594870][T12160] Can't find a SQUASHFS superblock on nullb0
[  257.724698][   T55] Bluetooth: hci0: command 0x0406 tx timeout
[  257.798623][T12175] loop4: detected capacity change from 0 to 256
[  257.804882][T12175] FAT-fs (loop4): bogus number of FAT sectors
[  257.809509][T12175] FAT-fs (loop4): Can't find a valid FAT filesystem
[  257.942797][T12184] loop4: detected capacity change from 0 to 1024
[  257.953853][T12184] EXT4-fs: inline encryption not supported
[  257.966980][T12184] EXT4-fs: Ignoring removed i_version option
[  257.974026][T12186] tipc: Started in network mode
[  257.978955][T12186] tipc: Node identity 5e30d37c3796, cluster identity 4711
[  257.982451][T12186] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  258.007845][T12184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  258.033414][T12184] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.2619: lblock 3 mapped to illegal pblock 3 (length 1)
[  258.042479][T12184] EXT4-fs (loop4): Remounting filesystem read-only
[  258.166948][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  259.099532][ T6002] tipc: Node number set to 1772540796
[  259.291937][T12217] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.2633'.
[  259.914977][T12240] overlayfs: failed to clone upperpath
[  260.565669][ T5313] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  260.715362][ T5313] usb 5-1: Using ep0 maxpacket: 16
[  260.721861][ T5313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.726709][ T5313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.730898][ T5313] usb 5-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00
[  260.734829][ T5313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.741561][T12272] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2656'.
[  260.753268][ T5313] usb 5-1: config 0 descriptor??
[  261.205972][ T5313] input: HID 0458:5012 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5012.0009/input/input11
[  261.279946][ T5313] input: HID 0458:5012 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5012.0009/input/input12
[  261.351133][ T5313] kye 0003:0458:5012.0009: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5012] on usb-dummy_hcd.4-1/input0
[  261.404944][ T6002] usb 5-1: USB disconnect, device number 15
[  261.756571][T12306] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_hsr, syncid = 0, id = 0
[  263.359776][T12345] loop4: detected capacity change from 0 to 32768
[  263.530696][T12345] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  263.537395][T12345] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  263.600783][T12345] XFS (loop4): Ending clean mount
[  263.906343][ T8665] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  264.124788][T12372] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  264.130053][T12372] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  264.237906][T12377] netlink: 'syz.4.2697': attribute type 3 has an invalid length.
[  264.241335][T12377] netlink: 'syz.4.2697': attribute type 16 has an invalid length.
[  264.244713][T12377] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2697'.
[  264.561614][T12383] loop4: detected capacity change from 0 to 4096
[  264.579815][T12383] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  264.597990][T12383] ntfs3(loop4): MFT: r=1, expect seq=1 instead of 0!
[  264.600800][T12383] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  264.611246][T12383] ntfs3(loop4): Failed to load $MFTMirr (-22).
[  264.712787][T12387] loop4: detected capacity change from 0 to 64
[  264.757931][T12387] Trying to free block not in datazone
[  264.857000][T12389] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2703'.
[  265.201169][T12399] erspan0: entered promiscuous mode
[  265.244948][T12401] cgroup: No subsys list or none specified
[  265.621586][T12418] loop4: detected capacity change from 0 to 256
[  265.630297][T12418] FAT-fs (loop4): Directory bread(block 1285) failed
[  265.640042][T12418] FAT-fs (loop4): Directory bread(block 1285) failed
[  265.646968][T12418] FAT-fs (loop4): FAT read failed (blocknr 1281)
[  265.850862][T12434] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  266.379434][T12452] ip6tnl3: entered promiscuous mode
[  266.381761][T12452] ip6tnl3: entered allmulticast mode
[  267.219617][T12472] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2741'.
[  267.283664][T12474] netlink: 'syz.4.2742': attribute type 3 has an invalid length.
[  267.575695][ T6002] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  267.727679][ T6002] usb 5-1: config 1 has an invalid interface number: 105 but max is 0
[  267.731396][ T6002] usb 5-1: config 1 has no interface number 0
[  267.734009][ T6002] usb 5-1: config 1 interface 105 has no altsetting 0
[  267.743671][ T6002] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  267.747931][ T6002] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.751429][ T6002] usb 5-1: Product: syz
[  267.753307][ T6002] usb 5-1: Manufacturer: syz
[  267.755427][ T6002] usb 5-1: SerialNumber: syz
[  268.369690][ T6002] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  268.379936][ T6002] aqc111 5-1:1.105: probe with driver aqc111 failed with error -71
[  268.399176][ T6002] usb 5-1: USB disconnect, device number 16
[  269.254924][   T34] audit: type=1107 audit(269.110:178): pid=12549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  269.438453][ T6002] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  269.563394][T12572] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2789'.
[  269.611275][ T6002] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  269.616503][ T6002] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.625305][ T6002] usb 5-1: Product: syz
[  269.627288][ T6002] usb 5-1: Manufacturer: syz
[  269.629276][ T6002] usb 5-1: SerialNumber: syz
[  269.652761][ T6002] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  269.703726][   T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  269.852763][T12590] overlayfs: failed to clone lowerpath
[  270.136783][ T5313] usb 5-1: USB disconnect, device number 17
[  270.835098][   T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  270.842703][   T10] ath9k_htc: Failed to initialize the device
[  270.867515][ T5313] usb 5-1: ath9k_htc: USB layer deinitialized
[  270.903140][T12606] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  271.148776][T12614] loop4: detected capacity change from 0 to 1024
[  271.688216][T12651] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2824'.
[  271.760033][T12657] loop4: detected capacity change from 0 to 256
[  271.763152][T12657] exfat: Deprecated parameter 'namecase'
[  271.766462][T12657] exfat: Deprecated parameter 'namecase'
[  271.773176][T12657] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  272.531708][T12674] loop4: detected capacity change from 0 to 32768
[  272.743792][T12674] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  272.743813][T12674]   allowing incompatible features above 0.0: (unknown version)
[  272.743821][T12674]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  272.786380][T12674] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  272.792073][T12674] bcachefs (loop4): initializing new filesystem
[  272.814375][T12674] bcachefs (loop4): going read-write
[  272.835954][T12674] bcachefs (loop4): marking superblocks
[  272.889224][T12674] bcachefs (loop4): initializing freespace
[  272.903445][T12674] bcachefs (loop4): done initializing freespace
[  272.920341][T12674] bcachefs (loop4): reading snapshots table
[  272.923157][T12674] bcachefs (loop4): reading snapshots done
[  272.978906][T12674] bcachefs (loop4): done starting filesystem
[  273.131217][T12674] syz.4.2836 (12674) used greatest stack depth: 16760 bytes left
[  273.167128][ T8665] bcachefs (loop4): shutting down
[  273.168922][ T8665] bcachefs (loop4): going read-only
[  273.170992][ T8665] bcachefs (loop4): finished waiting for writes to stop
[  273.183582][ T8665] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  273.298171][ T8665] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  273.305127][ T8665] bcachefs (loop4): clean shutdown complete, journal seq 4
[  273.312670][ T8665] bcachefs (loop4): marking filesystem clean
[  273.371689][ T8665] bcachefs (loop4): shutdown complete
[  273.409835][T12714] netlink: 'syz.0.2849': attribute type 1 has an invalid length.
[  273.472167][T12714] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  273.484714][   T12] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  273.492312][T12714] 8021q: adding VLAN 0 to HW filter on device bond3
[  273.524935][T12714] veth3: entered promiscuous mode
[  273.531045][T12714] bond3: (slave veth3): Enslaving as a backup interface with a down link
[  273.606341][   T12] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  273.629405][T12728] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  273.803782][T12745] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  273.847948][T12747] netlink: 'syz.0.2864': attribute type 3 has an invalid length.
[  274.407255][T12771] netlink: 'syz.0.2876': attribute type 1 has an invalid length.
[  274.428982][T12771] 8021q: adding VLAN 0 to HW filter on device bond4
[  274.453917][T12771] 8021q: adding VLAN 0 to HW filter on device batadv1
[  274.459165][T12771] bond4: (slave batadv1): making interface the new active one
[  274.463161][T12771] bond4: (slave batadv1): Enslaving as an active interface with an up link
[  274.769057][T12788] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2882'.
[  274.888369][T12795] netlink: 'syz.4.2887': attribute type 3 has an invalid length.
[  274.891356][T12795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2887'.
[  275.242862][T12807] syzkaller1: tun_chr_ioctl cmd 1074025677
[  275.244989][T12807] syzkaller1: linktype set to 774
[  275.930138][T12811] loop4: detected capacity change from 0 to 32768
[  275.948259][T12811] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  275.977753][T12811] XFS (loop4): Ending clean mount
[  275.984828][T12811] XFS (loop4): Quotacheck needed: Please wait.
[  276.016867][T12811] XFS (loop4): Quotacheck: Done.
[  276.061259][T12835] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  276.110550][ T8665] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  276.228337][T12839] netlink: 'syz.0.2903': attribute type 12 has an invalid length.
[  276.350727][T12849] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2902'.
[  276.490857][T12857] loop4: detected capacity change from 0 to 512
[  276.498415][T12857] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  276.507729][T12857] EXT4-fs (loop4): invalid journal inode
[  276.510095][T12857] EXT4-fs (loop4): can't get journal size
[  276.524296][T12857] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[  276.527833][T12857] System zones: 1-12, 13-13
[  276.535604][T12857] EXT4-fs (loop4): 1 truncate cleaned up
[  276.539282][T12857] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.577017][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.716211][T12874] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2917'.
[  276.729852][T12874] macvtap1: entered promiscuous mode
[  276.735319][T12874] macvtap1: entered allmulticast mode
[  276.737948][T12874] bond0: entered allmulticast mode
[  276.740400][T12874] bond_slave_0: entered allmulticast mode
[  276.742849][T12874] bond_slave_1: entered allmulticast mode
[  276.745343][T12874] batadv0: entered allmulticast mode
[  276.748815][T12874] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  276.759799][T12874] macvtap1: left promiscuous mode
[  276.762027][T12874] macvtap1: left allmulticast mode
[  276.764151][T12874] bond0: left allmulticast mode
[  276.766273][T12874] bond_slave_0: left allmulticast mode
[  276.768490][T12874] bond_slave_1: left allmulticast mode
[  276.770954][T12874] batadv0: left allmulticast mode
[  279.088559][T12934] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2944'.
[  279.098933][T12932] overlayfs: failed to clone upperpath
[  279.282201][T12949] bond0: option ad_select: unable to set because the bond device is up
[  279.304024][T12951] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2950'.
[  279.327962][T12954] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2954'.
[  279.333258][T12954] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2954'.
[  282.961181][T13097] loop4: detected capacity change from 0 to 4096
[  282.981569][T13097] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  282.985634][T13097] ntfs3(loop4): Failed to load $Extend (-22).
[  282.990094][T13097] ntfs3(loop4): Failed to initialize $Extend.
[  283.317856][T13102] loop4: detected capacity change from 0 to 40427
[  283.677728][T13102] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  283.687872][T13102] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  283.959665][T13121] syz.4.3017: attempt to access beyond end of device
[  283.959665][T13121] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  284.089178][T13121] F2FS-fs (loop4): access invalid blkaddr:2048
[  284.091973][T13121] CPU: 1 UID: 0 PID: 13121 Comm: syz.4.3017 Not tainted syzkaller #0 PREEMPT(full) 
[  284.091991][T13121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  284.092001][T13121] Call Trace:
[  284.092007][T13121]  <TASK>
[  284.092011][T13121]  dump_stack_lvl+0x189/0x250
[  284.092060][T13121]  ? __pfx_dump_stack_lvl+0x10/0x10
[  284.092073][T13121]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  284.092088][T13121]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  284.092104][T13121]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.092113][T13121]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[  284.092135][T13121]  f2fs_map_blocks+0xd84/0x4130
[  284.092165][T13121]  ? __pfx_f2fs_map_blocks+0x10/0x10
[  284.092182][T13121]  ? xa_load+0x1ea/0x210
[  284.092193][T13121]  f2fs_mpage_readpages+0xcb2/0x1ac0
[  284.092212][T13121]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[  284.092223][T13121]  ? __folio_batch_add_and_move+0x192/0xc60
[  284.092240][T13121]  ? f2fs_readahead+0x177/0x330
[  284.092250][T13121]  read_pages+0x17a/0x580
[  284.092270][T13121]  ? __pfx_read_pages+0x10/0x10
[  284.092291][T13121]  ? filemap_add_folio+0x1af/0x270
[  284.092312][T13121]  page_cache_ra_unbounded+0x6b0/0x7b0
[  284.092342][T13121]  f2fs_readdir+0x49b/0xa60
[  284.092372][T13121]  ? __pfx_f2fs_readdir+0x10/0x10
[  284.092383][T13121]  ? lock_acquire+0x175/0x360
[  284.092409][T13121]  ? down_read_killable+0x1d1/0x350
[  284.092428][T13121]  iterate_dir+0x399/0x570
[  284.092448][T13121]  __se_sys_getdents+0xe4/0x250
[  284.092464][T13121]  ? __pfx___se_sys_getdents+0x10/0x10
[  284.092477][T13121]  ? __pfx_filldir+0x10/0x10
[  284.092493][T13121]  ? rcu_is_watching+0x15/0xb0
[  284.092507][T13121]  ? do_syscall_64+0xbe/0x3b0
[  284.092521][T13121]  do_syscall_64+0xfa/0x3b0
[  284.092534][T13121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.092546][T13121]  ? asm_sysvec_call_function_single+0x1a/0x20
[  284.092561][T13121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.092572][T13121] RIP: 0033:0x7f40ee78ec29
[  284.092581][T13121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.092588][T13121] RSP: 002b:00007f40ef5f4038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  284.092600][T13121] RAX: ffffffffffffffda RBX: 00007f40ee9d6180 RCX: 00007f40ee78ec29
[  284.092609][T13121] RDX: 00000000000000b8 RSI: 0000200000001fc0 RDI: 0000000000000009
[  284.092617][T13121] RBP: 00007f40ee811e41 R08: 0000000000000000 R09: 0000000000000000
[  284.092625][T13121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  284.092632][T13121] R13: 00007f40ee9d6218 R14: 00007f40ee9d6180 R15: 00007fff76756a78
[  284.092654][T13121]  </TASK>
[  284.207852][T13121] syz.4.3017: attempt to access beyond end of device
[  284.207852][T13121] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  284.213397][T13121] syz.4.3017: attempt to access beyond end of device
[  284.213397][T13121] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  284.398742][ T8665] syz-executor: attempt to access beyond end of device
[  284.398742][ T8665] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  284.424576][ T8665] CPU: 0 UID: 0 PID: 8665 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  284.424590][ T8665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  284.424595][ T8665] Call Trace:
[  284.424599][ T8665]  <TASK>
[  284.424603][ T8665]  dump_stack_lvl+0x189/0x250
[  284.424617][ T8665]  ? __pfx_dump_stack_lvl+0x10/0x10
[  284.424625][ T8665]  ? __pfx_queue_work_on+0x10/0x10
[  284.424633][ T8665]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  284.424644][ T8665]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  284.424659][ T8665]  f2fs_handle_critical_error+0x37c/0x540
[  284.424673][ T8665]  f2fs_write_end_io+0x886/0xb60
[  284.424687][ T8665]  __submit_merged_bio+0x27a/0x6a0
[  284.424699][ T8665]  __submit_merged_write_cond+0x255/0x530
[  284.424712][ T8665]  f2fs_write_data_pages+0x261d/0x3000
[  284.424732][ T8665]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  284.424756][ T8665]  ? check_path+0x21/0x40
[  284.424763][ T8665]  ? check_noncircular+0xe0/0x160
[  284.424789][ T8665]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  284.424796][ T8665]  do_writepages+0x32e/0x550
[  284.424810][ T8665]  ? do_raw_spin_unlock+0x4d/0x240
[  284.424821][ T8665]  filemap_fdatawrite+0x199/0x240
[  284.424831][ T8665]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  284.424858][ T8665]  ? do_raw_spin_unlock+0x4d/0x240
[  284.424869][ T8665]  f2fs_sync_dirty_inodes+0x31f/0x830
[  284.424882][ T8665]  f2fs_write_checkpoint+0x95a/0x1df0
[  284.424899][ T8665]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  284.424924][ T8665]  ? kill_f2fs_super+0x298/0x6c0
[  284.424934][ T8665]  kill_f2fs_super+0x2c3/0x6c0
[  284.424944][ T8665]  ? __pfx_kill_f2fs_super+0x10/0x10
[  284.424949][ T8665]  ? radix_tree_delete_item+0x2b6/0x400
[  284.424960][ T8665]  ? shrinker_free+0x2ce/0x3e0
[  284.424969][ T8665]  deactivate_locked_super+0xbc/0x130
[  284.424979][ T8665]  cleanup_mnt+0x425/0x4c0
[  284.424987][ T8665]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.424995][ T8665]  task_work_run+0x1d4/0x260
[  284.425006][ T8665]  ? __pfx_task_work_run+0x10/0x10
[  284.425014][ T8665]  ? __x64_sys_umount+0x122/0x160
[  284.425026][ T8665]  ? exit_to_user_mode_loop+0x40/0x110
[  284.425072][ T8665]  exit_to_user_mode_loop+0xec/0x110
[  284.425082][ T8665]  do_syscall_64+0x2bd/0x3b0
[  284.425090][ T8665]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.425096][ T8665]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.425109][ T8665]  ? exc_page_fault+0x9f/0xf0
[  284.425116][ T8665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.425123][ T8665] RIP: 0033:0x7f40ee78ff57
[  284.425130][ T8665] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  284.425136][ T8665] RSP: 002b:00007fff76755d08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  284.425145][ T8665] RAX: 0000000000000000 RBX: 00007f40ee811c2d RCX: 00007f40ee78ff57
[  284.425150][ T8665] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff76755dc0
[  284.425154][ T8665] RBP: 00007fff76755dc0 R08: 0000000000000000 R09: 0000000000000000
[  284.425158][ T8665] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff76756e50
[  284.425162][ T8665] R13: 00007f40ee811c2d R14: 00000000000457a0 R15: 00007fff76756e90
[  284.425174][ T8665]  </TASK>
[  284.425177][ T8665] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  284.858233][T13147] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3036'.
[  284.862078][T13147] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3036'.
[  284.985299][T13156] smc: net device syzkaller0 applied user defined pnetid SYZ1
[  285.128063][T13162] Bluetooth: hci3: Frame reassembly failed (-84)
[  285.132626][   T28] Bluetooth: hci3: Frame reassembly failed (-84)
[  285.623769][T13172] openvswitch: netlink: ct_state flags 7fffffff unsupported
[  285.742441][T13178] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3050'.
[  286.991155][T13213] vcan0: tx drop: invalid da for name 0xfffffffffffffffe
[  287.093803][ T5235] Bluetooth: hci3: command 0x1003 tx timeout
[  287.097119][   T55] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  287.753189][T13229] netlink: 'syz.4.3072': attribute type 1 has an invalid length.
[  287.856346][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  287.875133][T13233] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3074'.
[  288.816987][T13286] loop4: detected capacity change from 0 to 256
[  288.833615][T13286] FAT-fs (loop4): Directory bread(block 64) failed
[  288.835682][T13286] FAT-fs (loop4): Directory bread(block 65) failed
[  288.842168][T13286] FAT-fs (loop4): Directory bread(block 66) failed
[  288.844873][T13286] FAT-fs (loop4): Directory bread(block 67) failed
[  288.849263][T13286] FAT-fs (loop4): Directory bread(block 68) failed
[  288.851890][T13286] FAT-fs (loop4): Directory bread(block 69) failed
[  288.854351][T13286] FAT-fs (loop4): Directory bread(block 70) failed
[  288.856665][T13286] FAT-fs (loop4): Directory bread(block 71) failed
[  288.859336][T13286] FAT-fs (loop4): Directory bread(block 72) failed
[  288.862196][T13286] FAT-fs (loop4): Directory bread(block 73) failed
[  289.255964][T13293] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3102'.
[  289.259409][T13293] netlink: 'syz.4.3102': attribute type 15 has an invalid length.
[  289.262441][T13293] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3102'.
[  289.265845][T13293] netlink: 'syz.4.3102': attribute type 15 has an invalid length.
[  289.630749][T13298] overlayfs: failed to clone upperpath
[  294.440652][T13410] vlan2: entered promiscuous mode
[  294.443464][T13410] bond0: entered promiscuous mode
[  294.446325][T13410] bond_slave_0: entered promiscuous mode
[  294.463753][T13410] bond_slave_1: entered promiscuous mode
[  295.931055][T13466] (unnamed net_device) (uninitialized): up delay (7) is not a multiple of miimon (3), value rounded to 6 ms
[  295.961334][T13466] 8021q: adding VLAN 0 to HW filter on device bond1
[  295.986591][T13471] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3180'.
[  296.140036][T13479] lo speed is unknown, defaulting to 1000
[  296.949762][T13506] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3194'.
[  297.137512][T13513] comedi comedi4: bad chanlist[0]=0x00000800 chan=2048 range length=2
[  297.221914][T13518] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  297.744844][ T5313] Process accounting resumed
[  297.917880][T13530] loop4: detected capacity change from 0 to 1024
[  298.030333][   T65] hfsplus: b-tree write err: -5, ino 3
[  298.171835][T13520] Process accounting resumed
[  298.595618][T13545] sctp: [Deprecated]: syz.3.3210 (pid 13545) Use of int in max_burst socket option deprecated.
[  298.595618][T13545] Use struct sctp_assoc_value instead
[  298.969304][T13556] loop4: detected capacity change from 0 to 16
[  299.112445][T13556] erofs (device loop4): mounted with root inode @ nid 36.
[  299.476518][ T5313] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  299.630162][ T5313] usb 5-1: Using ep0 maxpacket: 16
[  299.701808][ T5313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.713943][ T5313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.718060][ T5313] usb 5-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  299.737974][ T5313] usb 5-1: config 0 interface 0 has no altsetting 0
[  299.740721][ T5313] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  299.745163][ T5313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.758999][ T5313] usb 5-1: config 0 descriptor??
[  300.098117][T13587] netlink: 'syz.3.3230': attribute type 12 has an invalid length.
[  300.113380][T13587] netlink: 'syz.3.3230': attribute type 29 has an invalid length.
[  300.116885][T13587] netlink: 148 bytes leftover after parsing attributes in process `syz.3.3230'.
[  300.121700][T13587] netlink: 'syz.3.3230': attribute type 2 has an invalid length.
[  300.135320][T13587] netlink: 'syz.3.3230': attribute type 3 has an invalid length.
[  300.159525][ T5313] hid (null): unknown global tag 0xd5
[  300.171006][ T5313] hid (null): invalid report_size -2057069368
[  300.173613][ T5313] hid (null): unknown global tag 0x2c
[  300.176070][ T5313] hid (null): unknown global tag 0xc
[  300.178295][ T5313] hid (null): unknown global tag 0xd2
[  300.201566][ T5313] hid (null): report_id 0 is invalid
[  300.204001][ T5313] hid (null): report_id 0 is invalid
[  300.206829][ T5313] hid (null): unknown global tag 0xe
[  300.209110][ T5313] hid (null): unknown global tag 0xd
[  300.707333][ T6002] usb 5-1: USB disconnect, device number 18
[  301.895862][T13618] loop4: detected capacity change from 0 to 1024
[  301.906063][T13618] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  301.927372][T13618] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  301.939905][T13618] EXT4-fs (loop4): orphan cleanup on readonly fs
[  301.953268][T13618] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.3242: Invalid inode table block 0 in block_group 0
[  301.965837][T13618] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  301.971728][T13618] EXT4-fs error (device loop4): ext4_quota_write:7326: inode #3: comm syz.4.3242: mark_inode_dirty error
[  301.977273][T13618] Quota error (device loop4): write_blk: dquota write failed
[  301.982222][T13618] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  301.987041][T13618] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.3242: Failed to acquire dquot type 0
[  301.996461][T13618] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.3242: Invalid inode table block 0 in block_group 0
[  302.006582][T13618] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  302.019412][T13618] EXT4-fs error (device loop4): ext4_ext_truncate:4475: inode #15: comm syz.4.3242: mark_inode_dirty error
[  302.026068][T13618] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.3242: Invalid inode table block 0 in block_group 0
[  302.040539][T13618] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  302.045437][T13618] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem
[  302.049683][T13618] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz.4.3242: Invalid inode table block 0 in block_group 0
[  302.056144][T13618] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  302.061096][T13618] EXT4-fs error (device loop4): ext4_truncate:4666: inode #15: comm syz.4.3242: mark_inode_dirty error
[  302.068848][T13618] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem
[  302.077706][T13618] EXT4-fs (loop4): 1 truncate cleaned up
[  302.084222][T13618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  302.135184][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.912847][T13650] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3257'.
[  302.916108][T13650] netlink: 'syz.3.3257': attribute type 7 has an invalid length.
[  302.918456][T13650] netlink: 'syz.3.3257': attribute type 8 has an invalid length.
[  302.920865][T13650] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3257'.
[  303.151284][T13657] netlink: 116 bytes leftover after parsing attributes in process `syz.0.3260'.
[  303.303213][T13655] loop4: detected capacity change from 0 to 40427
[  303.373878][T13655] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  303.379798][T13655] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  303.423299][ T8665] syz-executor: attempt to access beyond end of device
[  303.423299][ T8665] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  303.432950][ T8665] CPU: 0 UID: 0 PID: 8665 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  303.432974][ T8665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  303.432982][ T8665] Call Trace:
[  303.432989][ T8665]  <TASK>
[  303.432994][ T8665]  dump_stack_lvl+0x189/0x250
[  303.433020][ T8665]  ? __pfx_dump_stack_lvl+0x10/0x10
[  303.433035][ T8665]  ? __pfx_queue_work_on+0x10/0x10
[  303.433046][ T8665]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  303.433080][ T8665]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  303.433108][ T8665]  f2fs_handle_critical_error+0x37c/0x540
[  303.433134][ T8665]  f2fs_write_end_io+0x886/0xb60
[  303.433171][ T8665]  __submit_merged_bio+0x27a/0x6a0
[  303.433195][ T8665]  __submit_merged_write_cond+0x255/0x530
[  303.433219][ T8665]  f2fs_write_data_pages+0x261d/0x3000
[  303.433261][ T8665]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  303.433330][ T8665]  ? __lock_acquire+0xab9/0xd20
[  303.433355][ T8665]  ? do_raw_spin_lock+0x121/0x290
[  303.433378][ T8665]  ? do_raw_spin_unlock+0x4d/0x240
[  303.433394][ T8665]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  303.433407][ T8665]  do_writepages+0x32e/0x550
[  303.433436][ T8665]  ? do_raw_spin_unlock+0x4d/0x240
[  303.433455][ T8665]  filemap_fdatawrite+0x199/0x240
[  303.433473][ T8665]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  303.433529][ T8665]  ? do_raw_spin_unlock+0x4d/0x240
[  303.433549][ T8665]  f2fs_sync_dirty_inodes+0x31f/0x830
[  303.433575][ T8665]  f2fs_write_checkpoint+0x95a/0x1df0
[  303.433611][ T8665]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  303.433664][ T8665]  ? kill_f2fs_super+0x298/0x6c0
[  303.433683][ T8665]  kill_f2fs_super+0x2c3/0x6c0
[  303.433701][ T8665]  ? __pfx_kill_f2fs_super+0x10/0x10
[  303.433712][ T8665]  ? radix_tree_delete_item+0x2b6/0x400
[  303.433733][ T8665]  ? shrinker_free+0x2ce/0x3e0
[  303.433749][ T8665]  deactivate_locked_super+0xbc/0x130
[  303.433766][ T8665]  cleanup_mnt+0x425/0x4c0
[  303.433781][ T8665]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.433797][ T8665]  task_work_run+0x1d4/0x260
[  303.433816][ T8665]  ? __pfx_task_work_run+0x10/0x10
[  303.433830][ T8665]  ? __x64_sys_umount+0x122/0x160
[  303.433852][ T8665]  ? exit_to_user_mode_loop+0x40/0x110
[  303.433873][ T8665]  exit_to_user_mode_loop+0xec/0x110
[  303.433890][ T8665]  do_syscall_64+0x2bd/0x3b0
[  303.433902][ T8665]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.433913][ T8665]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.433925][ T8665]  ? exc_page_fault+0x9f/0xf0
[  303.433971][ T8665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.433982][ T8665] RIP: 0033:0x7f40ee78ff57
[  303.433995][ T8665] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  303.434005][ T8665] RSP: 002b:00007fff76755d08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  303.434020][ T8665] RAX: 0000000000000000 RBX: 00007f40ee811c2d RCX: 00007f40ee78ff57
[  303.434028][ T8665] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff76755dc0
[  303.434035][ T8665] RBP: 00007fff76755dc0 R08: 0000000000000000 R09: 0000000000000000
[  303.434042][ T8665] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff76756e50
[  303.434049][ T8665] R13: 00007f40ee811c2d R14: 000000000004a5e8 R15: 00007fff76756e90
[  303.434073][ T8665]  </TASK>
[  303.436117][ T8665] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  304.563024][T13705] loop4: detected capacity change from 0 to 32768
[  304.566532][T13705] XFS: noikeep mount option is deprecated.
[  304.569033][T13705] XFS: ikeep mount option is deprecated.
[  304.582448][T13705] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  304.588830][T13705] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  304.605870][T13705] XFS (loop4): Ending clean mount
[  304.615131][T13705] XFS (loop4): Quotacheck needed: Please wait.
[  304.635204][T13705] XFS (loop4): Quotacheck: Done.
[  304.673057][ T8665] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  305.545275][T13754] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3296'.
[  305.657970][   T34] audit: type=1326 audit(1074.986:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13760 comm="syz.4.3299" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f40ee78ec29 code=0x0
[  305.733874][T13766] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3302'.
[  305.738067][T13766] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3302'.
[  306.700996][T13805] 9pnet_fd: Insufficient options for proto=fd
[  306.972159][T13821] netlink: 'syz.0.3327': attribute type 32 has an invalid length.
[  307.047115][ T6002] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  307.218990][ T6002] usb 5-1: Using ep0 maxpacket: 16
[  307.223521][ T6002] usb 5-1: config 127 has an invalid interface number: 102 but max is 2
[  307.226900][ T6002] usb 5-1: config 127 has no interface number 2
[  307.232130][ T6002] usb 5-1: config 127 interface 0 has no altsetting 0
[  307.235006][ T6002] usb 5-1: config 127 interface 1 has no altsetting 0
[  307.237985][ T6002] usb 5-1: config 127 interface 102 has no altsetting 0
[  307.243046][ T6002] usb 5-1: New USB device found, idVendor=1199, idProduct=9015, bcdDevice=99.2d
[  307.246750][ T6002] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.251082][ T6002] usb 5-1: Product: syz
[  307.252938][ T6002] usb 5-1: Manufacturer: syz
[  307.254971][ T6002] usb 5-1: SerialNumber: syz
[  307.470841][ T6002] usb 5-1: selecting invalid altsetting 0
[  307.473320][ T6002] usb 5-1: Could not set interface, error -22
[  307.479088][ T6002] usb 5-1: selecting invalid altsetting 0
[  307.481597][ T6002] usb 5-1: Could not set interface, error -22
[  307.496425][ T6002] usb 5-1: USB disconnect, device number 19
[  307.629776][T13843] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3337'.
[  308.317298][T13860] macvtap1: entered promiscuous mode
[  308.319459][T13860] macvtap1: entered allmulticast mode
[  308.532253][T13872] loop4: detected capacity change from 0 to 4096
[  308.557800][T13879] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  309.246795][ T5313] libceph: connect (1)[c::]:6789 error -101
[  309.250523][ T5313] libceph: mon0 (1)[c::]:6789 connect error
[  309.259177][ T5313] libceph: connect (1)[c::]:6789 error -101
[  309.261832][ T5313] libceph: mon0 (1)[c::]:6789 connect error
[  309.339738][T13912] ceph: No mds server is up or the cluster is laggy
[  309.488375][T13925] loop4: detected capacity change from 0 to 512
[  309.515949][T13925] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  309.593165][T13925] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.3370: invalid indirect mapped block 4294967295 (level 0)
[  309.610103][T13925] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.3370: invalid indirect mapped block 4294967295 (level 1)
[  309.629132][T13925] EXT4-fs (loop4): 1 orphan inode deleted
[  309.631429][T13925] EXT4-fs (loop4): 1 truncate cleaned up
[  309.634876][T13925] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.701376][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.039134][T13941] loop4: detected capacity change from 0 to 40427
[  310.049162][T13941] F2FS-fs (loop4): build fault injection rate: 690
[  310.054191][T13941] F2FS-fs (loop4): invalid crc value
[  310.119885][T13941] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  310.127368][T13941] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  310.763308][T13981] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3395'.
[  310.963841][ T5313] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  311.292813][ T5313] usb 5-1: config 1 has an invalid interface number: 13 but max is 0
[  311.307134][ T5313] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  311.329020][ T5313] usb 5-1: config 1 has no interface number 0
[  311.360584][T14003] overlayfs: failed to clone lowerpath
[  311.387871][T14003] overlayfs: failed to resolve './file1': -2
[  311.439070][ T5313] usb 5-1: config 1 interface 13 altsetting 6 endpoint 0xE has invalid wMaxPacketSize 0
[  311.473267][ T5313] usb 5-1: config 1 interface 13 altsetting 6 bulk endpoint 0xE has invalid maxpacket 0
[  311.512269][ T5313] usb 5-1: config 1 interface 13 altsetting 6 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  311.559662][ T5313] usb 5-1: config 1 interface 13 has no altsetting 0
[  311.574195][ T5313] usb 5-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=4c.2b
[  311.586619][ T5313] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.598197][ T5313] usb 5-1: Product: syz
[  311.606729][ T5313] usb 5-1: Manufacturer: syz
[  311.615500][ T5313] usb 5-1: SerialNumber: syz
[  311.834328][ T5313] s2255 5-1:1.13: Could not find bulk-in endpoint
[  311.837144][ T5313] Sensoray 2255 driver load failed: 0xfffffff4
[  311.845619][ T5313] s2255 5-1:1.13: probe with driver s2255 failed with error -12
[  311.852272][ T5313] usb 5-1: USB disconnect, device number 20
[  312.177663][T14033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3419'.
[  312.184340][T14033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3419'.
[  312.188161][T14033] netlink: 50 bytes leftover after parsing attributes in process `syz.3.3419'.
[  312.521151][T14050] ip6tnl2: entered promiscuous mode
[  312.523297][T14050] ip6tnl2: entered allmulticast mode
[  312.544253][T14050] team0: Device ip6tnl2 is of different type
[  312.587646][T14054] netlink: 'syz.3.3429': attribute type 31 has an invalid length.
[  313.105239][T14083] loop4: detected capacity change from 0 to 40427
[  313.110664][T14083] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  313.113250][T14083] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  313.119253][T14083] F2FS-fs (loop4): invalid crc value
[  313.173851][T14083] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  313.184935][T14083] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  313.187947][T14083] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  314.696544][  T250] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  314.857755][  T250] usb 5-1: Using ep0 maxpacket: 8
[  314.872723][  T250] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  314.999008][  T250] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.023376][  T250] usb 5-1: Product: syz
[  315.024796][  T250] usb 5-1: Manufacturer: syz
[  315.026620][  T250] usb 5-1: SerialNumber: syz
[  315.030075][  T250] usb 5-1: config 0 descriptor??
[  315.278504][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  315.303096][  T250] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  315.393959][T14145] batman_adv: batadv0: Adding interface: dummy0
[  315.396415][T14145] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  315.409261][T14145] batman_adv: batadv0: Interface activated: dummy0
[  315.432975][T14145] batadv0: mtu less than device minimum
[  315.436853][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.442633][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.448135][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.453457][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.458833][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.462995][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.468363][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.473652][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.479091][T14145] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  315.761062][  T250] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  315.767552][  T250] usb 5-1: USB disconnect, device number 21
[  316.315770][T14191] loop4: detected capacity change from 0 to 1024
[  316.320784][T14191] EXT4-fs: Ignoring removed nomblk_io_submit option
[  316.329398][T14191] EXT4-fs: Ignoring removed nobh option
[  316.354756][T14191] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.385546][   T34] audit: type=1804 audit(1086.241:180): pid=14191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3491" name="/newroot/541/file1/bus" dev="loop4" ino=18 res=1 errno=0
[  316.685747][T14200] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3494'.
[  316.692477][T14200] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  316.696081][T14200] IPv6: NLM_F_CREATE should be set when creating new route
[  316.698998][T14200] IPv6: NLM_F_CREATE should be set when creating new route
[  316.893180][T14208] (unnamed net_device) (uninitialized): option arp_validate: invalid value (18446744073709551614)
[  317.081213][T14214] netlink: 'syz.0.3501': attribute type 10 has an invalid length.
[  317.106615][T14214] team0: Device hsr_slave_0 failed to register rx_handler
[  317.257059][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.330756][T14251] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3515'.
[  318.343954][T14251] fuse: Bad value for 'user_id'
[  318.345891][T14251] fuse: Bad value for 'user_id'
[  318.664924][T14256] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  319.091836][T14262] fuse: Unknown parameter 'euid'
[  319.535388][T14270] netlink: 228 bytes leftover after parsing attributes in process `syz.3.3526'.
[  319.624991][T14272] netlink: 'syz.0.3527': attribute type 3 has an invalid length.
[  319.636192][T14272] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3527'.
[  321.218247][   T34] audit: type=1326 audit(1091.313:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.0.3540" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  321.227502][   T34] audit: type=1326 audit(1091.313:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.0.3540" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  321.236014][   T34] audit: type=1326 audit(1091.323:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.0.3540" exe="/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  321.244970][   T34] audit: type=1326 audit(1091.323:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.0.3540" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  321.253994][   T34] audit: type=1326 audit(1091.323:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.0.3540" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  321.724988][   T10] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  321.915264][   T10] usb 5-1: Using ep0 maxpacket: 16
[  321.936962][   T10] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  321.945213][   T10] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  321.949865][   T10] usb 5-1: Product: syz
[  321.951903][   T10] usb 5-1: Manufacturer: syz
[  321.955434][   T10] usb 5-1: SerialNumber: syz
[  321.964937][   T10] usb 5-1: config 0 descriptor??
[  322.232748][   T10] usb 5-1: USB disconnect, device number 22
[  322.603822][T14324] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  322.606937][T14324] IPv6: NLM_F_CREATE should be set when creating new route
[  322.610149][T14324] IPv6: NLM_F_CREATE should be set when creating new route
[  322.615681][T14324] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  323.003945][T14332] loop4: detected capacity change from 0 to 32768
[  323.008243][T14332] bcachefs (/dev/loop4): error validating superblock: Invalid superblock: optional field with size 0 (type 1)
[  323.015176][T14332] bcachefs: bch2_fs_get_tree() error: invalid_sb_field_size
[  323.645200][T14347] overlayfs: failed to clone lowerpath
[  325.107703][   T10] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  325.261752][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  325.267698][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  325.277993][   T10] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  325.283707][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.295587][   T10] usb 5-1: config 0 descriptor??
[  325.315843][T14365] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  325.406548][   T10] hub 5-1:0.0: USB hub found
[  325.555626][   T10] hub 5-1:0.0: 2 ports detected
[  325.567269][T14382] pimreg3: entered allmulticast mode
[  325.622717][   T34] audit: type=1326 audit(1095.932:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14387 comm="syz.0.3575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  325.634548][   T34] audit: type=1326 audit(1095.932:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14387 comm="syz.0.3575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  325.645877][   T34] audit: type=1326 audit(1095.943:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14387 comm="syz.0.3575" exe="/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  325.672536][   T34] audit: type=1326 audit(1095.943:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14387 comm="syz.0.3575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  325.689877][   T34] audit: type=1326 audit(1095.943:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14387 comm="syz.0.3575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  325.747295][   T10] hub 5-1:0.0: hub_hub_status failed (err = -71)
[  325.749863][   T10] hub 5-1:0.0: config failed, can't get hub status (err -71)
[  325.764967][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  325.768037][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  325.794892][   T10] usb 5-1: USB disconnect, device number 23
[  326.005803][T14402] tipc: Failed to remove unknown binding: 66,1,1/1772540796:2676925721/2676925722
[  326.366961][T14409] loop4: detected capacity change from 0 to 2048
[  326.382485][T14409] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  326.742863][T14420] tipc: Failed to remove unknown binding: 66,1,1/0:3386759595/3386759597
[  326.977006][T14443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3596'.
[  326.980061][T14443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3596'.
[  327.085832][T14452] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3600'.
[  327.144523][T14454] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3601'.
[  327.183139][T14456] net_ratelimit: 10 callbacks suppressed
[  327.183155][T14456] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  327.198408][T14457] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3601'.
[  328.341233][T14489] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3609'.
[  328.604053][T14491] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  329.193630][T14505] openvswitch: netlink: nsh attribute has 2 unknown bytes.
[  329.292727][T14509] veth0: entered promiscuous mode
[  329.295672][T14508] veth0: left promiscuous mode
[  329.591953][  T793] usb 5-1: new full-speed USB device number 24 using dummy_hcd
[  329.759065][  T793] usb 5-1: config 2 has an invalid interface number: 211 but max is 0
[  329.762207][  T793] usb 5-1: config 2 has no interface number 0
[  329.769677][  T793] usb 5-1: config 2 interface 211 altsetting 0 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  329.775446][  T793] usb 5-1: config 2 interface 211 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  329.784145][  T793] usb 5-1: New USB device found, idVendor=2040, idProduct=8268, bcdDevice=27.95
[  329.787910][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.792404][  T793] usb 5-1: Product: syz
[  329.794210][  T793] usb 5-1: Manufacturer: syz
[  329.796251][  T793] usb 5-1: SerialNumber: syz
[  329.807602][T14511] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  329.820237][  T793] em28xx 5-1:2.211: New device syz syz @ 12 Mbps (2040:8268, interface 211, class 211)
[  329.824750][  T793] em28xx 5-1:2.211: Device initialization failed.
[  329.827396][  T793] em28xx 5-1:2.211: Device must be connected to a high-speed USB 2.0 port.
[  329.839602][T14529] IPVS: stopping master sync thread 12306 ...
[  329.997083][   T34] audit: type=1326 audit(1100.531:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.0.3640" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  330.007825][   T34] audit: type=1326 audit(1100.531:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.0.3640" exe="/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  330.008682][   T10] usb 5-1: USB disconnect, device number 24
[  330.016517][   T34] audit: type=1326 audit(1100.531:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.0.3640" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  330.034202][   T34] audit: type=1326 audit(1100.562:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14542 comm="syz.0.3640" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e14b8ec29 code=0x7ffc0000
[  330.770393][T14563] random: crng reseeded on system resumption
[  331.087088][  T250] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  331.155656][T14573] futex_wake_op: syz.0.3654 tries to shift op by 36; fix this program
[  331.233569][  T250] usb 5-1: Using ep0 maxpacket: 16
[  331.241238][  T250] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  331.249440][  T250] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  331.270325][  T250] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  331.274074][  T250] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.282336][  T250] usb 5-1: Product: syz
[  331.284117][  T250] usb 5-1: Manufacturer: syz
[  331.286090][  T250] usb 5-1: SerialNumber: syz
[  331.495753][  T250] usb 5-1: 0:2 : does not exist
[  331.522469][  T250] usb 5-1: USB disconnect, device number 25
[  332.076880][T14609] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  332.313817][T14628] loop4: detected capacity change from 0 to 512
[  332.377735][T14628] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.438095][ T8665] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.989851][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.001423][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.015128][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.026922][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.039202][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.045303][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.059022][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.070715][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.076747][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.084487][T14662] loop4: detected capacity change from 0 to 1156
[  334.095714][T14662] ISOFS: unable to read i-node block
[  334.103995][T14662] isofs_fill_super: get root inode failed
[  334.117623][T14657] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  334.251966][   T34] audit: type=1326 audit(1105.003:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14673 comm="syz.3.3699" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8148f8ec29 code=0x0
[  334.327745][T14678] netlink: 'syz.4.3701': attribute type 10 has an invalid length.
[  334.330578][T14678] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3701'.
[  334.345886][T14678] team0: Port device geneve0 added
[  334.505004][T14690] xt_socket: unknown flags 0x50
[  334.578596][T14694] loop4: detected capacity change from 0 to 256
[  334.590449][T14694] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  334.594958][T14694] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  334.607034][T14694] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  334.618692][   T34] audit: type=1800 audit(1105.381:196): pid=14694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3709" name="file1" dev="loop4" ino=1048721 res=0 errno=0
[  335.486230][T14726] syz.0.3718 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  337.131372][T14768] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3739'.
[  337.251932][T14776] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3743'.
[  337.396284][T14786] ==================================================================
[  337.396302][T14786] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x570/0xf30
[  337.396332][T14786] Read of size 4 at addr ffff888109ea92c4 by task syz.0.3747/14786
[  337.396344][T14786] 
[  337.396354][T14786] CPU: 0 UID: 0 PID: 14786 Comm: syz.0.3747 Not tainted syzkaller #0 PREEMPT(full) 
[  337.396368][T14786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  337.396377][T14786] Call Trace:
[  337.396382][T14786]  <TASK>
[  337.396388][T14786]  dump_stack_lvl+0x189/0x250
[  337.396405][T14786]  ? __kasan_check_byte+0x12/0x40
[  337.396424][T14786]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.396439][T14786]  ? lock_release+0x4b/0x3e0
[  337.396459][T14786]  ? __virt_addr_valid+0x4a5/0x5c0
[  337.396476][T14786]  print_report+0xca/0x240
[  337.396488][T14786]  ? xfrm_alloc_spi+0x570/0xf30
[  337.396503][T14786]  kasan_report+0x118/0x150
[  337.396521][T14786]  ? xfrm_alloc_spi+0x570/0xf30
[  337.396537][T14786]  xfrm_alloc_spi+0x570/0xf30
[  337.396553][T14786]  ? xfrm_alloc_spi+0x2a0/0xf30
[  337.396571][T14786]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  337.396584][T14786]  ? xfrm_find_acq+0x87/0xa0
[  337.396601][T14786]  xfrm_alloc_userspi+0x70b/0xc90
[  337.396622][T14786]  ? apparmor_capable+0x137/0x1b0
[  337.396636][T14786]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  337.396654][T14786]  ? __nla_parse+0x40/0x60
[  337.396669][T14786]  xfrm_user_rcv_msg+0x7a3/0xab0
[  337.396685][T14786]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  337.396712][T14786]  ? __pfx___mutex_trylock_common+0x10/0x10
[  337.396726][T14786]  ? rcu_is_watching+0x15/0xb0
[  337.396773][T14786]  ? trace_contention_end+0x39/0x120
[  337.396788][T14786]  ? __mutex_lock+0x335/0x1350
[  337.396804][T14786]  netlink_rcv_skb+0x208/0x470
[  337.396819][T14786]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  337.396839][T14786]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  337.396856][T14786]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.396869][T14786]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.396883][T14786]  xfrm_netlink_rcv+0x79/0x90
[  337.396900][T14786]  netlink_unicast+0x82f/0x9e0
[  337.396921][T14786]  ? __pfx_netlink_unicast+0x10/0x10
[  337.396940][T14786]  ? netlink_sendmsg+0x642/0xb30
[  337.396952][T14786]  ? skb_put+0x11b/0x210
[  337.396965][T14786]  netlink_sendmsg+0x805/0xb30
[  337.396981][T14786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.396992][T14786]  ? aa_sock_msg_perm+0xf1/0x1d0
[  337.397005][T14786]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  337.397018][T14786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.397030][T14786]  __sock_sendmsg+0x21c/0x270
[  337.397048][T14786]  ____sys_sendmsg+0x505/0x830
[  337.397064][T14786]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.397080][T14786]  ? import_iovec+0x74/0xa0
[  337.397093][T14786]  ___sys_sendmsg+0x21f/0x2a0
[  337.397105][T14786]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.397126][T14786]  ? __fget_files+0x2a/0x420
[  337.397136][T14786]  ? __fget_files+0x3a0/0x420
[  337.397147][T14786]  __x64_sys_sendmsg+0x19b/0x260
[  337.397161][T14786]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  337.397177][T14786]  ? rcu_is_watching+0x15/0xb0
[  337.397189][T14786]  ? do_syscall_64+0xbe/0x3b0
[  337.397204][T14786]  do_syscall_64+0xfa/0x3b0
[  337.397216][T14786]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.397229][T14786]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.397239][T14786]  ? exc_page_fault+0x9f/0xf0
[  337.397251][T14786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.397263][T14786] RIP: 0033:0x7f9e14b8ec29
[  337.397275][T14786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.397287][T14786] RSP: 002b:00007f9e1595a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.397300][T14786] RAX: ffffffffffffffda RBX: 00007f9e14dd5fa0 RCX: 00007f9e14b8ec29
[  337.397308][T14786] RDX: 0000000020004000 RSI: 0000200000000540 RDI: 0000000000000003
[  337.397316][T14786] RBP: 00007f9e14c11e41 R08: 0000000000000000 R09: 0000000000000000
[  337.397323][T14786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.397331][T14786] R13: 00007f9e14dd6038 R14: 00007f9e14dd5fa0 R15: 00007fffb66880a8
[  337.397343][T14786]  </TASK>
[  337.397347][T14786] 
[  337.397351][T14786] Allocated by task 9852:
[  337.397359][T14786]  kasan_save_track+0x3e/0x80
[  337.397375][T14786]  __kasan_slab_alloc+0x6c/0x80
[  337.397392][T14786]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  337.397405][T14786]  xfrm_state_alloc+0x24/0x2f0
[  337.397417][T14786]  __find_acq_core+0x8a7/0x1c00
[  337.397431][T14786]  xfrm_find_acq+0x78/0xa0
[  337.397443][T14786]  xfrm_alloc_userspi+0x6b3/0xc90
[  337.397459][T14786]  xfrm_user_rcv_msg+0x7a3/0xab0
[  337.397475][T14786]  netlink_rcv_skb+0x208/0x470
[  337.397487][T14786]  xfrm_netlink_rcv+0x79/0x90
[  337.397500][T14786]  netlink_unicast+0x82f/0x9e0
[  337.397517][T14786]  netlink_sendmsg+0x805/0xb30
[  337.397529][T14786]  __sock_sendmsg+0x21c/0x270
[  337.397544][T14786]  ____sys_sendmsg+0x505/0x830
[  337.397556][T14786]  ___sys_sendmsg+0x21f/0x2a0
[  337.397567][T14786]  __x64_sys_sendmsg+0x19b/0x260
[  337.397580][T14786]  do_syscall_64+0xfa/0x3b0
[  337.397592][T14786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.397602][T14786] 
[  337.397606][T14786] Freed by task 793:
[  337.397611][T14786]  kasan_save_track+0x3e/0x80
[  337.397623][T14786]  kasan_save_free_info+0x46/0x50
[  337.397634][T14786]  __kasan_slab_free+0x5b/0x80
[  337.397648][T14786]  kmem_cache_free+0x18f/0x400
[  337.397663][T14786]  xfrm_state_gc_task+0x52d/0x6b0
[  337.397676][T14786]  process_scheduled_works+0xae1/0x17b0
[  337.397688][T14786]  worker_thread+0x8a0/0xda0
[  337.397699][T14786]  kthread+0x711/0x8a0
[  337.397712][T14786]  ret_from_fork+0x439/0x7d0
[  337.397723][T14786]  ret_from_fork_asm+0x1a/0x30
[  337.397744][T14786] 
[  337.397775][T14786] The buggy address belongs to the object at ffff888109ea9200
[  337.397775][T14786]  which belongs to the cache xfrm_state of size 928
[  337.397787][T14786] The buggy address is located 196 bytes inside of
[  337.397787][T14786]  freed 928-byte region [ffff888109ea9200, ffff888109ea95a0)
[  337.397800][T14786] 
[  337.397803][T14786] The buggy address belongs to the physical page:
[  337.397812][T14786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888109ea8000 pfn:0x109ea8
[  337.397825][T14786] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  337.397836][T14786] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  337.397848][T14786] page_type: f5(slab)
[  337.397859][T14786] raw: 057ff00000000040 ffff88801af95780 dead000000000122 0000000000000000
[  337.397870][T14786] raw: ffff888109ea8000 00000000800e000a 00000000f5000000 0000000000000000
[  337.397879][T14786] head: 057ff00000000040 ffff88801af95780 dead000000000122 0000000000000000
[  337.660354][T14786] head: ffff888109ea8000 00000000800e000a 00000000f5000000 0000000000000000
[  337.660374][T14786] head: 057ff00000000002 ffffea000427aa01 00000000ffffffff 00000000ffffffff
[  337.660386][T14786] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  337.660394][T14786] page dumped because: kasan: bad access detected
[  337.660404][T14786] page_owner tracks the page as allocated
[  337.660409][T14786] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 7214, tgid 7211 (syz.1.538), ts 110885563854, free_ts 65788646271
[  337.660434][T14786]  post_alloc_hook+0x240/0x2a0
[  337.660456][T14786]  get_page_from_freelist+0x21e4/0x22c0
[  337.660467][T14786]  __alloc_frozen_pages_noprof+0x181/0x370
[  337.660478][T14786]  alloc_pages_mpol+0x232/0x4a0
[  337.660495][T14786]  allocate_slab+0x8a/0x370
[  337.660508][T14786]  ___slab_alloc+0xbeb/0x1420
[  337.660527][T14786]  kmem_cache_alloc_noprof+0x283/0x3c0
[  337.660544][T14786]  xfrm_state_alloc+0x24/0x2f0
[  337.660557][T14786]  xfrm_add_sa+0x17d1/0x4070
[  337.660572][T14786]  xfrm_user_rcv_msg+0x7a3/0xab0
[  337.660585][T14786]  netlink_rcv_skb+0x208/0x470
[  337.660598][T14786]  xfrm_netlink_rcv+0x79/0x90
[  337.660612][T14786]  netlink_unicast+0x82f/0x9e0
[  337.660629][T14786]  netlink_sendmsg+0x805/0xb30
[  337.660640][T14786]  __sock_sendmsg+0x21c/0x270
[  337.660656][T14786]  ____sys_sendmsg+0x505/0x830
[  337.660668][T14786] page last free pid 5846 tgid 5846 stack trace:
[  337.660676][T14786]  __free_frozen_pages+0xbc4/0xd30
[  337.660692][T14786]  __put_partials+0x156/0x1a0
[  337.660700][T14786]  put_cpu_partial+0x17c/0x250
[  337.660712][T14786]  __slab_free+0x2d5/0x3c0
[  337.660721][T14786]  qlist_free_all+0x97/0x140
[  337.660742][T14786]  kasan_quarantine_reduce+0x148/0x160
[  337.660784][T14786]  __kasan_slab_alloc+0x22/0x80
[  337.660797][T14786]  __kmalloc_noprof+0x224/0x4f0
[  337.660812][T14786]  tomoyo_realpath_from_path+0xe3/0x5d0
[  337.660823][T14786]  tomoyo_path_perm+0x213/0x4b0
[  337.660838][T14786]  security_inode_getattr+0x12f/0x330
[  337.660853][T14786]  vfs_fstatat+0xb1/0x170
[  337.660862][T14786]  __x64_sys_newfstatat+0x116/0x190
[  337.660874][T14786]  do_syscall_64+0xfa/0x3b0
[  337.660887][T14786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.660898][T14786] 
[  337.660901][T14786] Memory state around the buggy address:
[  337.660908][T14786]  ffff888109ea9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  337.660915][T14786]  ffff888109ea9200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  337.660922][T14786] >ffff888109ea9280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  337.660930][T14786]                                            ^
[  337.660938][T14786]  ffff888109ea9300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  337.660946][T14786]  ffff888109ea9380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  337.660953][T14786] ==================================================================
[  337.661156][T14786] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  337.661169][T14786] CPU: 0 UID: 0 PID: 14786 Comm: syz.0.3747 Not tainted syzkaller #0 PREEMPT(full) 
[  337.661182][T14786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  337.661191][T14786] Call Trace:
[  337.661197][T14786]  <TASK>
[  337.661204][T14786]  dump_stack_lvl+0x99/0x250
[  337.661223][T14786]  ? __asan_memcpy+0x40/0x70
[  337.661239][T14786]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.661254][T14786]  ? __pfx__printk+0x10/0x10
[  337.661277][T14786]  vpanic+0x281/0x750
[  337.661292][T14786]  ? __pfx_vpanic+0x10/0x10
[  337.661307][T14786]  ? irqentry_exit+0x74/0x90
[  337.661324][T14786]  panic+0xb9/0xc0
[  337.661338][T14786]  ? __pfx_panic+0x10/0x10
[  337.661351][T14786]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  337.661370][T14786]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  337.661391][T14786]  ? xfrm_alloc_spi+0x570/0xf30
[  337.661407][T14786]  check_panic_on_warn+0x89/0xb0
[  337.661423][T14786]  ? xfrm_alloc_spi+0x570/0xf30
[  337.661440][T14786]  end_report+0x78/0x160
[  337.661455][T14786]  kasan_report+0x129/0x150
[  337.661472][T14786]  ? xfrm_alloc_spi+0x570/0xf30
[  337.661488][T14786]  xfrm_alloc_spi+0x570/0xf30
[  337.661504][T14786]  ? xfrm_alloc_spi+0x2a0/0xf30
[  337.661523][T14786]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  337.661539][T14786]  ? xfrm_find_acq+0x87/0xa0
[  337.661555][T14786]  xfrm_alloc_userspi+0x70b/0xc90
[  337.661574][T14786]  ? apparmor_capable+0x137/0x1b0
[  337.661591][T14786]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  337.661609][T14786]  ? __nla_parse+0x40/0x60
[  337.661624][T14786]  xfrm_user_rcv_msg+0x7a3/0xab0
[  337.661642][T14786]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  337.661669][T14786]  ? __pfx___mutex_trylock_common+0x10/0x10
[  337.661683][T14786]  ? rcu_is_watching+0x15/0xb0
[  337.661695][T14786]  ? trace_contention_end+0x39/0x120
[  337.661709][T14786]  ? __mutex_lock+0x335/0x1350
[  337.661723][T14786]  netlink_rcv_skb+0x208/0x470
[  337.661770][T14786]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  337.661793][T14786]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  337.661810][T14786]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.661824][T14786]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.661839][T14786]  xfrm_netlink_rcv+0x79/0x90
[  337.661857][T14786]  netlink_unicast+0x82f/0x9e0
[  337.661877][T14786]  ? __pfx_netlink_unicast+0x10/0x10
[  337.661895][T14786]  ? netlink_sendmsg+0x642/0xb30
[  337.661907][T14786]  ? skb_put+0x11b/0x210
[  337.661920][T14786]  netlink_sendmsg+0x805/0xb30
[  337.661936][T14786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.661948][T14786]  ? aa_sock_msg_perm+0xf1/0x1d0
[  337.661960][T14786]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  337.661974][T14786]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.661985][T14786]  __sock_sendmsg+0x21c/0x270
[  337.662005][T14786]  ____sys_sendmsg+0x505/0x830
[  337.662019][T14786]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.662035][T14786]  ? import_iovec+0x74/0xa0
[  337.662049][T14786]  ___sys_sendmsg+0x21f/0x2a0
[  337.662062][T14786]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.662085][T14786]  ? __fget_files+0x2a/0x420
[  337.662096][T14786]  ? __fget_files+0x3a0/0x420
[  337.662109][T14786]  __x64_sys_sendmsg+0x19b/0x260
[  337.662124][T14786]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  337.662142][T14786]  ? rcu_is_watching+0x15/0xb0
[  337.662155][T14786]  ? do_syscall_64+0xbe/0x3b0
[  337.662169][T14786]  do_syscall_64+0xfa/0x3b0
[  337.662181][T14786]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.662194][T14786]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.662206][T14786]  ? exc_page_fault+0x9f/0xf0
[  337.662219][T14786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.662229][T14786] RIP: 0033:0x7f9e14b8ec29
[  337.662242][T14786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.662252][T14786] RSP: 002b:00007f9e1595a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.662268][T14786] RAX: ffffffffffffffda RBX: 00007f9e14dd5fa0 RCX: 00007f9e14b8ec29
[  337.662277][T14786] RDX: 0000000020004000 RSI: 0000200000000540 RDI: 0000000000000003
[  337.662285][T14786] RBP: 00007f9e14c11e41 R08: 0000000000000000 R09: 0000000000000000
[  337.662293][T14786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.662301][T14786] R13: 00007f9e14dd6038 R14: 00007f9e14dd5fa0 R15: 00007fffb66880a8
[  337.662314][T14786]  </TASK>
[  337.663463][T14786] Kernel Offset: disabled

VM DIAGNOSIS:
04:20:52  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000073 RBX=0000000000000073 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000040bc6 RDI=0000000000040bc7 RBP=00000000000003f8 RSP=ffffc900041165d0
R8 =ffff88801f268237 R9 =1ffff11003e4d046 R10=dffffc0000000000 R11=ffffffff854fada0
R12=dffffc0000000000 R13=ffffffff99b03905 R14=ffffffff99df8460 R15=0000000000000000
RIP=ffffffff854fae1c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9e1595a6c0 ffffffff 00c00000
GS =0000 ffff8880b8612000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000001100 CR3=000000011c47a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f9e14da7498 00007f9e14da7470 XMM03=00007f9e14da74a8 00007f9e14da74a0
XMM04=00007f9e1590d100 00007f9e14da7460 XMM05=00007f9e14da7478 00007f9e14da74c0
XMM06=00007f9e14da74b8 00007f9e14da74b0 XMM07=00007f9e14da74a8 00007f9e14da74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f9e14c12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffffc900037ff870 RCX=1ffff920006ffe01 RDX=ffffffff9040b430
RSI=0000000000000002 RDI=ffffffff8be33f20 RBP=1ffff920006ffea2 RSP=ffffc900037ff438
R8 =0000000000000008 R9 =ffffffff8172c195 R10=ffffc900037ff558 R11=ffffffff81ac3b00
R12=ffffc90003800000 R13=1ffff920006ffea3 R14=ffffc900037ff508 R15=ffffc900037f8000
RIP=ffffffff8172cc3c RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f8149e056c0 ffffffff 00c00000
GS =0000 ffff8881a3c12000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32421ff8 CR3=00000000346d0000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f40ee812fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
