last executing test programs:

6m18.207586877s ago: executing program 32 (id=460):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f00003a9000/0x400000)=nil)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{0xffff2000, 0x1, 0x10, 0x8, 0x3, 0x0, 0x3, 0x0, 0xff, 0xb, 0x6, 0x5}, {0xdddd1000, 0x4, 0x10, 0x10, 0x14, 0x4, 0x0, 0xff, 0xb3, 0x2, 0x7f}, {0x5000, 0xeeee0000, 0xf, 0x1, 0x59, 0x3, 0x9, 0x8, 0x7, 0x5, 0x2, 0x7f}, {0x0, 0x1000, 0x3, 0xfc, 0x9, 0x3, 0x7, 0x1, 0x4, 0x0, 0x3c, 0x1}, {0x4, 0x2000, 0xe, 0x0, 0x9c, 0x5, 0x3, 0x7, 0xd6, 0x2, 0x7, 0x8}, {0xffff1000, 0xeeee0000, 0xb, 0x54, 0x8f, 0x0, 0x3, 0x1, 0x3, 0x6, 0x2, 0x8}, {0xeeef0000, 0x2, 0xa, 0x0, 0x0, 0x2, 0xf5, 0x2, 0x5, 0x93, 0x9, 0x37}, {0x12000, 0x0, 0x8, 0x4, 0x7, 0x8, 0x1, 0x6, 0x8, 0xfc, 0x4, 0x1}, {0x4, 0x5}, {0x5000, 0x3}, 0x0, 0x0, 0x4, 0x24000c, 0x1, 0x4101, 0x0, [0x200, 0xfffffffffffffffe, 0x2, 0x7]})

6m0.800666548s ago: executing program 33 (id=559):
r0 = io_uring_setup(0x28fe, &(0x7f0000000080)={0x0, 0xb0c9, 0x1})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x11, &(0x7f00000002c0), 0x2)

5m40.6929366s ago: executing program 34 (id=666):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x42280, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_MEMORY_LIMIT={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2000c961}, 0x4008080)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5m35.738923827s ago: executing program 4 (id=684):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
write$binfmt_misc(r1, &(0x7f0000000340)="e541e317864586950fa368f141c66a000000703cb041447b1c89eef4869bb928b7f3b8c454f00b51790c670fe941738fac4a210c3cd18753880934b5ed1b5c8ebcda51c6dbf676d52f3454398f3b3670f0b32605d1ffd8142b5ee715ea3fc3458b7fd22f1f2183e9bf703541e7080ac770395ce0a3e7b2f6baaaf31b7bf24f61c8ff3d95262216b7523ec079ee72b21461f4b02ec98ed6d711989ed4ad1bde85e48924c907329dc7e6b11c42573cabe7af", 0x24425de7)
splice(r0, 0x0, r3, 0x0, 0x84ffe8, 0x8)

5m34.780902255s ago: executing program 4 (id=692):
r0 = syz_io_uring_setup(0x2d64, &(0x7f0000000100)={0x0, 0x100577, 0x2, 0x0, 0x42}, &(0x7f0000013000), &(0x7f0000011000))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x2, &(0x7f00000001c0)={0x4, 0x0, 0x0, 0x0, 0x14}, 0xfffffffffffffee4)

5m34.763141996s ago: executing program 4 (id=693):
fchmodat(0xffffffffffffff9c, 0x0, 0x88)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080)={0x204000, 0x12, 0x19}, 0x18)
execveat$binfmt(r1, r0, &(0x7f0000000400)={[], 0x23}, 0x0, 0x0)
syz_clone(0xb00200, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0)

5m34.235777476s ago: executing program 4 (id=694):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

5m33.573715428s ago: executing program 4 (id=700):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x800000000000020, 0x0, [{0x0, 0x0, 0x0}]})

5m30.96843826s ago: executing program 4 (id=707):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000180)={[{@nombcache}, {@oldalloc}, {@norecovery}, {@i_version}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@inlinecrypt}]}, 0x1, 0x445, &(0x7f00000004c0)="$eJzs3MtvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IELCCQOICHBoRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrl0sLJaO3dxHFsNw8nTvHnI20yszvWzNe7Y8/sZBNAzxrOfiQR+yLi94gYrGVXFhiu/bq9eHXq78WrU0lUKm/9lVTL3Vq8OlUULV63N8+MpBHpZ0kcaVLv3OUr5yfL5ZlLeX5s/sL7Y3OXrzx77sLk2ZmzMxcnTp06eWL8hecnnutInFmbbh3+aPboodfeuf7G1Onr7/78bVLE3xBHhwy3O/hEpdLh6rprf1066etiQ1iXUkRkp6u/2v8HoxTLJ28wXv20q40DtlSlUqnsbX14oQL8hyXR7RYA3VF80Wfz32LbpqHHjnDzpdoEKIv7dr7VjvRFmpfpb5jfdtJwRJxe+OerbIutuQ8BALDC99n455lm47807q8r9/98bWgoIu6JiAMRcW9EHIyI+yKqZR+IiAfXWX/jIsnq8U96Y0OBrVE2/nsxX9taOf4rRn8xVMpz+6vx9ydnzpVnjufvyUj078ry423q+OGV375odax+/JdtWf3FWDBvx42+XStfMz05P7mZmOvd/CTicF+z+JOllYAkIg5FxOEN1nHuqW+Otjp25/jb6MA6U+XriCdr538hGuIvJO3XJ8f+F+WZ42PFVbHaL79ee7NV/ZuKvwOy87+n6fW/FP9QUr9eO7f+Oq798XnLOc0a4m96/Q8kb1fTA/m+Dyfn5y+NRwwkr9caXb9/Yvm1Rb4on8U/cqx5/z8Qy+/EkYjILuKHIuLhiHgkb/ujEfFYRBxrE/9PLz/+3ibi31JZ/NPrOv/LiYFo3NM8UTr/43crKh1aT/zZ59/Jamok37OWz7+1tGtjVzMAAADcfdKI2BdJOrqUTtPR0drfyx+MPWl5dm7+6TOzH1ycrj0jMBT9aXGna7Dufuh4Pq0v8hMN+RP5feMvS7ur+dGp2fJ0t4OHHre3Rf/P/FnqduuALed5Lehd9f1/dxfbAWw/3//Qu/R/6F1N+r9pAPSIZt//H3ehHcD2a+j/lv2gh5j/Q+/S/6F36f/Qk+Z2x50fkpeQWJWIdEc04+5KnM7/q8ZOaU+bRLc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj3wAAAP//mnvjug==")
creat(&(0x7f0000000340)='./bus\x00', 0x1c7)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x84)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000003, 0x28011, r2, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, 0x0)

5m30.814696023s ago: executing program 35 (id=707):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000180)={[{@nombcache}, {@oldalloc}, {@norecovery}, {@i_version}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@inlinecrypt}]}, 0x1, 0x445, &(0x7f00000004c0)="$eJzs3MtvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IELCCQOICHBoRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrl0sLJaO3dxHFsNw8nTvHnI20yszvWzNe7Y8/sZBNAzxrOfiQR+yLi94gYrGVXFhiu/bq9eHXq78WrU0lUKm/9lVTL3Vq8OlUULV63N8+MpBHpZ0kcaVLv3OUr5yfL5ZlLeX5s/sL7Y3OXrzx77sLk2ZmzMxcnTp06eWL8hecnnutInFmbbh3+aPboodfeuf7G1Onr7/78bVLE3xBHhwy3O/hEpdLh6rprf1066etiQ1iXUkRkp6u/2v8HoxTLJ28wXv20q40DtlSlUqnsbX14oQL8hyXR7RYA3VF80Wfz32LbpqHHjnDzpdoEKIv7dr7VjvRFmpfpb5jfdtJwRJxe+OerbIutuQ8BALDC99n455lm47807q8r9/98bWgoIu6JiAMRcW9EHIyI+yKqZR+IiAfXWX/jIsnq8U96Y0OBrVE2/nsxX9taOf4rRn8xVMpz+6vx9ydnzpVnjufvyUj078ry423q+OGV375odax+/JdtWf3FWDBvx42+XStfMz05P7mZmOvd/CTicF+z+JOllYAkIg5FxOEN1nHuqW+Otjp25/jb6MA6U+XriCdr538hGuIvJO3XJ8f+F+WZ42PFVbHaL79ee7NV/ZuKvwOy87+n6fW/FP9QUr9eO7f+Oq798XnLOc0a4m96/Q8kb1fTA/m+Dyfn5y+NRwwkr9caXb9/Yvm1Rb4on8U/cqx5/z8Qy+/EkYjILuKHIuLhiHgkb/ujEfFYRBxrE/9PLz/+3ibi31JZ/NPrOv/LiYFo3NM8UTr/43crKh1aT/zZ59/Jamok37OWz7+1tGtjVzMAAADcfdKI2BdJOrqUTtPR0drfyx+MPWl5dm7+6TOzH1ycrj0jMBT9aXGna7Dufuh4Pq0v8hMN+RP5feMvS7ur+dGp2fJ0t4OHHre3Rf/P/FnqduuALed5Lehd9f1/dxfbAWw/3//Qu/R/6F1N+r9pAPSIZt//H3ehHcD2a+j/lv2gh5j/Q+/S/6F36f/Qk+Z2x50fkpeQWJWIdEc04+5KnM7/q8ZOaU+bRLc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj3wAAAP//mnvjug==")
creat(&(0x7f0000000340)='./bus\x00', 0x1c7)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x84)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000003, 0x28011, r2, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, 0x0)

5m10.279158193s ago: executing program 3 (id=776):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x701203, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(0x0, r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe0, 0xb}, {0x9, 0xb}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0xffffffff}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5m5.834014s ago: executing program 3 (id=790):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x400c880)
sendfile(r2, r3, 0x0, 0x20000023896)

5m1.841345098s ago: executing program 3 (id=799):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = dup2(r0, r0)
write$binfmt_misc(r1, &(0x7f0000000000)='8\f', 0x2)
sendmsg$IPSET_CMD_TEST(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24000000}, 0x3e2a61ea7bd4c12b)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r6, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3fffa4000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
ioctl$LOOP_SET_BLOCK_SIZE(r2, 0x125d, 0x10000000010005)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8000000000000000, 0x5, &(0x7f0000000000))
ioctl$GIO_UNISCRNMAP(r7, 0x4b69, &(0x7f0000000780)=""/4096)
ioctl$KDENABIO(r7, 0x4b36)

4m58.714372449s ago: executing program 3 (id=810):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

4m56.457912193s ago: executing program 3 (id=813):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2c2b01, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x1000100, 0x7, 0x6361, 0x805, 0x9, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008050}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56441, 0x70bd29, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x11}, {0xffe6, 0xb}, {0xb, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x30004061}, 0x4000000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

4m54.610927579s ago: executing program 3 (id=819):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES8], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x4012011, r0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)
truncate(&(0x7f0000000080)='./file1\x00', 0xf62)

4m53.674640737s ago: executing program 36 (id=819):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES8], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x4012011, r0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)
truncate(&(0x7f0000000080)='./file1\x00', 0xf62)

4m43.009027146s ago: executing program 8 (id=841):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000080)=0x5f792f8e843a7c4c)

4m41.531618985s ago: executing program 8 (id=844):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x400c880)
sendfile(r2, r3, 0x0, 0x20000023896)

4m38.449003395s ago: executing program 8 (id=850):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x31, r3, 0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000600)={0xaa, 0x138})
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x3})
syz_open_procfs(0x0, &(0x7f0000002340)='fdinfo\x00')
ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000000000/0x800000)=nil, 0x800000})

4m34.350397115s ago: executing program 8 (id=863):
timer_create(0x2, 0x0, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
unshare(0x26020480)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000880)={[{@noauto_da_alloc}, {@inode_readahead_blks}, {@auto_da_alloc}, {@errors_remount}]}, 0xfe, 0x572, &(0x7f0000000240)="$eJzs3U1rVFcfAPD/nSS+JD4aQeRpFyXgohbrxCR9sdCFXZZWKrR7OyTXIJk4kpmISYXqom66KVIopdLSD9B9l9Iv0E8htIIUCe2imyl35o6OyUwS42hG5/eDq+fcc6/nnrn3fzxnzgwTwMCayP4oRLwSEd8kEYfayoYjL5xoHrf24NpstiVRr3/6VxJJvq91fJL/PZZn/h8Rv30VcaKwsd7qyupCqVxOl/L8ZG3x8mR1ZfXkxcXSfDqfXpqemTn99sz0e+++s/HkvTtr6xvn/vn+kzsfnv762Np3v9w7fCuJM3EgL2tvx1O43p6ZiIn8NRmJM+sOnOpBZf0k2e0LYEeG8jgfiawPOBRDedQDL78vI6IODKhE/MOAas4AMs25/abz4PrLN8u7/0FzAtRq+6P2J833RmJfY240upY8NjPKXonxHtSf1fHrn7dvZVv07n0IgC1dvxERp4aHH+v/DkZb/7dzp7ZxzPo69H/w/NzJxj9v7u0w/ik8HP9Eh/HPWIfY3Ymt479wr/OZO1wEWicb/70fncZ/Dxetxofy3P8aY76R5MLFcpr1bVk3eTxG9mb5zdZzTq/drXcrax//ZVtWf2ssmF/HveF1TZ0r1UpP0+Z2929EvLrF+DfpcP+z1+PcNus4mt5+rVvZ1u1/tuo/R7ze8f4/muskm69PTjaeh8nWU7HR3zeP/t6t/t1uf3b/Rzdv/3jSvl5bffI6ftr3b9qtbCLJF02f8Pnfk3zWSO/J910t1WpLUxF7ko837p9upn9sy7eOz9p//Fjn+N/s+d8fEZ9vs/03j9zsemg/3P+5J7r/XRL1pGvR3Y+++KFb/dvr/95qpI7ne7bT/3W+0tG89GmeZgAAAAAAAOhfhYg4EEmh+DBdKBSLzc93HInRQrlSrZ24UFm+NBeN78qOx0ihtdI91vZ5iKn887Ct/PS6/ExEHI6Ib4f2N/LF2Up5brcbDwAAAAAAAAAAAAAAAAAAAH1irMv3/zN/DO321QHPnJ/8hsG1Zfz34peegL7k/38YXOIfBpf4h8El/mFwiX8YXOIfBpf4h8El/gEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp09m231tQfXZrP83JWV5YXKlZNzaXWhuLg8W5ytLF0uzlcq8+W0OFtZ3OrfK1cql6emY/nqZC1NapPVldXzi5XlS7XzFxdL8+n5dOS5tAoAAAAAAAAAAAAAAAAAAABeLNWV1YVSuZwuvVyJQt68bZ91MD+hHy7+xUoM98dlSPQ4sYudEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs818AAAD//0efKxA=")
write$tcp_congestion(0xffffffffffffffff, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x2004084c, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=0x0, @ANYRESHEX, @ANYRES16=r0, @ANYBLOB="2c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646973636172642c00014b3cf244ea5fb7437f2c69f67a093e240a6e978fa4cd2d"], 0x1, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
flistxattr(r0, 0x0, 0x0)

4m31.385529903s ago: executing program 8 (id=868):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000280)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="f3a50f09cbd0640f01c4660f38817ac5baf80c66b814370f8766efbafc0cb000ef0f01c40f07568000048e3665660ff5649ff082622463baf80c66b8b8ba8a8966efbafc0cec8ed8", 0x48}], 0x1, 0x44, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, 0x0}], 0x1, 0xf, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@arm64={0xa2, 0xc, 0x1, '\x00', 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4m30.251209415s ago: executing program 8 (id=872):
mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199)
ptrace(0x10, r0)
ptrace$poke(0x4, r0, &(0x7f0000000080), 0xfffffffffffffffe)

4m29.904683202s ago: executing program 37 (id=872):
mprotect(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199)
ptrace(0x10, r0)
ptrace$poke(0x4, r0, &(0x7f0000000080), 0xfffffffffffffffe)

2m54.996882954s ago: executing program 7 (id=1324):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)=@gettclass={0x24, 0x2a, 0x8, 0x70bd2d, 0x7ff, {0x0, 0x0, 0x0, 0x0, {0x7, 0xd}, {0x8, 0xa}, {0x10, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x8001)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x20004008})

2m54.788147928s ago: executing program 7 (id=1327):
socket$inet(0x2, 0x4000000000000001, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x84022, &(0x7f0000000000)={[{@nr_inodes={'nr_inodes', 0x3d, [0x35]}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x101042, 0x40)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D1o1HcYB/DvJbk7o2A6OLnUOHQSiuJohirJVbEQTqUQHOwbIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLlXsjdQSmWJpTi5zPc87vj4fn+H/ivvwv/a0Mpdk/Ncru8/+nf9jfHeueFnGlMTh1vNpvN00khZ1PMeHH3SpKRDE7N/iSlvjk3v9+59u1vHxYbT0+9eu/cg6WhzZnlvJNkV39zRv/qUcr/bFO2w62Jh2OLV+YqV1tfKvX1jY+T2y8nq6snl5ZXThSPfd76/XLyqNvfeTFGczG1XMqX+WTkjaO+7h0LA/kLrfzaxIUnlfr6d43nBzf2Vobvnj/yet/atfuHkvlWxHTaL3tP6V8u3pe/2Jc/P359Zrl+9MCdPTcO1+49rr4Y/r3Z0Y0sbk0uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb41br48pc5Wpt4sKTSn39m59/+uj2y8nq6sml5ZUTpWPPun2PunWkWy+mlkspJpnNbL7I3JtHzhT68yceji1u5v+xM3l+cGNvpXH3/JHXU2vX7h9qdxUy3SpDW7HxoMH8+vr8+PWZ5frRA3f23Dhcu/e4+mK40zdbzmftdUtJeesfAwAAAAAAAAAAAAAAAAAAgLfc5NTxfdMfVE8nhZzdkeTXr9q37Jvl0R/Tvnnfsb9bn5WT3Ulu7uj8F0Dj6alXpXMPln7pXopfSDkLSXb9sHomeXcz5/JgbLE3mf/SnwEAAP//BjCR7Q==")

2m54.609851811s ago: executing program 7 (id=1330):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800716, &(0x7f0000000080)={[{@dax_always}, {@nogrpid}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@min_batch_time={'min_batch_time', 0x3d, 0xffff}}, {@nombcache}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
unshare(0x4020400)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x2, 0x1}, 0x48)

2m53.611109741s ago: executing program 7 (id=1337):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000000740)=0x2)

2m53.256980718s ago: executing program 7 (id=1338):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x5, 0x6, 0x0, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m53.196117169s ago: executing program 7 (id=1339):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r1 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r1}, &(0x7f0000000080))
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

2m38.031954635s ago: executing program 38 (id=1339):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r1 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r1}, &(0x7f0000000080))
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

2m31.268845617s ago: executing program 6 (id=1428):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000000)='./bus\x00', 0x2c4c87, &(0x7f0000002800)=ANY=[@ANYRES64, @ANYBLOB="3823b7d1f607322399ec76687c44f8142b08deab88623a6d935d31591d804c5d1bed63ca29545a2350230d5f31394de5233840d30bf16459cecb08cdab262fe72e0173dfa5809d9de9590d6dde820ebeeb67fa147599e4115d3f6e45a9f839e741d231beab3ca1530db9729e3a7dcb963b9f5e6c3d828d47bd04ab2fc727e08c15080820bd84ffdfcce859561b28b74a6e3fadd74abe7a891ea187e03d781b1aea65c709d9e4239f9cf31b0a0baaa3304593bf4919548544bcf8ed3992377059a3168667e5cc986de13d26eb03edc881010d171046851a687d12954adfaf2299fa33de30609755b4c45a1a4373e4096651bd952e352aac3676df079a6a6ab9403b050ccdef1152cba5f1e8ae2f6787547360aeea95db1b5a64d932398203fa48ec216debb2cfd73ab8d240f57a94798e20ae3273b246a2b29e206053efdb787fd2d462660829a76c73f5ca6e344e9947a0970d34342a75eb5ca7447bd27f6f177c5da7b06fb776b865f8cf4e5775c762cc0c5bbe1ffa4694ed8bf57163be2a501effbcdc7ec959b1a167d54b619163614b9b9d045d1c751cd7e3611d2e6154541966c28c52630e8417478f3923fc4868ae204e799510d73198f16afa32acea05085b4c8beb485cd4d4ba6695f20d187787b1af6c16565ec5bf15d0e3d533cab69a8a2d7e64120e4fac8910669d885a71abec2469c8fc4ebf09aebbda6dc12bcfa9cb5586583f4062403cda7d1536285a4ae14a86b32684549605c819577f1481ba39df2f61719e1cd42937743ca1871754cd8d5daecb36afeec5e87507964d311c81e699139279b4c47e919e5dc6b0c8ac71034bc76e3199107483ba1fd00ed26b5868043b674d0fd8d20fc1c0ca949a205b092f12a9240a159751eccea4d2e3502fd684137a1e97b7fbea26aab0a44e895fd2c7cee223277da934817191789163bf7b4385fab95e76e4513f9f3d2040bc147a372637756cc3858d39325de3893adfdff9b53764e4ea0a8fa577fe4225a466c8890d78901ad87fe92dbcd2992d7f8fd16df115352bad186bec0c8c7e38f54862773cde9c2cf034694ddfb8a244d772f6fe4eec9cebb325b9c68411f1706368146fdadd83fd5a2e766db5858fcc70d1492f524b936691bdf1cb072000158fd24a26b47cd91b2e697416245e3a814a33feedf40480fa0908085c5a10fc9eeeb2b01cc4bfc9ef93cb19fb091706ebcdb93ef25d1a39d68af822b221a62582331942fddf57c2b2e90b0c92c5ba1381bc8e46bbfeeae4dcdd558ccc804833f39283a389cbb62dbcb7184ed902222f7723ebc5dbf0754e971c481868cf0ad8182871f3b06dfbe61606bb6024bf0f549c9e63c4eaee9defda6492d4e5aef9c0b096959dfef4fccb516fe07bf363a24f612560434653672a3281aeca4bbf1f34e5c91d942e8966320c0f0f369a4e60e1989fb8d4b5db4b62b374806d8d4a2720506525eb8b0e251e34dc1d1feb736e16f9ccaff4ffb737b157b7c0c3687acefd167e1f3d5f85b110537b62a0c6ffd1d69aa0bc50ae39c3cb86a53ed0119f7ecfe56e6f9dc6ea43c48aa8c5e3761d86e0a5694438085b0421092c6e492e31327151cd1840f119e16ed0dc53117a323528e0bc1248a46f7d7396db207f48334dd1674f49ebf587349ad3a2c5cb9362cd795074781cb61b446bf13a48b7ac9fb2eadce826378d49220e5e0ba0023839dedc437190752e17ba0bbfe9167d20ef54aa75f7a793d79413a70472b57fa38a81dc11e06d1ab1791293834c590726a407f1d8c0f8281129768fa8dbb62f3bdc38b097a44560192943c5a9f0604fd6d76ea19dac1aeffbec50b7253901baa0eb2eb05b2f441ea1c3720a093f6cc297e9b594bb5f9539027848518ad6a1ee7f3b13fb7ca6508c2f75bbdcbe6be74fad537d0acce303348d8cd5efbcba0f8cb0c941c3a658656debb2872e77af618c67880ef7440e7eb313e5de027c37a2dbffb4c1ffe1221647923dac47008dcd1f199b324bb8b20639fc204999a1004f37a4a76ece1c9b4d37e0f9082ea4dcaa2126a45e6c68022494e076e433ffbd5343c1c3a69eb896261994a782f999572e5223de5f600f5db38e5485da6cf4caf5a842da02d566033e6291c179f0845afe8100ecbd746f9483f6e567a6ce4a9c9b330948d47e14c386d31986770dacf1f41fff46b551d90997f5cd151059cc6551840ee52c0b3f007104de98db2b1bb80ee76999acde46f0cd43129e8ec47ae9bb5f26393816ba1ca2dc8c69a37ad339a1ecad9e6ff9c4993a7e1696a8c8ebcda2819d0d3416a984b7b80fd8ef89633d289dd6d7ea9228cc43f17c11d1bc0a95ce4dffd69f08c4f4027e6b4a9736ba3dfa0b55cdb1d77d016075cd444effc3632e941eea71cdec7502b472c0eccf3ee0d160d72277533d8c38132223be92d76abf213eac8503d6ad3b2cf0e598ee606d078275f435f86bd0d61832761653d5ed69a98459073f1c22a557fed2f87047154a3edc90ac6a25afef33e9c65c4c924a2692e3ce650de8e7b13a1229d29808935347d2bc33b0673bfb141c3b95d6194cf32c59de23f9c26a7ec60d8820cf42e2e27174638fa103e6944899f13fe09dd037b171ea76bebeb30b7ebc24311211d4f0e2032d2a10d7b244b30503f84c568a68ddc9e54f079d09fa54a8595b51b94c1c78590baed1c2c373b2a55f8f14c265f8c888058845c26deae5b4ef1bdafc76576536b56a5a67592d05f6b49c220d5b2b7a4769c82d7dcd8e90eb89210c6baab2dbe79cf53eb0efa98f4147afa98a4d6c812a18e61eaba2f923c6a951354139f626a94da3c91255614e12cee714250348063636f3171b81186956dfbe16e0a30c8244b7a5bff1235ba278476c9a71974ceee54a5ec90572e7cf2df2f500283c6b4c37413ace100d7c92b0f75dd1565cd6140b795aeb468d5490bb9f352f2d489f170bb83e325675f9d34be7f51499388a254c7639f5a54149250a12e1c43b9c52379d2f5fe55342aaf1e663f27caeac07fa2ad7ac3fd45e855d3a7d10a43d4ba968237e37281135ffc769b9b327b60ad12b5e8517eed233c8514b818aaacdd14d616235e3ce368fb0fc8342b395c3b7d67d9f6fcc24760a36ba6e9a2e705bae47d919b7628dc7b74ca52693510cd90e2c4fe91cb29fc268a8b86730d013e7b3ea435815ab0eeaef94753497655cca1086f6fc495567bd14d3cc98aa05a151200e9ed4e70e71187bf7e5ada4df81790e382a6db6859134f4d7ce626517aa7a42f723105d9e9c553d8609f3eb84cd6ae85eaaf8bc45117b4b3a6c7848e5bd3f5dde4c084072c5bb1da68706d1f20b1c96f2247012f85b55fbcdf7a644583d29e47667b5f9e15ea5947533ec665f730e612f3505033c48cd057cbc1bb8fcfb0f01f4dab75e88137acf72a299cf532af0307702464677f9928ffb0c508a88f509997c458eed271ad4667c61438a62287b0483be4cd9f3a282420e6d21b555c569b499daabc980a4d7bbbe3cbe67e685fac48b10bf68bf0097c10bf5fe81e50b59f586865b97ee7562361b4d18f7459378df7b7348e15b6d7cd5d54864507261d32275bdab67a4bdc1eb1aca8035cc12fd7d9a56079d158b3ea70be26fceb04b2c2cea20c762f53580dd831915110fa2f8e7c3223cf77b4a3f4f614db34521c606610e08f89c865766dc994c3b605d0bc087641482fc578d47d386fc67c4e8d2ae281836db15d2ea7eb19e453f12dfcad476d25cb214c3e6d18c63a225e16788b079ae667740d24d554a972cb3788a5258e616ff541149cfa1cf5f2e41cfff8072904783bb8579ce6e8c6347f4459f222d94bec8bbc8e3cc5b1e8c8674244f9dc5cd3c21edacbf47e42d33f4d01431037171afc4b2580954025c19f8bace0b24d0a32caf8ff691d035968975aeb1a99c152a21e40b7286c0a92b8866cea3a21265c541dea92cb091fc2cd2598b18e63619a9a0142d788c1ac7f7a68864afa527c14457b30d6a2adc438b4c3176c1db8a59597bd33c7901b89e2996eb49e625f655e32b1c37e7056639d3c496e518a1ebd68d570b514d03446c39a932f74001af2bcf2639fc916d70093eb934a0464562e1e75386ed60a707de567f00aa56bd5a0ccc9ae3b950b018245896578ea9aed2700f24a722bd524e988fb60f749936c9b036321f3fc6d705ec4757660034da1b1764b4b896b3e1cec93b830a8c4c82c906a4fc73c29d268860d05178edd3985dfff40342252af48d4c60e94eadcc104004664b66223a6b832475ffb3c80df9fc5448a673f507ef246031a2d9ff37a7b335916fafd2338d5a27258ccbf130cb1e17e8848eb89dce32d30b99f30ee0dd50ebb3834cdead1c63d6863464f04b35a0eb4d55161ccd6ac19e4f804bb35bcc347fe0dfd76b2aee64eeb976afe38e7a9ed6d05774fd9254823b0f1c29e6577a740d4c4b0373f60ac42f86042a67c353fe2cc6262ed6111dac17142129035191728ecc071be9e29627e4626f9512b9f8b641d0eed7da359af06886a5499caf70b5337f171c43a814b82a32dcf270d2a4f751154bb51b97531ed97344be2ae9078944309b8fcd689e607f6781c21c6b16573fd900ae888584f815c473775a545b49d7ae5a7a82f7784ad7e38c9dc6371f68261b659f776c0a0d5384a34082c78e6c8c9ccb61f96ed55eb0c478961f9e59d447f45a2b77b5ffe879b3ab00f040ce91eb530a723a77e4b35f07ff6a083fe34fc19a7736a4e8021ec0ef7fee33fc6f054318fce40dad9ea05827c52ffd5cf8e15fa1c4eb4af1eb978f771f455285a1df6318af00a1ae2451ae0e68a742cc8e931eae61787bff10d2bcd60f68d90dea1543847a339801ed6038644697eadedbebcb0a9f4494eb9b34507b4eb97b37b04d9a6ded26bfe09cd4c42d1c8b623d9a46438b8a696a46ec81f2d464d4337181d0c6784e474689075c5c92a7e504704be97098b689f0746f7cb7ff682c19dac52323dabdbafe399ea850ac1b01210926cb58fb557c38d44510da8ef30137fd01cf9f593aa4654e72f655aaeba3745ce3a5d141546215db3d9f9a33ce04e3a268607844671cc99e3e5fb9ca2c99d4899ece85ef952f9d2f0430134955ac361880e8b50d019a70106b2794bfa247fc2df8c44eea8cf2ebfdd2fed1fa01c566a40f2d73cf50971ed74c12bd1c4311761ea3b8c7e8a7679d6fe0f85c48017688201d7947a2fa3f259863e759f13bffb30eadd662989b960103c38cb0b8affaf3b6135bcbabe10b6e834f89edc72b3148f5d5861ef1e1ebb91462d8e3e05603e3ddb2a8928e8ffe5f740b1c08f6fecc978670ae96eca6255963361f717ebbaa3796e3dab577b39f6c869c54df26947ae5119107f312b197f09929062ff5f6b7b191be5a4b6f1898254d8d7043b68063d3dbf453e4eb0f563bb96d4b699968158c7ce527d56cd022cbb33bbd061bf6ea70faf9a73a79f2efa14d9654242d4286ed2fd2757cdf6a18261579dc14a0e71ce45580a7031bac78077b1dbfac3700250f8a998560194b8560c05b82c24a912064c0785721cdfbc84d1dbfc5c5691d345144af8f0bd25be1df822340ff5cb209b66c70de13bfd89e2728b623d6d8df6efb2214f1ee5f7da8449fa31bb376e8ac56ec9873fc90972bfc5a1bdf010d0c7db6e9d5399fcdf28299de6511e64b8899d07170d057f3070bfd7047c8f3185fd8d9829cb43211203e2647c46e83b815a6891281afe454bc488a07baedd02de010b2965f2b74e13971788c6ded334b8058f54cd702e5d5d982df12ce8044", @ANYRESOCT=0x0], 0xfb, 0xc41, &(0x7f0000001b80)="$eJzs3U9sHNd9B/DfG5Hi0m4rxnYUJ42LTVuksmK5+hdTsQp3VdNsA8gyEYq5BeCKpNSFKZIgqUY20oLupYceAhRFDzkRaI0CKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAOQUMZvatuKRJmzb/iLI+H5v67s68N/PezHJGIvjmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ8QcvXTl7Lt3vVgAAh+na6NfOnnf/B4CHynX//gcAAAAAAAAAAAAAgKMuRRGPR4q5a2tpvHrfVrva6r1zd2xoePtq/amqeawqX37Vzp2/cPHLzw1e6uTV1swH1N9vn4tXRq9fqb84e3tufmphYWqyPjbTmpidnNr1FvZaf6vT1QGo3371zuTNmwv1889e2LT67sB7fY+eHLg8+PSZpzplx4aGh0c3itS6y/d87Ia07TTC43gUcSZSPPO9n6ZmRBSx92NRO9xzv1V/1YnTVSfGhoarjky3mjOL5cqRzoEoIupdlRqdY7T9uYie3kPtw84aEUtl88sGny67NzrXnG/emJ6qjzTnF1uLrdmZkdRubdmfehRxKUUsR8Rq3/s31xtF9ESK75xYSzci4ljnOHypGhi8czuKA+zjLpTtrPdGLBcPwDk7wvqiiJcjxc/ePhUT+TpTXWu+GPFymT+IeLPMFyJS+cG4GPHuNp8jHkw9UcRfluf/8lqarK4HnevK1a/Xvzpzc7arbOe68hHvD++7Utyn+0P/ljwcR/zaVIsimtUVfy19/L/sAAAAAAAAAAAAAAAAALDf+qOIz0aKl/7jT6pxxVGNSz9xefAPB361e8z4kx+ynbLssxGxVOxuTO7xPDBwJI2kdJ/HEj/MalHEn+bxf2/c78YAAAAAAAAAAAAAAAAAAAA81Ir4SaR4/p1TaTm65xRvzdyqX2/emG7PCtuZ+7czZ/r6+vp6PbWzkXM851LO5ZwrOVdzRpHr52zkHM+5lHM550rO1ZxxLNfP2cg5nnMp53LOlZyrOaMn18/ZyDmecynncs6VnKs544jM3QsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ElSRBG/iBTf/uZaihQRjYjxaOdK3/1uHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ6ktFfD9S1P+ocW9ZT0Sk6v+2U+UfF6NxvMzHojFY5gvRuJKzWWVP44370H72pjcV8eNI0Vd7K1JPe1k+/73td/c+BvHmtzbefS6XPdZZOfBe36MnT1weHP6NJ3d6nbZrwOmrrZk7d+tjQ8PDo12Le/LeH+taNpD3W+xT34lYeO31V5vT01PzH/9F+RHYQ/UH6EX5DXIEmuHFYb2IniPRjPvTdx4C5f3/3Ujxu+/8Z+eG377/1+JX2u/u3eHj53+2cf9/fuuGdnn/79laL9//y3v6dvf/x7uWPZ//NtLbE1FbvD3XezKitvDa62dat5u3pm5NzVw8e/Yrg4NfuXC293hE7WZreqrr1b4cLgAAAAAAAAAAAAAAAIDDk4r4/UjR/PFaqkfE3Wq81sDlwafPPHUsjlXjrTaN235l9PqV+ouzt+fmpxYWpibrYzOtidnJqd3urlYN9xobGj6Qznyo/gNuf3/txdm51+Zbt/54cdv1j9Su3FhYnG9ObL86+qOIaHQvOV01eGxouGr0dKs5U1Ud2XYw/UfXm4r4r0gxcbGevpCX5fH/W0f4bxr/v7R1Qwc0/v9TXcvKfaZUxM8jxe/81ZPxhaqdj8T7jlku93eR4vSlz+dycbws12nDY9VDBNojA8uy/xcp/ukXm8t2xkO2xyBWZc/t/sg+GMrzfyJSfP8vvhu/mZdtfv7D9uf/ka0bOqDz/0TXskc2Pa9gz10nn/8zkeKFx9+K38rLPuj5H51nb5zKhe89n+OAzv+nu5YN5P3+9v50HQAAAAAAAAAA4IHWm4r4+0jxw+Ge9Fxetpvf/5vcuqED+v2vz3Qtm9yf+Yo+9MWeDyoAAAAAHBG9qYifRIpbi2/dG0O9efx31/jP39sY/zmUtqytfs73a9VzA/bz53/dBvJ+x/febQAAAAAAAAAAAAAAAAAAADhSUiriuTyf+ng1nn9yx/nUVyLFS//zTC6XTpblOvPAD1R/1q7Nzpy5Mj09O9FcbN6YnqqPzjUnpsq6T0SKtb/9fK5bVPOrd+abb8/xvjEX+3ykGP6HTtn2XOyducmf2Ch7riz7qUjx3/+Yy66vV2U781h/eqPs+bLs30SKb/zL5u12yp7cKHuhLPvdSPGjb9Q7ZR8py3aej/qZjbLPTswWB3BWAAAAAAAAAAAAAAAAAAAAeNj0piL+PFL87+3le2P58/z/vV1vK29+q2u+/y3uVvP8D1Tz/+/0+uPM/189V2Bpp70CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnU4oiXo8Uc9fW0kpf+b6tdrU1c+fu2NDw9tX6U1XzWFW+/KqdO3/h4pefG7zUyQ+uv98+G6+MXr9Sf3H29tz81MLC1GR9bKY1MTs5test7LX+VqerA1C//eqdyZs3F+rnn72wafXdgff6Hj05cHnw6TNPdcqODQ0Pj3aV6en9qDt9Y8c1aYflx6OIv44Uz3zvp+mHfRFF7P1YbPvZ6dt9L/aov+rE6aoTY0PDVUemW82ZxXLlSOdAFBH1rkqNzjHat3NxQBoRS2XzywafLrs3Otecb96YnqqPNOcXW4ut2ZmR1G5t2Z96FHEpRSxHxOo256A3ing1UnznxFr6176IY53j8KVro187e37ndhQH2MddKNtZ741YLh6Ac3aE9UUR/xwpfvb2qfi3voieaH/FFyNeLvMHEW9G+3yn8oNxMeLdw/te5oD1RBH/X57/y2vp7b7yetC5rlz9ev2rMzdnu8p2risHcn84PP2Hurcjfm2qRRE/qq74a+nffV8DAAAAAAAAAAAAAAAAHCFF/HqkeP6dU6kaH3xvTHFr5lb9evPGdHtYX2fsX2fM9Pr6+no9tbORczznUs7lnCs5V3NGkevnbJRZW18fz++Xci7nXMm5mjOO5fo5GznHcy7lXM65knM1Z/Tk+jkbOcdzLuVczrmSczVnHJGxewAAAAAAAAAAAAAAAAAAwCdLUf2X4tvfXEvrfe35pcejnSvmA/3E+2UAAAD//xtt+zc=")
socket$netlink(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, 0x0, 0x2400c800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x33}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x240007fd, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0x92, 0x10000, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x2, 0xff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4a22, 0x1, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x7}, 0x1c)

2m28.922105793s ago: executing program 6 (id=1433):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000580)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xeaEb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k\x00', 0x0)
socket$packet(0x11, 0x2, 0x300)
io_uring_enter(0xffffffffffffffff, 0x3ea3, 0xfbe3, 0x20, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2m26.586908738s ago: executing program 6 (id=1443):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}, &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000540)='GPL\x00', 0x200005, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r1, 0x8b2a, &(0x7f0000000040))

2m26.260940185s ago: executing program 6 (id=1444):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x58}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)

2m23.604001427s ago: executing program 6 (id=1455):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800716, &(0x7f0000000080)={[{@dax_always}, {@nogrpid}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@min_batch_time={'min_batch_time', 0x3d, 0xffff}}, {@nombcache}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
unshare(0x4020400)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x1}, 0x48)

2m21.792778742s ago: executing program 6 (id=1460):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x181, 0xfffffffb})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x3e, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x30}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)

2m21.634864195s ago: executing program 39 (id=1460):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x181, 0xfffffffb})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x3e, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x30}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)

13.842637689s ago: executing program 0 (id=2164):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x181341, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000400)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000340)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mknod$loop(0x0, 0xc000, 0x1)
io_uring_setup(0x7fe7, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
write$evdev(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x5, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r1)
setpgid(0x0, r1)
syz_read_part_table(0x1054, &(0x7f0000002100)="$eJzsz7utAjEUBNDZz3u7G21LUASdkFMKEQlVICGRUAQhZYAwWFSAENI5gT321QQ3fFXT1TSWsz43WSQ5znXa5jTmNk+1NuWvzyHJ/+6a4fHTlEGf9ZxziZchWU7tq9E/r233zslq/+H1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAn3AMAAP//EFEKIw==")
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = getpgid(0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x11223}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_PID={0x8, 0x13, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x48000)

11.812650039s ago: executing program 0 (id=2174):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x7, 0x9)
write$P9_RWRITE(r4, &(0x7f0000000040)={0xb}, 0x11000)
read(r3, &(0x7f0000032440)=""/102364, 0x18fdc)
write$FUSE_LSEEK(r4, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x7}}, 0x18)
r5 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000200), 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x7e)
prctl$PR_GET_ENDIAN(0x13, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x1f2f, 0x0, 0x0, 0x0, 0x0, 0x241, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB='w\b\x00\x00', @ANYRES16=r9, @ANYBLOB="a18300000000000000000500000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990000000000000000004e000e00808c0500080211000000ffffffffffff5050505050503400fcff00000000000000001c0064000a01010006020800050300bd003c04010509ff7107000100010208087606d003340002000000"], 0x78}}, 0x4040000)
sendmsg$IPCTNL_MSG_CT_DELETE(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x6, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000)

9.891390546s ago: executing program 0 (id=2182):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x701203, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

8.780969548s ago: executing program 9 (id=2186):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x70bd2a, 0xffffffff, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x0, 0x3, 0x3, {@in6_addr=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x86dd}}}]}, 0x38}}, 0x40084c0)

8.759112918s ago: executing program 0 (id=2187):
prlimit64(0x0, 0x7, 0x0, 0x0)
semctl$IPC_SET(0x0, 0x0, 0x1, 0x0)
syz_io_uring_setup(0x3ff1, &(0x7f0000000500)={0x0, 0x0, 0x8}, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
semget$private(0x0, 0x7, 0x308)

6.404988804s ago: executing program 9 (id=2193):
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x16)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f00000000c0), 0x4)

5.61612328s ago: executing program 0 (id=2206):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x7, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffd2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
setxattr$trusted_overlay_nlink(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x1)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, &(0x7f0000000180)=0x7, 0x4)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4)
setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f0000000100)=0x8, 0x4)
sendmmsg$inet6(r1, &(0x7f0000000400)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x800, @loopback}, 0x1c, 0x0}}], 0x1, 0x60040000)
recvmmsg(r1, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/129, 0x81}, 0xdb30}], 0x1, 0x40002042, 0x0)
r2 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r2, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8200, 0x0, 0xfffffffffffffed9, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)
unlink(&(0x7f0000000100)='./file0/file0\x00')

5.515490452s ago: executing program 9 (id=2198):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000400)={0xa, 0x2, 0x13, @loopback, 0x9}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000140)=0x7, 0x4)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000080)=0xfffffffe, 0x4)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

4.765367647s ago: executing program 0 (id=2199):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = io_uring_setup(0x1ec1, &(0x7f0000000040)={0x0, 0xcba1, 0x8, 0x3, 0x2c0})
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)

4.56679946s ago: executing program 9 (id=2204):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)='/', 0x1}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0)

4.194461358s ago: executing program 1 (id=2210):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x7, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffd2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
setxattr$trusted_overlay_nlink(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x1)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, &(0x7f0000000180)=0x7, 0x4)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4)
setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f0000000100)=0x8, 0x4)
sendmmsg$inet6(r1, &(0x7f0000000400)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x800, @loopback}, 0x1c, 0x0}}], 0x1, 0x60040000)
recvmmsg(r1, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/129, 0x81}, 0xdb30}], 0x1, 0x40002042, 0x0)
r2 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r2, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8200, 0x0, 0xfffffffffffffed9, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)
unlink(&(0x7f0000000100)='./file0/file0\x00')

3.282365036s ago: executing program 1 (id=2214):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x1, 0x4)
socket(0x6, 0x800, 0x6fb3)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
syz_emit_ethernet(0x5b, &(0x7f00000010c0)={@local, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x10, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x39, 0x0, @gue={{0x2, 0x0, 0x3, 0xc, 0x100}, "bd138189b11da1b22021f596c3bb91216125d24dd98ca913d9c8dd98667c55ed05fd0cbd7d39fbd274"}}}}}}, 0x0)

3.167687628s ago: executing program 1 (id=2215):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x48100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0xda, 0x0, 0x0)
shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000340)="a836", 0x2}], 0x1}, 0x4040001)
recvmsg$unix(r1, &(0x7f00000038c0)={0x0, 0x0, 0x0}, 0x1)

3.167233918s ago: executing program 2 (id=2216):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000400)={0xa, 0x2, 0x13, @loopback, 0x9}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000140)=0x7, 0x4)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000080)=0xfffffffe, 0x4)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

3.097012399s ago: executing program 5 (id=2217):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={0x20, r1, 0x101, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x200000d0}, 0x0)

3.04878063s ago: executing program 1 (id=2218):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_open_dev$evdev(0x0, 0x0, 0x822b01)
io_setup(0x1, 0x0)
ioctl$EVIOCGRAB(r5, 0x40044590, 0x0)
write$char_usb(r5, 0x0, 0x0)
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x804)

3.004058321s ago: executing program 5 (id=2219):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r1, @ANYBLOB="050000000000e8ffffff0e00000008000300", @ANYRES32=r2], 0x90}, 0x1, 0x0, 0x0, 0x4800}, 0x0)

2.428892032s ago: executing program 5 (id=2220):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x2, 0x6b, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000385352608f20446b76e8e01020301090259000104e9000909049300000e0100ff0a2401020005028a010209240603040001a5301124"], 0x0)
ioctl$EVIOCRMFF(r0, 0xc0085508, &(0x7f0000000240)=0x6)

2.096791878s ago: executing program 1 (id=2221):
sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, 0x0, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, 0x0, 0x809d)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000499000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x5)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e24, 0x0, @empty}, 0x1c)
sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x14)
socket$netlink(0x10, 0x3, 0xb)

2.03057137s ago: executing program 2 (id=2223):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r1 = syz_open_pts(r0, 0x900)
ioctl$TIOCMBIS(r1, 0x5416, 0x0)

1.900969132s ago: executing program 2 (id=2224):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f00000005c0)={[{@errors_remount}, {}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
mkdir(&(0x7f0000000300)='./bus\x00', 0x1a0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000e00)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @a}})
close(0xffffffffffffffff)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4)

1.834168344s ago: executing program 2 (id=2225):
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000d00)='./file0\x00')
chmod(&(0x7f0000000180)='./file0\x00', 0x23f)
setuid(0xee01)
r0 = syz_create_resource$binfmt(&(0x7f0000000400)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff)
renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)

1.712341096s ago: executing program 2 (id=2226):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x7, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffd2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[], 0x2, 0x1509, &(0x7f0000001c40)="$eJzs3Au0jtXWOPA511oPm8Sb5L7mmg9vclkkSS4JiSRJjiS5JSRJkoTEJrckJCH3JPeQ3EJyv99yT5IjSZKQkGT9h079nXM63+l83znn842z52+MZ+w19/vO+c5nz733+zxrjL2/7jCoSr2qleowM/xT8E8fUgEgBQD6AkAWAIgAoGTWklkBh0IGjan/3IuIf60Hpl7pDsSVJPNP22T+aZvMP22T+adtMv+0Teaftsn80zaZvxBp2dZpua6RI+0e/3v7/yD7///nyPv/f5DDRUd/vr7odR3/Gyky/7RN5p+2yfzTNpl/2ibzT9tk/v/hIoCKf+dhmX/aJvMXIi270vvPclzZ40p//wkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESBvOhcsMAPy6vtJ9CSGEEEIIIYQQ4l8npP/zKN2Va0QIIYQQQgghhBD/RggKNBiIIB2khxTIABnhKsgEV0NmyAIJuAaywrWQDa6D7JADckIuyA15IC9YIHDAEEM+yA9JuB4KwA1QEApBYSgCHopCMbgRisNNUAJuhpJwC5SCW6E0lIGyUA5ug/JwO1SAilAJ7oDKcCdUgapwF1SDu6E63AM14F6oCfdBLbgfasMfoA48AHXhQagHD0F9eBgaQENoBI2hyf8o/3noAi9AV+gGqdAdesCL0BN6QW/oA33hJegHL0N/eAUGwEAYBK/CYHgNhsDrMBSGwXB4A0bASBgFo2EMjIVx8CaMh7dgArwNE2ESTIYpMBWmwXR4B2bATJgF78JseA/mwFyYB/NhAbwPC2ERLIYPYAl8CEthGSyHFbASVsFqWANrYR2shw2wETbBZtgCW+Ej2AbbYQfshF2wG/bAx7AXPoF98Cnsh8/+Oj/L388/+1f5HREQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jArJgVs2E2zI7ZMSfmxNyYG/NiXiQkZGTMh/kwiUksgAWwIBbEwlgYPXoshsWwON6EJbAElsSSWApLYWksg2WwHJbD8lgeK2AFrISVsDJWxipYBe/Cu/BurI7VsQbWwJpYE2thLayNtbEO1sG6WBfrYT2sj/WxATbARtgIm2ATbIpNsRk2wxbYAltiS2yFrbA1tsY22AbbYltsh+2wPbbHDtgBO2In7ITP4/P4Ar6A3bCy6o49sAf2xJ7YG/tgH3wJ++HL+DK+ggNwIA7CV/FVfA2H4BkcisNwOA7H8mokjsLRyGosjsNxOB7H4wScgBNxEk7CKTgVp+F0nI4zcCbOxHdxNr6H7+FcnIvzcQEuwIW4CBfjYlyCZ3EpLsPluAJX4ipciWtwLa7B9bgB1+Mm3IRbcAt+hB/hdtyOO3En7sbd+DF+jJ/gJzgA9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPIfn8Dyexwv4bO4v6+4utG4AqEuMMiqdSqdSVIrKqDKqTCqTyqwyq4RKqKwqq8qmsqnsKrvKqXKq3Cq3yqvyKlKkWMUqn8qnkiqpCqgCqqAqqAqrwsorr4qpYqq4Kq5KqBKqpLpFlVK3qtKqjGruy6lyqrxq4SuoiqqSqqQqqztVFVVVVVXVVDVVXVVXNVQNVVPVVLXU/aq26o698QF1aTL11ECsrwZhA9VQNVKN1Wv4iGqqhmAz1Vy1UI+pYTgUW6mmvrV6UrVRo7CtelqNxmdUezUWO6jnVEfVSXVWz6suqpnv+ut2p5qCPVUv1Vv1UTPwTnVpYlXUK2qAGqgGqVfVfHxNDVGvq6FqmBqu3lAj1Eg1So1WY9RYNU69qcart9QE9baaqCapyWqKmqqmqenqHTVDzVSz1LtqtnpPzVFz1Tw1Xy1Q76uFapFarD5QS9SHaqlapparFWqlWqVWqzVqrVqn1qsNaqPapDarLWqr+khtU9vVDrVT7VK71R71sdqrPlH71Kdqv/pMHVB/VAfV5+qQ+kIdVl+qI+ordVR9rY6pb9Rx9a06oU6qU+o7dVp9r86os+qc+kGdVz+qC+ondVEFBRq10lobHel0Or1O0Rl0Rn2VBn21zqyz6IS+RmfV1+ps+jqdXefQOXUunVvn0Xm11aSdZh3rfDq/TurrdQF9gy6oC+nCuoj2uqgupm/UxfVNuoS+WZfUt+hS+lZdWpfRZXU5fZsur2/XFXRFXUnfoSvrO3UVXVXfpavpu3V1fY+uoe/VNfV9upa+X9fWf9B19AO6rn5Q19MP6fr6Yd1AN9SNdGPdRD+im+pHdTPdXLfQj+mW+nHdSj+hW+sndRv9lG6rn9bt9DO6vX5Wd9DP6Y66k+6sf9IXddBddTedqrvrHvpF3VP30r11H91Xv6T76Zd1f/2KHqAH6kH6VT1Yv6aH6Nf1UD1MD9dv6BF6pB6lR+sxeqwep9/U4/VbeoJ+W0/Uk/RkPUVP1dN0718qzfoH8t/6G/n9f371LXqr/khv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+gv9On9ff6jD6rz+of9Hl9Xl/45WsABo0y2hgTmXQmvUkxGUxGc5XJZK42mU0WkzDXmKzmWpPNXGeymxwmp8llcps8Jq+xhowzbGKTz+Q3SXO9KWBuMAVNIVPYFDHeFDXFzI3/dP7v9dfENDFNTVPTzDQzLUwL09K0NK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1Xk2pSTQ/zoulpepnepo/pa14y/Uw/09/0NwPMADPIDDKDzWAzxAwxQ81QM9wMNyPMCDPKjDJjzBgzzowz4814M8FMMBPNRDPZTDZTzVQz3Uw3M8wMM8vMMrPNbDPHzDHzzDyzwCwwC81Cs9gsNkvMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLl32RilRkIhOli9JFKVFKlDHKGGWKMkWZo8xRIkpEWaOsUbbouih7lCPKGeWKckd5olSwEUUu4iiO8kX5o2R0fVQguiEqGBWKCkdFIh8VjYpFN0bFo5uiEtHNUcnolqhUdGtUOioTlY3KRbdF5aPbowpRxahSdEdUObozqhJVje6KqkV3R9Wje6Ia0b1Rzei+qFZ0f1Q7+kNUJ3ogqhs9GNWLHorqRw9HDaKGUaOocdTkX1o/hDM5HvVdbTebarvbHvZF29P2sr1tH9vXvmT72Zdtf/uKHWAH2kH2VTvYvmaH2NftUDvMDrdv2BF2pB1lR9sxdqwdZ9+04+1bdoJ92060k+xkO8VOtdPsdPuOnWFn2ln2XTvbvmfn2Ll2np1vF9j37UK7yC62H9gl9kO71C6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9V+ZLfZ7XaH3Wl32d12j/3Y7rWf2H32U7vffmYP2D/ag/Zze8h+YQ/bL+0R+5U9ar+2x+w39rj91p6wJ+0p+509bb+3Z+xZe87+YM/bH+0F+5O9aMOli/tLb+9kyFA6SkcplEIZKSNlokyUmTJTghKUlbJSNspG2Sk75aSclJtyU17KS5cwMeWjfJSkJBWgAlSQClJhKkyePBWjYlScilMJKkElqSSVolJUmkpTWSpLt9FtdDvdThWpIt1Bd9CddCdVpapUjapRdapONagG1aSaVItqUW2qTXWoDtWlulSP6lF9qk8NqAE1okbUhJpQU2pKzagZtaAW1JJaUitqRa2pNbWhNtSW2lI7akftqT11oA7UkTpSZ+pMXagLdaWulEqp1IN6UE/qSb2pN/WlvtSP+lF/6k8DaAANokE0mAbTEBpCQ2kYDac3aASNpFE0msbQWBpH42g8jacJNIEm0kSaTJNpKk2l6TSdZtAMmkWzaDbNpjk0h+bRPFpAC2ghLaTFtJiW0BJaSktpOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSP9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6QSfoFJ2i03SaztAZOkfn6Dz9SBfoJ7pIgVKcgozuKpfJXe0yuywuxWVwl+IIAC7FOV0ul9vlcXmdddldjr+IyTlX0BVyhV0R511RV8zd+Ju4tCvjyrpy7jZX3t3uKvwmrubudtXdPa6Gu9dVdXf9RVzT3edquYdcbfewq+MaurqusavnHnL13cOugWvoGrnGrqV73LVyT7jW7knXxj31m3ihW+TWunVuvdvg9rpP3Dn3gzvqvnbn3Y+uq+vm+rqXXD/3suvvXnED3MDfxMPdG26EG+lGudFujBv7m3iym+KmumluunvHzXAzfxMvcO+72W6xm+Pmunlu/s/xpZ4Wuw/cEvehW+qWueVuhVvpVrnVbs3/73WF2+Q2uy1uj/vYbXPb3Q630+1yu3+OL53HPvep2+8+c0fcV+6g+9wdcsfcYfflz/Gl8zvmvnHH3bfuhDvpTrnv3Gn3vTvjzv58/pfO/Tv3k7voggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5AlfkSnwHVw6Bq3BVvour8d1cne/hGnwv1+T7uBbfz7X5D1yHH+C6/CDX44e4Pj/MDbghN+LG3IQf4ab8KDfj5tyCH+OW/Di34ie4NT/JbfgpbstPczt+htvzs9yBn+OO3Ik78/PchV/grtyNU7k79+AXuSf34t7ch/vyS9yPX+b+/AoP4IE8iF/lwfwaD+HXeSgP4+H8Bo/gkTyKR/MYHsvj+E0ez2/xBH6bJ/IknsxTeCpP4+n8Ds/gmTyL3+XZ/B7P4bk8j+fzAn6fF/IiXswf8BL+kJfyMl7OK3glr+LVvIbX8jpezxt4I2/izbyFt/JHvI238w7eybt4N+/hj3kvf8L7+FPez5/xAf4jH+TP+RB/wYf5Sz7CX/FR/pqP8Td8nL/lE3yST/F3fJq/5zN8ls/xD3yef+QL/BNf5MAQY6xiHZs4itPF6eOUOEOcMb4qzhRfHWeOs8SJ+Jo4a3xtnC2+Ls4e54hzxrni3HGeOG9sY4pdzHEc54vzx8n4+rhAfENcMC4UF46LxD4uGheLb4yLxzfFJeKb45LxLXGp+NYYUsvED91bLr4tLh/fHleIK8aV4jviyvGdcZW4anxXXC2+O64e3xPXiO+NS8T3xbXi++Pa8R/iOvEDcd34wbhe/FBcP344bhA3jBvFjeMm8SNx0/jRuFncPG4RPxa3jB+PW8VPxK3jJ+M28VO/+3hq3D3uEb8YvxiHcI/65T4xuTC5KLk4+UFySfLD5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCFXTg0evvPbGRz6dT+9TfAaf0V/lM/mrfWafxSf8NT6rv9Zn89f57D6Hz+lz+dw+j8/rrSfvPPvY5/P5fdJf7wv4G3xBX8gX9kW890V9Md/YN/FNfFP/qG/mm/sW/jH/mH/cP+6f8E/4J30b/5Rv65/27fwzvr1/1j/rn/MdfSff2T/vu/gXfFffzaf6VN/D9/A9fU/f2/f2fX1f38/38/19fz/AD/CD/CA/2A/2Q/wQP9QP9cP9cD/Cj/Cj/Cg/xo/x4/w4P96P9xP8BD/RT/ST/WQ/1U/10/10P8PP8LP8LD+74Gw/x8/x8/w8v8Av8Av9Qr/YL/ZL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/hD/sv/RH/lT/qv/bH/Df+uP/Wn/An/Sn/nT/tv/dn/Fl/zv/gz/sf/QX/k7/ogx+XeDMxPvFWYkLi7cTExKTE5MSUxNTEtMT0xDuJGYmZiVmJdxOzE+8l5iTmJuYl5icWJN5PLEwsSixOfJBYkvgwsTSxLLE8sSKxMrEqEUKebXHIF/KHZLg+FAg3hIKhUCgcigQfioZi4cZQPNwUSoSbQ8lwSygVbg2lQ5lQNjwcGoSGoVFoHJqER0LT8GhoFpqHFuGx0DI8HlqFJ0Lr8GRoE54KbcPToV14JrQPz4YO4bnQMXQKncPzoUt4IXQN3UJq6B56hBdDz9Ar9A59Qt/wUugXXg79wythQBgYBoVXw+DwWhgSXg9Dw7AwPLwRRoSRYVQYHcaEsWFceDOMD2+FCeHtMDFMCpPDlDA1TAvTwzthRpgZZoV3w+zwXpgT5oZ5YX5YEN4PC8OisDh8EJaED8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBR2Ba2hx1hZ9gVdoc94eOwN3wS9oVPw/7wWTgQ/hgOhs/DofBFOBy+DEfCV+Fo+DocC9+E4+HbcCKcDKfCd+F0+D6cCWfDufBDOB9+DBfCT+Gi/M2aEEIIIcQ/RP/O493/xufSAcCvt0Q9AODq7bkO/3XNjdn/tO6lcrdMAMCT3To88OtRuXJqauovz12qIco/FwASf1n/13gZtIDHoTU0h+J/s79eqtN5/p36yVsAMv5ZTgpcji/Xv+m/qP/IY8MXlorPZf079ecCFMx/OScDXI4v1y/xX9TP0fR3+s/w+TiAZn+Wkwkux5frF4NH4Slo/RfPFEIIIYQQQggh/qSXKtvu9+6fL92f5zaXc9LD5fj37s+FEEIIIYQQQghx5T3TqfMTj7Ru3bzdP7bAX/YF/ntZspDFf84iwy8/Ov9X+vk3La7kbyUhhBBCCCHEv8Pli/4r3YkQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJF2/W/8O7ErfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfb/AgAA//+wBDLo")
setxattr$trusted_overlay_nlink(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x1)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4808, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, &(0x7f0000000180)=0x7, 0x4)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4)
setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f0000000100)=0x8, 0x4)
sendmmsg$inet6(r1, &(0x7f0000000400)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x800, @loopback}, 0x1c, 0x0}}], 0x1, 0x60040000)
recvmmsg(r1, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/129, 0x81}, 0xdb30}], 0x1, 0x40002042, 0x0)
r2 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r2, &(0x7f0000000b00)={0x2, 0x0, @remote}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8200, 0x0, 0xfffffffffffffed9, 0x0, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg$inet(r2, &(0x7f0000005240), 0x4000095, 0x0)
unlink(&(0x7f0000000100)='./file0/file0\x00')

1.680954327s ago: executing program 9 (id=2227):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8200, 0x0, 0xfffffffffffffed9, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x80)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x40, 0x5, 0x80}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfbf, r7, 0x0, 0xa0028000}, 0x38)

973.10343ms ago: executing program 9 (id=2228):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x1, "00a138aa9318d5dd70770000e08eb1d10d552900", <r1=>0xffffffffffffffff})
poll(&(0x7f0000000040)=[{r1, 0x10}], 0x1, 0x10001)
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000140)=0x816)

222.770995ms ago: executing program 2 (id=2229):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="0000000000000000050000000000000095000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0xe, '\x00', 0x0, @cgroup_skb}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fallocate(0xffffffffffffffff, 0x3, 0x80007, 0x8000c60)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "1a81e8757963cd9f1eac96aedc6bf48a4a1ca5dbd0d1989f0ca0897c993a12eaf352cc2a953a5b0bd011b178ffe88a0a00", 0x36}, 0x48, 0xfffffffffffffffd)
r2 = add_key$keyring(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$chown(0x4, r2, 0xee01, 0x0)

222.568855ms ago: executing program 5 (id=2230):
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000140)='cpuset.sched_load_balance\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000040), 0x1)

130.050637ms ago: executing program 1 (id=2231):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x181341, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000400)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000340)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mknod$loop(0x0, 0xc000, 0x1)
io_uring_setup(0x7fe7, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
write$evdev(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x5, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r1)
setpgid(0x0, r1)
wait4(r1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = getpgid(0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x11223}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_PID={0x8, 0x13, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x48000)

38.014849ms ago: executing program 5 (id=2232):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000000780)=[{{&(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

0s ago: executing program 5 (id=2233):
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000005c0)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="10b074", 0x3}], 0x1, 0x0, 0x0, 0x4}], 0x1, 0x4000000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d", @ANYRES64], 0xf8)

kernel console output (not intermixed with test programs):

43] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.764423][ T4249] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  230.819686][ T4249] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  230.866825][ T4249] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.898134][ T4249] usb 8-1: config 0 descriptor??
[  232.450762][ T4249] usbhid 8-1:0.0: can't add hid device: -71
[  232.457045][ T4249] usbhid: probe of 8-1:0.0 failed with error -71
[  232.496828][ T4249] usb 8-1: USB disconnect, device number 6
[  232.597805][ T7993] netlink: 'syz.7.1008': attribute type 4 has an invalid length.
[  232.646815][ T7993] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.1008'.
[  232.692552][ T7986] loop0: detected capacity change from 0 to 4096
[  232.731603][ T7986] EXT4-fs (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  232.801513][ T7986] EXT4-fs (loop0): Test dummy encryption mode enabled
[  232.829591][ T8001] loop7: detected capacity change from 0 to 512
[  232.835215][ T7986] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  232.872009][ T7986] EXT4-fs (loop0): DAX unsupported by block device.
[  232.966398][ T8001] EXT4-fs (loop7): mounted filesystem without journal. Opts: quota,journal_ioprio=0x0000000000000001,dioread_lock,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  233.129041][ T8001] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.046053][ T8018] xt_nat: multiple ranges no longer supported
[  234.548336][ T8033] loop7: detected capacity change from 0 to 164
[  234.607217][ T8035] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1009'.
[  234.646002][ T8033] Unable to read rock-ridge attributes
[  234.718203][ T8033] iso9660: Corrupted directory entry in block 4 of inode 1792
[  234.755129][ T8039] loop9: detected capacity change from 0 to 512
[  234.792868][ T8039] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  234.846512][ T8039] EXT4-fs (loop9): can't mount with journal_async_commit, fs mounted w/o journal
[  235.773961][ T8051] fuse: Bad value for 'fd'
[  235.809612][ T8055] loop0: detected capacity change from 0 to 1024
[  235.869055][ T8061] loop7: detected capacity change from 0 to 16
[  235.905152][ T8055] EXT4-fs (loop0): Ignoring removed bh option
[  235.956513][ T8061] erofs: (device loop7): mounted with root inode @ nid 36.
[  235.994209][ T8055] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodiscard,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,nobarrier,max_dir_size_kb=0x00000000000000eb,abort,user_xattr,bh,errors=remount-ro,. Quota mode: none.
[  236.184589][ T8079] loop6: detected capacity change from 0 to 512
[  236.354734][ T8080] erofs: (device loop7): z_erofs_readahead: readahead error at page 2 @ nid 89
[  236.855309][ T4195] erofs: (device loop7): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192]
[  236.981311][ T8079] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,journal_ioprio=0x0000000000000001,dioread_lock,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  237.539417][ T4186] Bluetooth: hci3: command 0x0406 tx timeout
[  237.552022][ T8082] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1029'.
[  237.562067][ T8079] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.906842][ T8096] xt_nat: multiple ranges no longer supported
[  238.455884][ T8101] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1042'.
[  238.793331][ T8111] loop7: detected capacity change from 0 to 256
[  238.810460][ T4250] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  238.854347][ T8111] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  238.897717][ T8111] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  238.946522][ T8111] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  238.965571][ T8114] loop0: detected capacity change from 0 to 1024
[  238.993040][ T8118] loop9: detected capacity change from 0 to 256
[  239.044266][ T8114] EXT4-fs (loop0): Unrecognized mount option "uid<00000000000000000000" or missing value
[  239.050566][ T4250] usb 7-1: Using ep0 maxpacket: 16
[  239.104981][ T8118] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  239.160241][ T8118] exFAT-fs (loop9): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  239.173307][ T4250] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  239.256751][   T25] audit: type=1800 audit(1757583289.164:1303): pid=8118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1038" name="file2" dev="loop9" ino=1048619 res=0 errno=0
[  239.278808][ T8118] exFAT-fs (loop9): hint_cluster is invalid (17)
[  239.290460][ T4250] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  239.297770][ T8118] exFAT-fs (loop9): error, invalid access to FAT (entry 0xffffffff)
[  239.331024][ T8118] exFAT-fs (loop9): Filesystem has been set read-only
[  239.733759][ T4250] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  239.859503][ T4250] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  239.869092][ T4250] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.887410][ T4250] usb 7-1: config 0 descriptor??
[  240.735201][ T8140] loop9: detected capacity change from 0 to 16
[  240.822617][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  240.860613][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  240.868060][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  240.898850][ T8140] erofs: (device loop9): mounted with root inode @ nid 36.
[  240.900598][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  240.943884][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  240.960453][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  240.970644][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  240.977862][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  241.000463][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  241.020884][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  241.028107][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  241.098558][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  241.107770][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  241.115324][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  241.123209][ T4250] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  241.146496][ T4250] input: HID 045e:07da as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:045E:07DA.0009/input/input10
[  241.279005][ T8149] erofs: (device loop9): z_erofs_readahead: readahead error at page 2 @ nid 89
[  241.293910][ T4195] erofs: (device loop9): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192]
[  241.339920][ T8149] erofs: (device loop9): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192]
[  241.465178][ T4250] microsoft 0003:045E:07DA.0009: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0
[  241.639588][   T25] audit: type=1800 audit(1757583291.274:1304): pid=8149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1040" name="file2" dev="loop9" ino=89 res=0 errno=0
[  241.660233][ T4250] usb 7-1: USB disconnect, device number 8
[  241.738807][ T8148] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1043'.
[  241.875652][ T8156] loop9: detected capacity change from 0 to 512
[  241.906778][ T8155] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1045'.
[  242.008566][ T8156] EXT4-fs (loop9): mounted filesystem without journal. Opts: quota,journal_ioprio=0x0000000000000001,dioread_lock,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  242.008857][ T8152] fido_id[8152]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  242.051654][ T8156] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.308937][ T8166] xt_nat: multiple ranges no longer supported
[  243.364706][ T8175] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  245.754176][ T8203] snd_dummy snd_dummy.0: control 3:0:4095:syz0:2096827922 is already present
[  246.236536][ T8208] loop0: detected capacity change from 0 to 164
[  246.547908][ T8219] xt_nat: multiple ranges no longer supported
[  248.544327][ T8250] snd_dummy snd_dummy.0: control 3:0:4095:syz0:2096827922 is already present
[  250.000505][ T4186] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  250.562593][ T8283] loop7: detected capacity change from 0 to 1024
[  251.210615][ T4186] usb 10-1: Using ep0 maxpacket: 16
[  251.242115][ T8283] EXT4-fs (loop7): Ignoring removed bh option
[  251.282058][ T8283] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,abort,user_xattr,bh,errors=remount-ro,. Quota mode: writeback.
[  251.370602][ T4186] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.390483][ T4186] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.401179][ T4186] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  251.415197][ T4186] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  251.424753][ T4186] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.442720][ T4186] usb 10-1: config 0 descriptor??
[  252.431821][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.461740][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.508399][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.542247][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.620655][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.627907][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.710576][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.743903][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.769593][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.794572][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  252.823470][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  253.729618][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  253.786849][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  253.821466][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  253.830117][ T4186] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0
[  254.408878][ T4186] input: HID 045e:07da as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:045E:07DA.000A/input/input11
[  254.529515][ T4186] microsoft 0003:045E:07DA.000A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.9-1/input0
[  254.646297][ T4186] usb 10-1: USB disconnect, device number 3
[  255.409165][ T8308] fido_id[8308]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[  255.517289][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  255.527136][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  256.130481][ T4186] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  256.346206][ T8333] loop6: detected capacity change from 0 to 512
[  256.430593][ T4186] usb 10-1: Using ep0 maxpacket: 32
[  256.470564][ T8333] EXT4-fs (loop6): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  256.488632][ T8333] EXT4-fs (loop6): error: journal path ./file0 is not a block device
[  256.621161][ T4186] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.793489][ T4186] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.810644][ T4186] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  256.819931][ T4186] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.868391][ T4186] usb 10-1: config 0 descriptor??
[  256.976627][ T8347] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  257.399093][ T8345] loop0: detected capacity change from 0 to 8192
[  257.470747][ T4186] usb 10-1: can't set config #0, error -71
[  257.485144][ T4186] usb 10-1: USB disconnect, device number 4
[  257.590475][ T6619] Bluetooth: hci2: command 0x0406 tx timeout
[  257.709187][ T8365] loop6: detected capacity change from 0 to 164
[  257.981153][ T7469] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  258.230345][ T8375] loop9: detected capacity change from 0 to 8
[  258.250482][ T7469] usb 8-1: Using ep0 maxpacket: 16
[  258.351312][ T8375] SQUASHFS error: zlib decompression failed, data probably corrupt
[  258.381657][ T8375] SQUASHFS error: Failed to read block 0x4de: -5
[  258.388382][ T8375] SQUASHFS error: Failed to read block 0x4e2: -5
[  258.390450][ T7469] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  258.409173][ T8375] SQUASHFS error: Failed to read block 0x9ca: -5
[  258.440719][ T7469] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  258.456917][ T8375] SQUASHFS error: Failed to read block 0x2cf2: -5
[  258.475406][ T8375] SQUASHFS error: Failed to read block 0x52cf2: -5
[  258.490607][ T8375] SQUASHFS error: Failed to read block 0x535f2: -5
[  258.518488][   T25] audit: type=1800 audit(1757583308.424:1305): pid=8375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1100" name="file1" dev="loop9" ino=5 res=0 errno=0
[  258.679063][ T8392] loop0: detected capacity change from 0 to 1024
[  258.690466][ T7469] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  258.699534][ T7469] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.720761][ T7469] usb 8-1: Product: syz
[  258.726727][ T7469] usb 8-1: Manufacturer: syz
[  258.740902][ T7469] usb 8-1: SerialNumber: syz
[  258.762181][ T8392] EXT4-fs (loop0): inline encryption not supported
[  258.788443][ T8392] EXT4-fs (loop0): Ignoring removed nobh option
[  258.797829][ T8392] EXT4-fs (loop0): Ignoring removed bh option
[  258.805494][ T8392] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  258.843172][ T8394] ODEBUG: Out of memory. ODEBUG disabled
[  258.957906][ T8392] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  259.676049][ T8394] loop9: detected capacity change from 0 to 128
[  259.731448][ T7469] usb 8-1: skipping empty audio interface (v1)
[  259.918451][ T7469] snd-usb-audio: probe of 8-1:1.0 failed with error -22
[  259.944055][ T7469] usb 8-1: USB disconnect, device number 7
[  261.028259][ T4200] udevd[4200]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  261.604886][ T8445] loop6: detected capacity change from 0 to 1024
[  261.782902][ T8450] loop7: detected capacity change from 0 to 1024
[  261.785320][ T8445] EXT4-fs (loop6): Ignoring removed bh option
[  261.809507][ T8449] device syzkaller0 entered promiscuous mode
[  261.837335][ T8450] EXT4-fs (loop7): inline encryption not supported
[  261.877062][ T8450] EXT4-fs (loop7): Ignoring removed nobh option
[  261.907769][ T8450] EXT4-fs (loop7): Ignoring removed bh option
[  261.921806][ T8445] EXT4-fs (loop6): mounted filesystem without journal. Opts: nojournal_checksum,nombcache,barrier,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,bh,init_itable,,errors=continue. Quota mode: writeback.
[  261.968422][ T8450] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  262.145658][ T8450] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  262.928181][ T8473] netlink: 'syz.6.1121': attribute type 11 has an invalid length.
[  263.333112][ T8483] loop7: detected capacity change from 0 to 128
[  263.688046][   T25] audit: type=1326 audit(1757583313.594:1306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0294dcba9 code=0x7ffc0000
[  263.832818][   T25] audit: type=1326 audit(1757583313.624:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0294dcba9 code=0x7ffc0000
[  263.965979][   T25] audit: type=1326 audit(1757583313.634:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa029478da9 code=0x7ffc0000
[  264.122108][   T25] audit: type=1326 audit(1757583313.634:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa029478da9 code=0x7ffc0000
[  264.272602][   T25] audit: type=1326 audit(1757583313.634:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa029478da9 code=0x7ffc0000
[  264.363360][ T8504] device syzkaller0 entered promiscuous mode
[  264.388390][   T25] audit: type=1326 audit(1757583313.634:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0294dcba9 code=0x7ffc0000
[  264.421847][   T25] audit: type=1326 audit(1757583313.644:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa029478da9 code=0x7ffc0000
[  264.453513][   T25] audit: type=1326 audit(1757583313.644:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0294dcba9 code=0x7ffc0000
[  264.479450][   T25] audit: type=1326 audit(1757583313.644:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa029478da9 code=0x7ffc0000
[  264.505117][   T25] audit: type=1326 audit(1757583313.644:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.6.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0294dcba9 code=0x7ffc0000
[  264.571214][   T13] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  265.615651][ T8514] loop6: detected capacity change from 0 to 256
[  265.650871][ T8514] exfat: Deprecated parameter 'utf8'
[  265.656363][ T8514] exfat: Unknown parameter 'keep_last_dots'
[  265.710811][ T8517] loop7: detected capacity change from 0 to 512
[  265.777891][   T13] usb 10-1: Using ep0 maxpacket: 8
[  265.824299][ T8517] EXT4-fs (loop7): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  265.850451][ T8517] EXT4-fs (loop7): error: journal path ./file0 is not a block device
[  265.910676][   T13] usb 10-1: config 0 has an invalid interface number: 31 but max is 0
[  265.928952][   T13] usb 10-1: config 0 has no interface number 0
[  266.115228][   T13] usb 10-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  266.169152][   T13] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.198266][   T13] usb 10-1: Product: syz
[  266.215630][   T13] usb 10-1: Manufacturer: syz
[  266.246366][   T13] usb 10-1: SerialNumber: syz
[  266.290656][ T8528] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus
[  266.548313][   T13] usb 10-1: config 0 descriptor??
[  266.867134][ T8536] netlink: 84 bytes leftover after parsing attributes in process `syz.7.1138'.
[  266.910657][   T13] usb 10-1: Found UVC 0.04 device syz (046d:08c3)
[  266.927361][   T13] usb 10-1: No valid video chain found.
[  266.978748][   T13] usb 10-1: USB disconnect, device number 5
[  267.094973][ T8551] loop6: detected capacity change from 0 to 1024
[  267.130679][ T8551] EXT4-fs (loop6): inline encryption not supported
[  267.777567][ T8551] EXT4-fs (loop6): Ignoring removed nobh option
[  267.794897][ T8551] EXT4-fs (loop6): Ignoring removed bh option
[  267.801849][ T8551] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  267.859535][ T8551] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  267.948337][ T8564] loop7: detected capacity change from 0 to 1024
[  268.007800][ T8564] EXT4-fs (loop7): Ignoring removed bh option
[  268.546541][ T8564] EXT4-fs (loop7): mounted filesystem without journal. Opts: nojournal_checksum,nombcache,barrier,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,bh,init_itable,,errors=continue. Quota mode: writeback.
[  268.670590][ T4250] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  268.702757][ T8578] loop0: detected capacity change from 0 to 164
[  268.829053][ T8582] netlink: 84 bytes leftover after parsing attributes in process `syz.7.1150'.
[  268.920492][ T4250] usb 10-1: Using ep0 maxpacket: 32
[  269.015643][ T8591] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  269.040802][ T4250] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  269.065613][ T8591] device syzkaller0 entered promiscuous mode
[  269.089793][ T4250] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  269.127914][ T8591] tipc: Resetting bearer <eth:syzkaller0>
[  269.145829][ T8590] tipc: Resetting bearer <eth:syzkaller0>
[  269.147875][ T4250] usb 10-1: New USB device found, idVendor=046d, idProduct=c26e, bcdDevice= 0.00
[  269.170429][ T4250] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.182725][ T8590] tipc: Disabling bearer <eth:syzkaller0>
[  269.191243][ T4250] usb 10-1: config 0 descriptor??
[  269.291227][ T8597] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  269.817858][ T6619] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  270.070508][ T6619] usb 1-1: Using ep0 maxpacket: 16
[  270.200588][ T6619] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  270.216517][ T6619] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  270.265945][ T4250] hid-generic 0003:046D:C26E.000B: collection stack underflow
[  270.287847][ T4250] hid-generic 0003:046D:C26E.000B: item 0 0 0 12 parsing failed
[  270.299410][ T4250] hid-generic: probe of 0003:046D:C26E.000B failed with error -22
[  270.440684][ T6619] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  270.468343][ T6619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.468588][ T4250] usb 10-1: USB disconnect, device number 6
[  270.488491][ T6619] usb 1-1: Product: syz
[  270.504176][ T6619] usb 1-1: Manufacturer: syz
[  270.519130][ T6619] usb 1-1: SerialNumber: syz
[  270.688292][ T8628] loop6: detected capacity change from 0 to 1024
[  270.713110][ T8628] EXT4-fs (loop6): inline encryption not supported
[  270.753681][ T8628] EXT4-fs (loop6): Ignoring removed nobh option
[  270.759969][ T8628] EXT4-fs (loop6): Ignoring removed bh option
[  270.767895][ T8628] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  270.835522][ T8628] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  271.113142][ T6619] usb 1-1: skipping empty audio interface (v1)
[  271.223823][ T6619] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  271.294732][ T6619] usb 1-1: USB disconnect, device number 9
[  271.501317][ T8649] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1162'.
[  271.551201][ T4200] udevd[4200]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  271.568916][ T8651] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1163'.
[  271.635309][ T8657] loop9: detected capacity change from 0 to 512
[  271.697702][ T8657] EXT4-fs (loop9): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  271.751761][ T8657] EXT4-fs (loop9): error: journal path ./file0 is not a block device
[  272.637012][ T8672] loop6: detected capacity change from 0 to 512
[  272.687336][ T8672] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  272.717426][ T8672] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  272.739634][ T8672] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  272.767155][ T8672] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  272.783490][ T8672] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  272.801332][ T8672] EXT4-fs (loop6): orphan cleanup on readonly fs
[  272.843945][ T8672] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1164: bg 0: block 34: padding at end of block bitmap is not set
[  272.878230][ T8672] __quota_error: 61 callbacks suppressed
[  272.878248][ T8672] Quota error (device loop6): write_blk: dquota write failed
[  272.902216][ T8672] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  272.962344][ T8672] EXT4-fs error (device loop6): ext4_acquire_dquot:6209: comm syz.6.1164: Failed to acquire dquot type 1
[  273.004652][ T8672] EXT4-fs (loop6): 1 truncate cleaned up
[  273.013844][ T8672] EXT4-fs (loop6): mounted filesystem without journal. Opts: noblock_validity,barrier,,errors=continue. Quota mode: writeback.
[  273.139270][ T8672] syz.6.1164 (8672) used greatest stack depth: 19200 bytes left
[  273.436253][ T8697] loop6: detected capacity change from 0 to 1024
[  273.503603][ T8697] EXT4-fs (loop6): inline encryption not supported
[  273.550515][ T8697] EXT4-fs (loop6): Ignoring removed nobh option
[  273.556862][ T8697] EXT4-fs (loop6): Ignoring removed bh option
[  273.587670][ T8697] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  273.603028][ T8705] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1177'.
[  273.709808][ T8697] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  273.759271][ T8714] netlink: 84 bytes leftover after parsing attributes in process `syz.9.1178'.
[  273.840452][ T4250] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  273.853775][ T8718] loop0: detected capacity change from 0 to 256
[  273.976691][ T8720] loop9: detected capacity change from 0 to 512
[  274.263586][ T8718] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  274.310930][ T4250] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  274.379643][ T8720] EXT4-fs (loop9): Unrecognized mount option "ro" or missing value
[  274.391489][ T4250] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  274.494225][ T4250] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  274.516362][ T8730] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  274.535935][ T4250] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.567518][ T4250] usb 8-1: config 0 descriptor??
[  274.630132][ T4250] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  274.836400][ T8740] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1184'.
[  274.880733][ T8746] device syzkaller0 entered promiscuous mode
[  275.032818][ T8757] netlink: 84 bytes leftover after parsing attributes in process `syz.9.1192'.
[  275.079638][ T4227] usb 8-1: USB disconnect, device number 8
[  275.298095][ T8768] loop9: detected capacity change from 0 to 1024
[  275.332252][ T8775] loop6: detected capacity change from 0 to 512
[  275.413973][ T8768] EXT4-fs (loop9): inline encryption not supported
[  275.449455][ T8768] EXT4-fs (loop9): Ignoring removed nobh option
[  275.467549][ T8775] EXT4-fs error (device loop6): ext4_orphan_get:1401: inode #15: comm syz.6.1197: iget: bad i_size value: 38620345925642
[  275.516736][ T8768] EXT4-fs (loop9): Ignoring removed bh option
[  275.523383][ T8768] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  275.545844][ T8775] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.1197: couldn't read orphan inode 15 (err -117)
[  275.576147][ T8775] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  275.595470][ T8768] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  275.691036][ T8775] EXT4-fs error (device loop6): ext4_check_dx_root:2266: inode #2: comm syz.6.1197: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[  275.808861][ T8793] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1199'.
[  276.352246][ T8802] device syzkaller0 entered promiscuous mode
[  276.496106][ T8812] loop6: detected capacity change from 0 to 164
[  276.539583][ T8813] netlink: 84 bytes leftover after parsing attributes in process `syz.7.1206'.
[  278.463697][ T8832] loop6: detected capacity change from 0 to 1024
[  278.531466][ T8832] EXT4-fs (loop6): inline encryption not supported
[  278.538121][ T8832] EXT4-fs (loop6): Ignoring removed nobh option
[  278.580477][ T8832] EXT4-fs (loop6): Ignoring removed bh option
[  278.586587][ T8832] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  278.650524][ T4228] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  278.681551][ T8832] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  279.150748][ T4228] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  279.170676][ T4228] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  279.185971][ T4228] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  279.195351][ T4228] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.264262][ T4228] usb 1-1: config 0 descriptor??
[  279.312841][ T4228] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  279.693174][ T8851] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1215'.
[  279.707775][ T4250] usb 1-1: USB disconnect, device number 10
[  279.776327][ T8857] loop6: detected capacity change from 0 to 8
[  279.858452][ T8864] device syzkaller0 entered promiscuous mode
[  280.033699][ T8875] loop6: detected capacity change from 0 to 1024
[  280.114716][ T8875] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  280.272819][ T8875] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e12d, mo2=0002]
[  280.313980][ T8875] System zones: 0-1, 2-3, 4-36, 98-101, 102-102
[  280.333958][ T8875] EXT4-fs (loop6): mounted filesystem without journal. Opts: nombcache,debug,norecovery,grpid,errors=remount-ro,. Quota mode: writeback.
[  281.098989][ T8899] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1226'.
[  281.524015][ T8926] loop6: detected capacity change from 0 to 2048
[  281.614256][ T4200]  loop6: p2 p3 p7
[  281.682815][ T8926]  loop6: p2 p3 p7
[  281.737459][ T8933] loop9: detected capacity change from 0 to 2048
[  281.803013][ T8933] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  281.833886][ T3560]  loop6: p2 p3 p7
[  281.977028][ T4200] udevd[4200]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  281.993397][ T4173] udevd[4173]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  281.999215][ T8946] netlink: 84 bytes leftover after parsing attributes in process `syz.6.1238'.
[  282.006168][ T7453] udevd[7453]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory
[  282.067138][ T4173] udevd[4173]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  282.068934][ T4200] udevd[4200]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  282.079487][ T7453] udevd[7453]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory
[  282.222814][ T4996] udevd[4996]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  282.235174][ T4173] udevd[4173]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory
[  282.248359][ T4200] udevd[4200]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  283.789521][ T8984] loop0: detected capacity change from 0 to 764
[  283.948419][ T8984] ISOFS: Unable to identify CD-ROM format.
[  284.101670][ T8991] netlink: 84 bytes leftover after parsing attributes in process `syz.6.1251'.
[  284.183710][ T8993] loop0: detected capacity change from 0 to 2048
[  284.256570][ T8993]  loop0: p2 p3 p7
[  284.587177][ T4996] udevd[4996]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  284.674083][ T9014] loop0: detected capacity change from 0 to 512
[  285.771738][ T9014] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  285.790824][ T9014] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  285.892207][ T9014] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  285.937459][ T9014] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  285.952203][ T9014] System zones: 0-2, 18-18, 34-35
[  286.011792][ T9014] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  286.490540][ T7469] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  287.010597][ T7469] usb 1-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  287.048819][ T7469] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.072194][ T7469] usb 1-1: config 0 descriptor??
[  287.134384][ T9060] netlink: 84 bytes leftover after parsing attributes in process `syz.9.1262'.
[  287.947571][ T9080] loop9: detected capacity change from 0 to 1024
[  287.956537][ T4228] usb 1-1: USB disconnect, device number 11
[  288.035529][ T9080] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  288.051404][ T9080] EXT4-fs (loop9): orphan cleanup on readonly fs
[  288.062231][ T9080] EXT4-fs error (device loop9): ext4_free_blocks:6218: comm syz.9.1264: Freeing blocks not in datazone - block = 0, count = 4096
[  288.167806][ T9080] EXT4-fs (loop9): 1 orphan inode deleted
[  288.183896][ T9080] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  290.093746][ T9121] device syzkaller0 entered promiscuous mode
[  290.437231][ T9130] netlink: 84 bytes leftover after parsing attributes in process `syz.9.1273'.
[  290.525049][ T9128] loop6: detected capacity change from 0 to 512
[  290.603652][ T9128] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  290.634361][ T9141] loop0: detected capacity change from 0 to 512
[  290.640901][ T9128] EXT4-fs (loop6): Ignoring removed orlov option
[  290.715046][ T9128] EXT4-fs (loop6): mounted filesystem without journal. Opts: nobarrier,jqfmt=vfsv1,orlov,errors=remount-ro,errors=remount-ro,nodiscard,grpjquota=,nodelalloc,errors=remount-ro,. Quota mode: writeback.
[  290.750640][ T9141] EXT4-fs (loop0): Ignoring removed nobh option
[  290.762076][ T9128] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.858000][ T9141] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #3: comm syz.0.1276: corrupted inode contents
[  290.939728][ T9141] EXT4-fs error (device loop0): ext4_dirty_inode:6040: inode #3: comm syz.0.1276: mark_inode_dirty error
[  290.960856][ T9112] EXT4-fs warning (device loop6): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 1918985075
[  290.975869][ T9112] EXT4-fs warning (device loop6): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 1918985075
[  290.981527][ T9141] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #3: comm syz.0.1276: corrupted inode contents
[  291.038625][ T9141] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #3: comm syz.0.1276: mark_inode_dirty error
[  291.092700][ T9141] Quota error (device loop0): write_blk: dquota write failed
[  291.135577][ T9141] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  291.166185][ T5948] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5836: Out of memory
[  291.182669][ T5948] EXT4-fs (loop6): Remounting filesystem read-only
[  291.200899][ T5948] EXT4-fs error (device loop6): ext4_quota_off:6515: inode #3: comm syz-executor: mark_inode_dirty error
[  291.205655][ T9141] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.1276: Failed to acquire dquot type 0
[  291.240537][ T5948] EXT4-fs (loop6): Remounting filesystem read-only
[  291.271038][ T9141] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #16: comm syz.0.1276: corrupted inode contents
[  291.295696][ T9141] EXT4-fs error (device loop0): ext4_dirty_inode:6040: inode #16: comm syz.0.1276: mark_inode_dirty error
[  291.316577][ T9141] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #16: comm syz.0.1276: corrupted inode contents
[  291.347553][ T9141] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #16: comm syz.0.1276: mark_inode_dirty error
[  291.368304][ T9141] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #16: comm syz.0.1276: corrupted inode contents
[  291.393578][ T9141] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  291.395584][ T9161] loop6: detected capacity change from 0 to 128
[  291.436563][ T9141] EXT4-fs error (device loop0): ext4_do_update_inode:5204: inode #16: comm syz.0.1276: corrupted inode contents
[  291.460671][ T9141] EXT4-fs error (device loop0): ext4_truncate:4273: inode #16: comm syz.0.1276: mark_inode_dirty error
[  291.568598][ T9141] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  291.594966][ T9141] EXT4-fs (loop0): 1 truncate cleaned up
[  291.610039][ T9141] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=abort,nobh,,errors=continue. Quota mode: writeback.
[  291.675724][ T9141] ext4 filesystem being mounted at /272/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.011423][ T9175] loop6: detected capacity change from 0 to 128
[  292.352167][ T9175] EXT4-fs warning (device loop6): ext4_fill_super:3980: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  292.365003][ T9175] EXT4-fs (loop6): Encoding requested by superblock is unknown
[  292.816289][ T9186] loop0: detected capacity change from 0 to 512
[  293.032073][ T9189] device syzkaller0 entered promiscuous mode
[  293.086563][ T9186] EXT4-fs (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  293.135436][ T9186] EXT4-fs (loop0): error: journal path ./file0 is not a block device
[  293.146812][ T9192] netlink: 84 bytes leftover after parsing attributes in process `syz.7.1285'.
[  293.721300][   T25] audit: type=1326 audit(1757583343.634:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.7.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b9b989ba9 code=0x7ffc0000
[  293.833225][   T25] audit: type=1326 audit(1757583343.664:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.7.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f4b9b989ba9 code=0x7ffc0000
[  293.856472][   T25] audit: type=1326 audit(1757583343.664:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.7.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b9b989ba9 code=0x7ffc0000
[  293.889099][   T25] audit: type=1326 audit(1757583343.664:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.7.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b9b989ba9 code=0x7ffc0000
[  294.047187][   T25] audit: type=1326 audit(1757583343.664:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.7.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4b9b9897ab code=0x7ffc0000
[  294.411481][   T25] audit: type=1326 audit(1757583343.664:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.7.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b9b989ba9 code=0x7ffc0000
[  295.396243][   T25] audit: type=1326 audit(1757583343.664:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.7.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b9b989ba9 code=0x7ffc0000
[  295.619225][   T25] audit: type=1326 audit(1757583343.674:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9200 comm="syz.7.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7f4b9b989ba9 code=0x7ffc0000
[  295.649746][ T9213] loop0: detected capacity change from 0 to 2048
[  295.730285][ T9213] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  295.791556][ T9231] overlayfs: failed to clone upperpath
[  295.845055][ T9235] loop6: detected capacity change from 0 to 512
[  295.945612][ T9235] EXT4-fs (loop6): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  295.977037][ T9235] EXT4-fs (loop6): error: journal path ./file0 is not a block device
[  296.128537][ T9246] loop0: detected capacity change from 0 to 1024
[  296.205065][ T9246] EXT4-fs (loop0): Ignoring removed bh option
[  296.822720][ T9246] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc,nodioread_nolock,barrier,noquota,auto_da_alloc,grpquota,bh,,errors=continue. Quota mode: writeback.
[  296.851710][ T9255] loop9: detected capacity change from 0 to 1024
[  296.892389][ T9246] ext4 filesystem being mounted at /277/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.940593][ T9255] EXT4-fs (loop9): inline encryption not supported
[  296.954996][ T9246] EXT4-fs error (device loop0): ext4_map_blocks:739: inode #15: block 3: comm syz.0.1302: lblock 3 mapped to illegal pblock 3 (length 3)
[  296.983336][ T9255] EXT4-fs (loop9): Ignoring removed nobh option
[  296.989621][ T9255] EXT4-fs (loop9): Ignoring removed bh option
[  297.007128][ T9246] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  297.039601][ T9255] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  297.066779][ T9246] EXT4-fs (loop0): This should not happen!! Data will be lost
[  297.066779][ T9246] 
[  297.171019][ T9255] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  297.203636][ T9268] EXT4-fs error (device loop0): ext4_ext_remove_space:2929: inode #15: comm syz.0.1302: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  297.309944][ T9268] EXT4-fs error (device loop0) in ext4_setattr:5608: Corrupt filesystem
[  297.529648][ T9287] overlayfs: upper fs does not support tmpfile.
[  297.533520][ T9292] loop9: detected capacity change from 0 to 128
[  297.596955][ T9294] loop6: detected capacity change from 0 to 2048
[  297.696420][ T9294]  loop6: p1 < > p4
[  297.716203][ T9292] EXT4-fs (loop9): Test dummy encryption mode enabled
[  297.738437][ T9292] EXT4-fs (loop9): Test dummy encryption mode enabled
[  297.757681][ T9294] loop6: p4 size 8388608 extends beyond EOD, truncated
[  297.881626][ T9292] EXT4-fs (loop9): mounted filesystem without journal. Opts: test_dummy_encryption=v1,test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  297.981290][ T9292] ext4 filesystem being mounted at /84/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  297.982829][ T9302] loop0: detected capacity change from 0 to 512
[  298.034731][ T9302] EXT4-fs (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  298.077792][ T9302] EXT4-fs (loop0): error: journal path ./file0 is not a block device
[  298.340149][ T9311] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1317'.
[  298.350995][ T9313] loop6: detected capacity change from 0 to 256
[  298.431612][ T9313] exfat: Deprecated parameter 'namecase'
[  298.903295][ T9313] exfat: Deprecated parameter 'namecase'
[  298.979411][ T9313] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  299.163268][ T9332] loop0: detected capacity change from 0 to 1024
[  299.285121][ T9332] EXT4-fs (loop0): inline encryption not supported
[  299.309180][ T9332] EXT4-fs (loop0): Ignoring removed nobh option
[  299.333241][ T9332] EXT4-fs (loop0): Ignoring removed bh option
[  299.369846][ T9332] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  299.397495][ T9346] overlayfs: failed to clone upperpath
[  299.515612][ T9332] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  299.614778][ T9356] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1329'.
[  300.780566][ T9383] loop6: detected capacity change from 0 to 128
[  300.862657][ T9383] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  300.879864][ T9383] ext4 filesystem being mounted at /153/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  301.235532][ T9398] loop9: detected capacity change from 0 to 1024
[  301.609471][ T9398] EXT4-fs (loop9): inline encryption not supported
[  301.632845][ T9398] EXT4-fs (loop9): Ignoring removed nobh option
[  301.658138][ T9398] EXT4-fs (loop9): Ignoring removed bh option
[  301.664744][ T9398] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  301.732409][ T9398] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  301.957165][ T9408] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1343'.
[  302.050401][ T9411] overlayfs: upper fs does not support tmpfile.
[  302.268744][ T9414] loop9: detected capacity change from 0 to 2048
[  302.384211][ T4200]  loop9: p1 < > p4
[  302.400989][ T4200] loop9: p4 size 8388608 extends beyond EOD, truncated
[  302.426989][ T9414]  loop9: p1 < > p4
[  302.448344][ T9414] loop9: p4 size 8388608 extends beyond EOD, truncated
[  302.812170][ T4200] udevd[4200]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  302.824501][ T4996] udevd[4996]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory
[  302.887386][ T4996] udevd[4996]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory
[  304.743432][ T4200] udevd[4200]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  304.768194][ T9439] loop9: detected capacity change from 0 to 256
[  304.896379][ T9439] FAT-fs (loop9): Directory bread(block 64) failed
[  304.924210][ T9439] FAT-fs (loop9): Directory bread(block 65) failed
[  304.946479][ T9439] FAT-fs (loop9): Directory bread(block 66) failed
[  304.970510][ T9439] FAT-fs (loop9): Directory bread(block 67) failed
[  304.997481][ T9439] FAT-fs (loop9): Directory bread(block 68) failed
[  305.027809][ T9439] FAT-fs (loop9): Directory bread(block 69) failed
[  305.075649][ T9439] FAT-fs (loop9): Directory bread(block 70) failed
[  305.095704][ T9439] FAT-fs (loop9): Directory bread(block 71) failed
[  305.111884][ T9439] FAT-fs (loop9): Directory bread(block 72) failed
[  305.130603][ T9439] FAT-fs (loop9): Directory bread(block 73) failed
[  305.160567][ T4304] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  305.345392][ T9451] attempt to access beyond end of device
[  305.345392][ T9451] loop9: rw=2051, want=1832, limit=256
[  305.400645][ T9451] attempt to access beyond end of device
[  305.400645][ T9451] loop9: rw=2051, want=2408, limit=256
[  305.530557][ T4304] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  305.570472][ T4304] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  305.610549][ T4304] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  305.736609][ T9457] device syzkaller0 entered promiscuous mode
[  305.810686][ T4304] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  305.829918][ T4304] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.860225][ T4304] usb 7-1: Product: syz
[  305.878470][ T4304] usb 7-1: Manufacturer: syz
[  305.893320][ T4304] usb 7-1: SerialNumber: syz
[  305.924731][ T4304] usb 7-1: config 0 descriptor??
[  306.012543][ T9465] loop9: detected capacity change from 0 to 1024
[  306.025617][ T9467] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1354'.
[  306.090296][ T9465] EXT4-fs (loop9): inline encryption not supported
[  306.137211][ T9465] EXT4-fs (loop9): Ignoring removed nobh option
[  306.196389][ T9465] EXT4-fs (loop9): Ignoring removed bh option
[  306.208130][ T9465] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  306.301300][ T9465] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  306.418251][ T4304] usb 7-1: USB disconnect, device number 9
[  306.918417][ T9497] loop9: detected capacity change from 0 to 128
[  307.012580][ T9500] device syzkaller0 entered promiscuous mode
[  307.041497][ T9497] EXT4-fs (loop9): Ignoring removed nobh option
[  307.079976][ T9497] EXT4-fs (loop9): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  307.101978][ T9497] ext4 filesystem being mounted at /98/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  307.852693][ T9512] loop6: detected capacity change from 0 to 1024
[  307.942976][ T9512] EXT4-fs (loop6): inline encryption not supported
[  307.998505][ T9512] EXT4-fs (loop6): Ignoring removed nobh option
[  308.070534][ T9512] EXT4-fs (loop6): Ignoring removed bh option
[  308.109703][ T9512] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  308.211319][ T9512] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  308.790542][   T21] Bluetooth: hci0: command 0x0406 tx timeout
[  309.371136][ T9539] loop6: detected capacity change from 0 to 512
[  309.448272][ T9539] EXT4-fs (loop6): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  309.460486][ T9539] EXT4-fs (loop6): error: journal path ./file0 is not a block device
[  309.817316][ T9554] loop6: detected capacity change from 0 to 1024
[  309.823828][ T9555] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1375'.
[  309.970056][ T9554] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  310.077141][ T9554] EXT4-fs error (device loop6): ext4_xattr_ibody_get:603: inode #2: comm syz.6.1374: corrupted in-inode xattr
[  311.027185][ T9582] loop6: detected capacity change from 0 to 1024
[  311.168787][ T9582] EXT4-fs (loop6): inline encryption not supported
[  311.200494][ T9582] EXT4-fs (loop6): Ignoring removed nobh option
[  311.206767][ T9582] EXT4-fs (loop6): Ignoring removed bh option
[  311.238538][ T9582] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  311.519865][ T9582] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  312.921142][ T9612] loop6: detected capacity change from 0 to 2048
[  312.940732][ T9618] loop0: detected capacity change from 0 to 1024
[  313.624577][   T25] kauditd_printk_skb: 4 callbacks suppressed
[  313.624595][   T25] audit: type=1326 audit(1757583363.054:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9611 comm="syz.6.1390" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0294dcba9 code=0x0
[  313.701880][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  313.740653][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  313.785481][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  313.836062][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  313.903217][ T9631] loop9: detected capacity change from 0 to 512
[  313.925486][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  313.949115][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  313.970268][ T9631] EXT4-fs (loop9): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  313.996753][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.004458][ T9631] EXT4-fs (loop9): error: journal path ./file0 is not a block device
[  314.043525][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.070509][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.093771][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.113603][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.128040][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.158226][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.190483][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.205823][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.278762][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.338638][ T9641] loop9: detected capacity change from 0 to 2048
[  314.347654][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.370495][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.389285][ T9641] UDF-fs: error (device loop9): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  314.410672][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.418102][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.427918][ T9641] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  314.433694][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.474568][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.500759][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.525412][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.590539][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.598107][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.634702][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.671514][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.679709][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.730592][ T9618] hfsplus: request for non-existent node 16777216 in B*Tree
[  314.738638][   T25] audit: type=1800 audit(1757583364.644:1390): pid=9618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1383" name="file1" dev="loop0" ino=20 res=0 errno=0
[  315.014620][ T9658] netlink: 84 bytes leftover after parsing attributes in process `syz.6.1401'.
[  315.169941][ T9668] loop0: detected capacity change from 0 to 1024
[  315.784692][ T9677] hfsplus: can't free extent
[  315.795691][   T25] audit: type=1800 audit(1757583365.684:1391): pid=9677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1404" name="file1" dev="loop0" ino=20 res=0 errno=0
[  316.239530][ T9683] loop6: detected capacity change from 0 to 1024
[  316.291879][ T9687] loop0: detected capacity change from 0 to 512
[  316.343995][ T9687] EXT4-fs (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  316.345137][ T9683] EXT4-fs (loop6): inline encryption not supported
[  316.376148][ T9687] EXT4-fs (loop0): error: journal path ./file0 is not a block device
[  316.380402][ T9683] EXT4-fs (loop6): Ignoring removed nobh option
[  316.455383][ T9683] EXT4-fs (loop6): Ignoring removed bh option
[  316.495164][ T9683] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  316.636718][ T9683] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  316.953502][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  316.959863][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  317.668043][ T9715] netlink: 'syz.0.1410': attribute type 3 has an invalid length.
[  317.966868][ T9721] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  318.360431][ T9730] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1412'.
[  318.375865][ T9698] chnl_net:caif_netlink_parms(): no params data found
[  318.759605][ T9698] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.767369][ T9698] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.808964][ T9698] device bridge_slave_0 entered promiscuous mode
[  318.876315][ T9747] netlink: 'syz.2.1416': attribute type 9 has an invalid length.
[  318.896069][ T9747] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1416'.
[  318.928890][ T9698] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.955236][ T9698] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.986149][ T9698] device bridge_slave_1 entered promiscuous mode
[  318.999010][ T9753] loop6: detected capacity change from 0 to 512
[  319.204914][ T9698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  319.226947][ T9757] loop9: detected capacity change from 0 to 512
[  319.260304][   T21] Bluetooth: hci5: command 0x0409 tx timeout
[  319.460320][ T9757] EXT4-fs (loop9): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  319.619238][ T9698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  319.667605][ T9757] EXT4-fs (loop9): error: journal path ./file0 is not a block device
[  319.882225][ T9698] team0: Port device team_slave_0 added
[  319.941046][ T9698] team0: Port device team_slave_1 added
[  320.059698][ T9775] loop9: detected capacity change from 0 to 1024
[  320.132158][ T9775] EXT4-fs (loop9): inline encryption not supported
[  320.159086][ T9775] EXT4-fs (loop9): Ignoring removed nobh option
[  320.171980][ T9698] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.178935][ T9698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.179978][ T9780] loop0: detected capacity change from 0 to 512
[  320.230200][ T9775] EXT4-fs (loop9): Ignoring removed bh option
[  320.581447][ T9761] netlink: 6 bytes leftover after parsing attributes in process `syz.6.1426'.
[  321.160348][ T9698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  321.160767][ T9775] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  321.220331][ T9780] EXT4-fs (loop0): Ignoring removed nobh option
[  321.258836][ T9698] batman_adv: batadv0: Adding interface: batadv_slave_1
[  321.315670][ T9698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  321.393409][ T9698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.410953][ T9780] EXT4-fs (loop0): mounted filesystem without journal. Opts: barrier=0x0000000000000004,bsddf,nobh,init_itable=0x0000000000000003,data_err=ignore,,errors=continue. Quota mode: none.
[  322.056668][   T21] Bluetooth: hci5: command 0x041b tx timeout
[  322.064998][ T9775] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  322.219143][ T9698] device hsr_slave_0 entered promiscuous mode
[  322.477641][ T9698] device hsr_slave_1 entered promiscuous mode
[  322.582582][ T9698] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  322.612739][ T9698] Cannot create hsr debugfs directory
[  324.220285][ T4228] Bluetooth: hci5: command 0x040f tx timeout
[  325.007992][ T9842] loop6: detected capacity change from 0 to 2048
[  325.304399][ T5767] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.902165][ T5767] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.564352][ T6619] Bluetooth: hci5: command 0x0419 tx timeout
[  326.596317][ T5767] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.709885][ T5767] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.808211][ T9873] loop0: detected capacity change from 0 to 512
[  327.503982][ T9873] EXT4-fs (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  327.523934][ T9873] EXT4-fs (loop0): error: journal path ./file0 is not a block device
[  327.603825][ T9698] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  327.631016][ T9698] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  327.679828][ T9698] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  327.820935][ T9698] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  327.897332][ T9884] loop6: detected capacity change from 0 to 512
[  328.082212][ T9884] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.1444: inode #1: comm syz.6.1444: iget: illegal inode #
[  328.110290][ T5767] tipc: Left network mode
[  328.149666][ T9884] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.1444: error while reading EA inode 1 err=-117
[  328.171207][ T9884] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  328.194134][ T9884] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.1444: inode #1: comm syz.6.1444: iget: illegal inode #
[  328.259588][ T9884] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.1444: error while reading EA inode 1 err=-117
[  329.689335][ T9884] EXT4-fs (loop6): 1 orphan inode deleted
[  329.689670][ T7469] Bluetooth: hci1: command 0x0406 tx timeout
[  329.703489][ T9884] EXT4-fs (loop6): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x0000000000000058,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback.
[  330.327039][ T9698] 8021q: adding VLAN 0 to HW filter on device bond0
[  330.475521][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  330.505785][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  330.533713][ T5948] EXT4-fs error (device loop6): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  330.588232][ T9698] 8021q: adding VLAN 0 to HW filter on device team0
[  330.686560][ T1236] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  330.687437][ T5948] EXT4-fs error (device loop6): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 15
[  330.701307][ T1236] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  330.860714][ T1236] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.867813][ T1236] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.881163][ T5948] EXT4-fs error (device loop6): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 15
[  330.904042][ T1236] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  330.918261][ T1236] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  330.939378][ T1236] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  330.974605][ T1236] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.981754][ T1236] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.023398][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  331.054469][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  331.127142][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  331.152407][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  331.161983][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  331.187919][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  331.221516][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  331.241115][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  331.273130][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  331.296992][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  331.370724][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  331.379189][ T9698] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  332.386697][ T9949] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  332.490234][ T6619] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  332.606205][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  332.638013][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  332.665506][ T9698] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.695657][ T9963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1462'.
[  332.740330][ T9963] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1462'.
[  332.760290][ T6619] usb 10-1: Using ep0 maxpacket: 16
[  332.798030][ T5767] device hsr_slave_0 left promiscuous mode
[  332.805527][ T5767] device hsr_slave_1 left promiscuous mode
[  332.825310][ T5767] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  332.864387][ T5767] batman_adv: batadv0: Removing interface: batadv_slave_0
[  332.877848][ T5767] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  332.892078][ T6619] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30
[  332.903121][ T6619] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  332.914524][ T6619] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 33
[  332.938103][ T5767] batman_adv: batadv0: Removing interface: batadv_slave_1
[  332.948142][ T6619] usb 10-1: New USB device found, idVendor=18d1, idProduct=5022, bcdDevice= 0.00
[  332.965587][ T5767] device bridge_slave_1 left promiscuous mode
[  332.966872][ T6619] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.980466][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.002579][ T6619] usb 10-1: config 0 descriptor??
[  333.016520][ T5767] device bridge_slave_0 left promiscuous mode
[  333.030399][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.190027][ T5767] device veth1_macvtap left promiscuous mode
[  333.214163][ T5767] device veth0_macvtap left promiscuous mode
[  333.233547][ T5767] device veth1_vlan left promiscuous mode
[  333.239352][ T5767] device veth0_vlan left promiscuous mode
[  333.619064][ T9986] loop0: detected capacity change from 0 to 128
[  333.641139][ T9986] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  333.654988][ T5767] team0 (unregistering): Port device team_slave_1 removed
[  333.676485][ T5767] team0 (unregistering): Port device team_slave_0 removed
[  333.694857][ T5767] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.709789][ T5767] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.765746][ T5767] bond0 (unregistering): Released all slaves
[  334.146284][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  334.158807][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  334.196206][ T9968] chnl_net:caif_netlink_parms(): no params data found
[  334.209908][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  334.221226][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  334.229684][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  334.240920][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  334.280366][ T9698] device veth0_vlan entered promiscuous mode
[  334.311199][ T9698] device veth1_vlan entered promiscuous mode
[  334.424202][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  334.432800][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  334.441419][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  334.450214][ T4291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  334.460821][ T9968] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.486763][ T9968] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.525395][ T9968] device bridge_slave_0 entered promiscuous mode
[  334.690486][ T9968] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.697950][ T9968] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.712976][ T9968] device bridge_slave_1 entered promiscuous mode
[  334.785477][ T9968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.820349][ T6619] usbhid 10-1:0.0: can't add hid device: -71
[  334.826506][ T6619] usbhid: probe of 10-1:0.0 failed with error -71
[  334.857804][ T6619] usb 10-1: USB disconnect, device number 7
[  334.972181][ T4227] Bluetooth: hci2: command 0x0409 tx timeout
[  335.965513][ T9698] device veth0_macvtap entered promiscuous mode
[  336.140273][T10022] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  336.166223][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  336.191351][ T9968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.213452][T10023] device syzkaller0 entered promiscuous mode
[  336.227446][ T9698] device veth1_macvtap entered promiscuous mode
[  336.308910][ T9968] team0: Port device team_slave_0 added
[  336.326416][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.355712][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.379670][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.406359][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.426619][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.447335][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.476596][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.517817][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.554955][ T9698] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.574237][ T9968] team0: Port device team_slave_1 added
[  336.599185][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  337.268278][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  337.332743][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  337.364323][T10056] loop9: detected capacity change from 0 to 8
[  337.376367][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.406235][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  337.447429][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.477889][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  337.498346][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.515981][ T9698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  337.600196][ T9698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.630700][ T9698] batman_adv: batadv0: Interface activated: batadv_slave_1
[  337.740621][ T9968] batman_adv: batadv0: Adding interface: batadv_slave_0
[  337.747583][ T9968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  338.247839][ T4227] Bluetooth: hci2: command 0x041b tx timeout
[  338.278741][T10056] SQUASHFS error: zlib decompression failed, data probably corrupt
[  338.331371][T10056] SQUASHFS error: Failed to read block 0x4de: -5
[  338.338059][T10056] SQUASHFS error: Failed to read block 0x4e2: -5
[  338.432345][T10056] SQUASHFS error: Failed to read block 0x9ca: -5
[  338.438774][T10056] SQUASHFS error: Failed to read block 0x2cf2: -5
[  338.460512][ T9968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  338.515565][T10056] SQUASHFS error: Failed to read block 0x52cf2: -5
[  338.550592][ T9968] batman_adv: batadv0: Adding interface: batadv_slave_1
[  338.557667][ T9968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  338.630100][T10056] SQUASHFS error: Failed to read block 0x535f2: -5
[  338.677723][   T25] audit: type=1800 audit(1757583388.584:1392): pid=10056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1476" name="file1" dev="loop9" ino=5 res=0 errno=0
[  338.800368][ T9968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  339.117675][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  339.781374][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  339.845932][ T9698] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.860287][ T9698] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.869002][ T9698] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.900562][ T9698] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  340.037151][ T9968] device hsr_slave_0 entered promiscuous mode
[  340.266922][ T9968] device hsr_slave_1 entered promiscuous mode
[  340.462076][ T4227] Bluetooth: hci2: command 0x040f tx timeout
[  340.582618][ T7220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.601969][ T7220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.625290][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  340.700528][ T7220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.709003][ T7220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.761644][T10101] loop9: detected capacity change from 0 to 16
[  340.796486][T10101] erofs: (device loop9): mounted with root inode @ nid 36.
[  340.864731][T10101] erofs: (device loop9): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  340.895467][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  340.934470][T10101] erofs: (device loop9): z_erofs_lz4_decompress: failed to decompress -29 in[58, 4038] out[1851]
[  340.948908][T10106] xt_hashlimit: size too large, truncated to 1048576
[  340.955613][T10106] xt_hashlimit: max too large, truncated to 1048576
[  340.970605][T10101] erofs: (device loop9): z_erofs_readpage: failed to read, err [-117]
[  340.986041][T10106] overlayfs: missing 'lowerdir'
[  341.278203][T10117] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1491'.
[  341.468603][T10122] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  342.237471][T10127] device syzkaller0 entered promiscuous mode
[  342.427027][T10138] loop5: detected capacity change from 0 to 4096
[  342.611685][ T4250] Bluetooth: hci2: command 0x0419 tx timeout
[  342.635068][ T9968] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  342.645903][ T9968] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  342.692694][T10138] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  343.173147][ T9968] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  343.205524][ T9968] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  344.622356][ T5767] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.718165][ T5767] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.826354][ T5767] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.958546][ T9968] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.990497][T10186] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  345.010974][ T5767] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.187864][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  345.227166][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  345.685089][ T9968] 8021q: adding VLAN 0 to HW filter on device team0
[  345.743668][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  345.769312][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  345.778561][ T5232] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.785690][ T5232] bridge0: port 1(bridge_slave_0) entered forwarding state
[  345.813373][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  345.830903][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  345.866080][ T5232] bridge0: port 2(bridge_slave_1) entered blocking state
[  345.873190][ T5232] bridge0: port 2(bridge_slave_1) entered forwarding state
[  345.893332][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  345.905822][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  345.918368][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  345.932946][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  345.976564][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  345.987963][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  346.007929][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  346.022997][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  346.035609][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  346.048322][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  346.081780][ T9968] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  346.100807][ T9968] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  346.115221][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  346.129595][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  346.227935][ T5767] tipc: Left network mode
[  346.610058][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  346.629424][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  346.651441][ T9968] 8021q: adding VLAN 0 to HW filter on device batadv0
[  346.752296][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  346.792942][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  346.955060][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  346.973075][  T532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  346.984489][ T9968] device veth0_vlan entered promiscuous mode
[  347.086985][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  347.098384][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  347.313349][ T9968] device veth1_vlan entered promiscuous mode
[  347.370022][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  347.410911][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  347.463309][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  347.518826][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  347.567386][ T9968] device veth0_macvtap entered promiscuous mode
[  347.586754][   T25] audit: type=1326 audit(1757583397.494:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4c6705ba9 code=0x7ffc0000
[  347.609249][    C0] vkms_vblank_simulate: vblank timer overrun
[  347.641573][ T9968] device veth1_macvtap entered promiscuous mode
[  347.641985][   T25] audit: type=1326 audit(1757583397.524:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd4c6705ba9 code=0x7ffc0000
[  347.721299][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.737250][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.759592][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.783036][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.789932][   T25] audit: type=1326 audit(1757583397.524:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4c6705ba9 code=0x7ffc0000
[  347.804685][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.857000][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.876445][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.916849][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.927387][   T25] audit: type=1326 audit(1757583397.524:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fd4c6705ba9 code=0x7ffc0000
[  348.571958][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  348.582718][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.594226][ T9968] batman_adv: batadv0: Interface activated: batadv_slave_0
[  348.615634][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  348.624433][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  348.657584][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  348.730882][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  348.739321][   T25] audit: type=1326 audit(1757583397.524:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4c6705ba9 code=0x7ffc0000
[  348.761854][    C0] vkms_vblank_simulate: vblank timer overrun
[  348.788737][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.802630][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.818360][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.830489][   T25] audit: type=1326 audit(1757583397.524:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd4c6705ba9 code=0x7ffc0000
[  348.872467][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.891444][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  348.906994][   T25] audit: type=1326 audit(1757583397.524:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd4c6705be3 code=0x7ffc0000
[  348.929210][    C0] vkms_vblank_simulate: vblank timer overrun
[  348.960203][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.055343][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.126487][   T25] audit: type=1326 audit(1757583397.524:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd4c670465f code=0x7ffc0000
[  349.168287][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.242478][ T9968] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.464774][ T9968] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.481740][   T25] audit: type=1326 audit(1757583397.594:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd4c6705c37 code=0x7ffc0000
[  349.790068][ T9968] batman_adv: batadv0: Interface activated: batadv_slave_1
[  349.797994][   T25] audit: type=1326 audit(1757583397.594:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10235 comm="syz.2.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd4c6704510 code=0x7ffc0000
[  349.948489][T10266] loop5: detected capacity change from 0 to 16
[  350.019263][T10266] erofs: (device loop5): mounted with root inode @ nid 36.
[  350.066315][ T5767] device hsr_slave_0 left promiscuous mode
[  350.109420][ T5767] device hsr_slave_1 left promiscuous mode
[  350.134526][ T5767] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  350.150431][T10266] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  350.170054][ T5767] batman_adv: batadv0: Removing interface: batadv_slave_0
[  350.181225][T10266] erofs: (device loop5): z_erofs_lz4_decompress: failed to decompress -29 in[58, 4038] out[1851]
[  350.213390][T10266] erofs: (device loop5): z_erofs_readpage: failed to read, err [-117]
[  350.224696][ T5767] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  350.240442][ T5767] batman_adv: batadv0: Removing interface: batadv_slave_1
[  350.258427][ T5767] device bridge_slave_1 left promiscuous mode
[  350.276663][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.333889][ T5767] device bridge_slave_0 left promiscuous mode
[  350.352560][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.401927][ T5767] device veth1_macvtap left promiscuous mode
[  350.408004][ T5767] device veth0_macvtap left promiscuous mode
[  350.426950][ T5767] device veth1_vlan left promiscuous mode
[  350.576197][ T5767] device veth0_vlan left promiscuous mode
[  352.380852][ T5767] team0 (unregistering): Port device team_slave_1 removed
[  352.455271][ T5767] team0 (unregistering): Port device team_slave_0 removed
[  352.507173][ T5767] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  352.561814][ T5767] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  352.688839][ T5767] bond0 (unregistering): Released all slaves
[  352.835538][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  352.886674][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  352.907305][T10259] device syzkaller0 entered promiscuous mode
[  352.916982][ T9968] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  353.157651][ T9968] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.247287][ T9968] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.387745][ T9968] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.545727][T10293] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  353.823509][ T5232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.847787][ T5232] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.900913][ T7220] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  353.927749][ T7220] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.989402][ T7220] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.038441][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  354.169736][T10329] Cannot find set identified by id 0 to match
[  354.294099][T10335] loop0: detected capacity change from 0 to 16
[  354.364456][T10335] erofs: (device loop0): mounted with root inode @ nid 36.
[  355.183388][T10345] device syzkaller0 entered promiscuous mode
[  355.346792][T10339] loop1: detected capacity change from 0 to 8192
[  356.198521][T10360] loop0: detected capacity change from 0 to 4096
[  356.373975][T10360] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  356.661304][T10374] syz.1.1551 (10374) used greatest stack depth: 18592 bytes left
[  356.750303][ T7469] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  356.855080][T10380] device syzkaller0 entered promiscuous mode
[  356.990323][ T7469] usb 1-1: Using ep0 maxpacket: 32
[  357.214848][ T7469] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  357.260462][ T7469] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  357.335989][ T4198] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  357.347154][ T4198] CPU: 0 PID: 4198 Comm: kworker/u5:7 Not tainted syzkaller #0
[  357.354710][ T4198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  357.364769][ T4198] Workqueue: hci0 hci_rx_work
[  357.369465][ T4198] Call Trace:
[  357.372737][ T4198]  <TASK>
[  357.375667][ T4198]  dump_stack_lvl+0x168/0x230
[  357.380347][ T4198]  ? show_regs_print_info+0x20/0x20
[  357.385540][ T4198]  ? load_image+0x3b0/0x3b0
[  357.390049][ T4198]  sysfs_create_dir_ns+0x252/0x280
[  357.395158][ T4198]  ? sysfs_warn_dup+0xa0/0xa0
[  357.399842][ T4198]  kobject_add_internal+0x662/0xd00
[  357.405039][ T4198]  kobject_add+0x152/0x210
[  357.409495][ T4198]  ? kobject_init+0x1d0/0x1d0
[  357.414191][ T4198]  ? klist_children_get+0x50/0x50
[  357.419217][ T4198]  ? get_device_parent+0x121/0x3f0
[  357.424329][ T4198]  device_add+0x483/0xfb0
[  357.428668][ T4198]  hci_conn_add_sysfs+0xd1/0x1e0
[  357.433607][ T4198]  le_conn_complete_evt+0xcbc/0x1590
[  357.438898][ T4198]  ? cs_le_create_conn+0x5e0/0x5e0
[  357.444016][ T4198]  ? __schedule+0x11c3/0x4390
[  357.448691][ T4198]  ? __mutex_trylock_common+0x14f/0x250
[  357.454242][ T4198]  hci_le_meta_evt+0x289/0x3b80
[  357.459093][ T4198]  ? hci_event_packet+0x36d/0x12f0
[  357.464216][ T4198]  ? hci_event_packet+0x2e2/0x12f0
[  357.469324][ T4198]  ? __lock_acquire+0x7c60/0x7c60
[  357.474348][ T4198]  ? release_firmware_map_entry+0x190/0x190
[  357.480238][ T4198]  ? hci_remote_host_features_evt+0x280/0x280
[  357.486298][ T4198]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  357.491923][ T4198]  ? mark_lock+0x94/0x320
[  357.496249][ T4198]  ? mutex_unlock+0x10/0x10
[  357.500753][ T4198]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  357.506732][ T4198]  ? lock_chain_count+0x20/0x20
[  357.511577][ T4198]  ? __rwlock_init+0x140/0x140
[  357.516343][ T4198]  hci_event_packet+0xe05/0x12f0
[  357.521273][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  357.526474][ T4198]  ? rcu_lock_release+0x20/0x20
[  357.531313][ T4198]  ? lock_acquire+0x1f2/0x3f0
[  357.535990][ T4198]  ? hci_send_to_monitor+0x9c/0x4a0
[  357.541193][ T4198]  hci_rx_work+0x255/0xa10
[  357.545635][ T4198]  process_one_work+0x863/0x1000
[  357.550600][ T4198]  ? worker_detach_from_pool+0x240/0x240
[  357.556231][ T4198]  ? lockdep_hardirqs_off+0x70/0x100
[  357.561515][ T4198]  ? _raw_spin_lock_irq+0xab/0xe0
[  357.566536][ T4198]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  357.571908][ T4198]  ? wq_worker_running+0x97/0x170
[  357.576931][ T4198]  worker_thread+0xaa8/0x12a0
[  357.581603][ T4198]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  357.587515][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  357.592733][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  357.597941][ T4198]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  357.603862][ T4198]  kthread+0x436/0x520
[  357.607937][ T4198]  ? rcu_lock_release+0x20/0x20
[  357.611801][ T7469] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  357.612781][ T4198]  ? kthread_blkcg+0xd0/0xd0
[  357.626355][ T4198]  ret_from_fork+0x1f/0x30
[  357.630808][ T4198]  </TASK>
[  357.647825][ T4198] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  357.661789][ T4198] Bluetooth: hci0: failed to register connection device
[  357.688556][ T7469] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.758223][ T7469] usb 1-1: config 0 descriptor??
[  357.864114][T10404] loop1: detected capacity change from 0 to 512
[  357.999928][T10404] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  358.139527][T10404] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  358.279899][ T7469] savu 0003:1E7D:2D5A.000C: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  358.471013][T10404] EXT4-fs error (device loop1): ext4_do_update_inode:5204: inode #2: comm syz.1.1558: corrupted inode contents
[  358.595691][T10404] EXT4-fs error (device loop1): ext4_dirty_inode:6040: inode #2: comm syz.1.1558: mark_inode_dirty error
[  358.673218][ T4186] usb 1-1: USB disconnect, device number 12
[  358.690646][T10404] EXT4-fs error (device loop1): ext4_do_update_inode:5204: inode #2: comm syz.1.1558: corrupted inode contents
[  358.804953][T10427] fido_id[10427]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  359.536523][T10450] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1570'.
[  359.652634][T10453] netlink: 47 bytes leftover after parsing attributes in process `syz.0.1571'.
[  359.672760][T10453] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1571'.
[  360.471881][T10470] 9pnet: Insufficient options for proto=fd
[  360.660371][ T7469] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  360.920222][ T7469] usb 1-1: Using ep0 maxpacket: 16
[  361.075353][ T7469] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.099047][ T7469] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.126945][ T7469] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  361.182288][ T7469] usb 1-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  361.228540][ T7469] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.302228][ T7469] usb 1-1: config 0 descriptor??
[  362.814941][ T7469] hid-generic 0003:0457:07DA.000D: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.0-1/input0
[  363.376430][ T4186] usb 1-1: USB disconnect, device number 13
[  363.661410][T10540] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1585'.
[  363.686139][T10533] fido_id[10533]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  364.756433][T10575] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1605'.
[  364.902577][T10582] device batadv_slave_1 entered promiscuous mode
[  365.377904][T10595] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  365.444704][T10595] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  365.523198][T10595] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  365.693920][T10605] loop1: detected capacity change from 0 to 1024
[  368.310251][ T4304] Bluetooth: hci2: command 0x0411 tx timeout
[  368.386155][T10581] device batadv_slave_1 left promiscuous mode
[  368.700498][   T26] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  369.121871][   T26] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  369.180633][   T26] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3
[  369.253995][   T26] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  369.301735][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.398508][   T26] usb 2-1: config 0 descriptor??
[  370.493390][   T26] usb 2-1: Direct firmware load for ar3k/AthrBT_0x00000000.dfu failed with error -2
[  370.523374][   T26] usb 2-1: Falling back to sysfs fallback for: ar3k/AthrBT_0x00000000.dfu
[  370.923632][T10731] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1652'.
[  373.074608][T10780] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1656'.
[  375.354441][T10824] loop1: detected capacity change from 0 to 1024
[  375.412537][T10827] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1668'.
[  375.479653][T10829] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  375.575872][T10829] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  375.682490][T10829] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  375.692678][T10829] device bridge_slave_0 left promiscuous mode
[  375.698892][T10829] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.810644][T10829] device bridge_slave_1 left promiscuous mode
[  375.816934][T10829] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.918330][T10840] hfsplus: found bad thread record in catalog
[  375.924754][T10840] hfsplus: catalog searching failed
[  376.105391][T10829] bond0: (slave bond_slave_0): Releasing backup interface
[  376.222106][T10829] bond0: (slave bond_slave_1): Releasing backup interface
[  376.893856][T10829] team0: Port device team_slave_0 removed
[  376.938332][T10829] team0: Port device team_slave_1 removed
[  376.946246][T10829] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  376.964410][T10829] batman_adv: batadv0: Removing interface: batadv_slave_0
[  376.976055][T10829] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  376.987189][T10829] batman_adv: batadv0: Removing interface: batadv_slave_1
[  377.135557][T10289] hfsplus: found bad thread record in catalog
[  377.160524][T10289] hfsplus: found bad thread record in catalog
[  378.568576][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  378.574945][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  378.635603][T10864] loop1: detected capacity change from 0 to 1024
[  378.654108][T10867] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1680'.
[  378.780112][T10864] EXT4-fs (loop1): inline encryption not supported
[  378.827198][T10864] EXT4-fs (loop1): Ignoring removed nobh option
[  378.890299][T10864] EXT4-fs (loop1): Ignoring removed bh option
[  378.896437][T10864] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  379.041019][T10864] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  380.806310][T10921] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1691'.
[  382.404112][T10954] loop1: detected capacity change from 0 to 16
[  382.458480][T10954] erofs: (device loop1): mounted with root inode @ nid 36.
[  382.493098][T10954] erofs: (device loop1): z_erofs_readahead: readahead error at page 2 @ nid 89
[  382.560517][ T4198] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192]
[  382.618714][T10954] erofs: (device loop1): z_erofs_readahead: readahead error at page 10 @ nid 89
[  382.705355][T10954] erofs: (device loop1): z_erofs_readahead: readahead error at page 9 @ nid 89
[  382.747656][T10954] erofs: (device loop1): z_erofs_readahead: readahead error at page 8 @ nid 89
[  382.780392][T10954] erofs: (device loop1): z_erofs_readahead: readahead error at page 7 @ nid 89
[  382.822253][T10954] erofs: (device loop1): z_erofs_readahead: readahead error at page 6 @ nid 89
[  382.861916][T10954] erofs: (device loop1): z_erofs_readahead: readahead error at page 5 @ nid 89
[  382.906946][T10954] erofs: (device loop1): z_erofs_readahead: readahead error at page 4 @ nid 89
[  382.919670][T10954] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress 6887 in[4096, 0] out[8192]
[  383.017760][   T25] kauditd_printk_skb: 3 callbacks suppressed
[  383.017773][   T25] audit: type=1800 audit(1757583432.924:1406): pid=10954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1698" name="file2" dev="loop1" ino=89 res=0 errno=0
[  383.898884][T10991] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1704'.
[  389.487560][T11095] trusted_key: encrypted_key: insufficient parameters specified
[  390.556432][   T25] audit: type=1326 audit(1757583440.464:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf718bdba9 code=0x7ffc0000
[  390.615585][   T25] audit: type=1326 audit(1757583440.494:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7faf718bdba9 code=0x7ffc0000
[  390.678002][   T25] audit: type=1326 audit(1757583440.494:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7faf718bdbe3 code=0x7ffc0000
[  390.742568][   T25] audit: type=1326 audit(1757583440.494:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7faf718bc65f code=0x7ffc0000
[  390.805717][   T25] audit: type=1326 audit(1757583440.504:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7faf718bdc37 code=0x7ffc0000
[  390.895554][   T25] audit: type=1326 audit(1757583440.504:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faf718bc510 code=0x7ffc0000
[  390.951427][   T25] audit: type=1326 audit(1757583440.504:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7faf718bc80a code=0x7ffc0000
[  391.003660][T11147] trusted_key: encrypted_key: insufficient parameters specified
[  391.011780][   T25] audit: type=1326 audit(1757583440.504:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf718bdba9 code=0x7ffc0000
[  391.089716][   T25] audit: type=1326 audit(1757583440.504:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7faf718bdba9 code=0x7ffc0000
[  391.150229][   T25] audit: type=1326 audit(1757583440.504:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11130 comm="syz.9.1740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf718bdba9 code=0x7ffc0000
[  392.521355][T11182] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1754'.
[  392.595167][T11188] trusted_key: encrypted_key: insufficient parameters specified
[  394.651619][T11226] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  394.904556][T11240] loop1: detected capacity change from 0 to 1024
[  394.936235][T11243] trusted_key: encrypted_key: key user:syz not found
[  395.061301][T11240] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[  396.237245][   T25] kauditd_printk_skb: 8 callbacks suppressed
[  396.237260][   T25] audit: type=1804 audit(1757583446.144:1425): pid=11240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1766" name="/newroot/39/file1/bus" dev="loop1" ino=18 res=1 errno=0
[  397.225686][T11285] trusted_key: encrypted_key: key user:syz not found
[  397.369405][T11292] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1784'.
[  398.927692][T11309] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  399.184762][T11327] trusted_key: encrypted_key: key user:syz not found
[  400.237876][T11369] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  400.440249][T11375] loop1: detected capacity change from 0 to 1024
[  400.545730][T11375] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  400.558482][T11375] EXT4-fs (loop1): orphan cleanup on readonly fs
[  400.575543][T11375] EXT4-fs error (device loop1): ext4_free_blocks:6218: comm syz.1.1805: Freeing blocks not in datazone - block = 0, count = 4096
[  400.601201][T11375] EXT4-fs (loop1): 1 orphan inode deleted
[  400.607520][T11375] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  403.190556][T11427] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  404.460163][    C0] sched: RT throttling activated
[  405.748178][   T25] audit: type=1326 audit(1757583455.654:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11470 comm="syz.2.1831" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd4c6705ba9 code=0x0
[  405.957383][   T25] audit: type=1326 audit(1757583455.854:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11480 comm="syz.9.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf718bdba9 code=0x7ffc0000
[  406.034816][   T25] audit: type=1326 audit(1757583455.904:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11480 comm="syz.9.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7faf718bdba9 code=0x7ffc0000
[  406.110638][   T25] audit: type=1326 audit(1757584223.912:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11480 comm="syz.9.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf718bdba9 code=0x7ffc0000
[  407.928147][T11516] trusted_key: encrypted_key: insufficient parameters specified
[  410.182729][T11570] tipc: Started in network mode
[  410.187598][T11570] tipc: Node identity 0aa826fcdfb4, cluster identity 4711
[  410.217320][T11570] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  410.265546][T11576] device syzkaller0 entered promiscuous mode
[  410.339773][T11579] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1857'.
[  410.349268][T11567] tipc: Resetting bearer <eth:syzkaller0>
[  410.378769][T11567] tipc: Disabling bearer <eth:syzkaller0>
[  411.150180][T11590] loop1: detected capacity change from 0 to 1024
[  411.256906][T11590] EXT4-fs (loop1): inline encryption not supported
[  411.264093][T11590] EXT4-fs (loop1): Ignoring removed nobh option
[  411.285344][T11590] EXT4-fs (loop1): Ignoring removed bh option
[  411.315253][T11590] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  411.394550][T11590] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  411.523651][T11610] trusted_key: encrypted_key: insufficient parameters specified
[  413.176562][T11640] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  413.864508][T11655] trusted_key: encrypted_key: insufficient parameters specified
[  415.059817][T11677] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  415.951705][  T532] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  417.002251][  T532] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  417.010092][  T532] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  417.066774][T11720] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1894'.
[  417.135527][T11728] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  418.882943][T11794] loop1: detected capacity change from 0 to 512
[  419.183319][T11804] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1921'.
[  419.725709][T11794] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  419.740391][T11794] ext4 filesystem being mounted at /52/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.739834][T11858] netlink: 'syz.9.1934': attribute type 4 has an invalid length.
[  421.827783][T11860] loop1: detected capacity change from 0 to 2048
[  423.334378][T11889] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1945'.
[  423.343589][T11889] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1945'.
[  423.352572][T11889] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1945'.
[  423.361528][T11889] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1945'.
[  423.481189][T11897] cgroup: name respecified
[  423.604547][T11897] sch_tbf: peakrate 1 is lower than or equals to rate 5 !
[  425.009801][T11926] trusted_key: encrypted_key: insufficient parameters specified
[  425.068097][T11935] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1958'.
[  425.077611][T11935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1958'.
[  425.086848][T11935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1958'.
[  425.096566][T11935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1958'.
[  427.215288][T11971] trusted_key: encrypted_key: insufficient parameters specified
[  427.239478][T11972] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1969'.
[  427.279024][T11972] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1969'.
[  428.829040][T12001] netlink: 'syz.1.1974': attribute type 4 has an invalid length.
[  429.059774][T12016] __nla_validate_parse: 2 callbacks suppressed
[  429.059790][T12016] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1982'.
[  429.220893][T12019] loop1: detected capacity change from 0 to 256
[  429.449253][T12019] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  429.492021][T12019] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  429.655431][T12019] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  431.127090][T12053] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  431.950851][T12073] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1994'.
[  432.020372][T12073] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1994'.
[  432.103549][T12073] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1994'.
[  432.115279][T12077] device wlan0 entered promiscuous mode
[  432.155692][T12077] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  432.198432][T12079] 9pnet: Insufficient options for proto=fd
[  433.760871][   T26] Bluetooth: Patch file not found ar3k/AthrBT_0x00000000.dfu
[  433.768621][   T26] Bluetooth: Loading patch file failed
[  433.775188][   T26] ath3k: probe of 2-1:0.0 failed with error -110
[  433.784530][   T26] usb 2-1: USB disconnect, device number 2
[  433.987679][T12110] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2005'.
[  434.728437][T12119] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2006'.
[  434.808094][T12124] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2007'.
[  434.821618][T12124] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2007'.
[  434.861291][T12124] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2007'.
[  435.045118][   T25] audit: type=1326 audit(1757584254.402:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.107624][   T25] audit: type=1326 audit(1757584254.402:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.174562][   T25] audit: type=1326 audit(1757584254.402:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.259981][   T25] audit: type=1326 audit(1757584254.402:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.331708][   T25] audit: type=1326 audit(1757584254.402:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.426352][   T25] audit: type=1326 audit(1757584254.402:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.486146][   T25] audit: type=1326 audit(1757584254.402:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.527824][T12150] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  435.588893][   T25] audit: type=1326 audit(1757584254.402:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.760312][   T25] audit: type=1326 audit(1757584254.402:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  435.982860][   T25] audit: type=1326 audit(1757584254.402:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12129 comm="syz.0.2009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f37bda47ba9 code=0x7ffc0000
[  437.972262][T12203] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  438.215378][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  438.236155][T12213] loop1: detected capacity change from 0 to 1024
[  438.243154][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  438.308335][T12213] EXT4-fs (loop1): bad geometry: first data block is 0 with a 1k block and cluster size
[  439.369713][T12241] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2030'.
[  440.194790][ T4227] Bluetooth: hci5: command 0x0406 tx timeout
[  440.319102][T12258] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  440.377277][T12261] 9pnet: Insufficient options for proto=fd
[  441.796479][T12319] loop1: detected capacity change from 0 to 2048
[  442.057092][T12328] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  442.124207][T12319] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,noload,acl,auto_da_alloc,,errors=continue. Quota mode: none.
[  444.072399][T12391] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  444.628681][T12419] loop1: detected capacity change from 0 to 8192
[  444.715727][T12419]  loop1: p1 p2
[  444.724770][T12419] loop1: partition table partially beyond EOD, truncated
[  444.759853][T12419] loop1: p1 start 16777216 is beyond EOD, truncated
[  444.795950][T12419] loop1: p2 size 515840 extends beyond EOD, truncated
[  444.938430][T12445] mmap: syz.0.2078 (12445): VmData 29085696 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  445.535413][T12469] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  445.563154][T12469] device syzkaller0 entered promiscuous mode
[  445.599707][T12469] tipc: Resetting bearer <eth:syzkaller0>
[  445.628299][T12468] tipc: Resetting bearer <eth:syzkaller0>
[  445.680759][T12468] tipc: Disabling bearer <eth:syzkaller0>
[  447.085608][T12519] loop1: detected capacity change from 0 to 8192
[  447.189600][T12519]  loop1: p1 p2
[  447.193701][T12519] loop1: partition table partially beyond EOD, truncated
[  447.238969][T12519] loop1: p1 start 16777216 is beyond EOD, truncated
[  447.265889][T12519] loop1: p2 size 515840 extends beyond EOD, truncated
[  449.701875][T12641] trusted_key: encrypted_key: master key parameter 'us' is invalid
[  451.570908][T12687] trusted_key: encrypted_key: master key parameter 'us' is invalid
[  452.036588][T12706] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  452.477134][T12729] loop1: detected capacity change from 0 to 512
[  452.545074][T12729] EXT4-fs (loop1): Ignoring removed nobh option
[  452.628850][T12729] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.2135: iget: bad i_size value: 38620345925642
[  452.676222][T12729] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.2135: couldn't read orphan inode 15 (err -117)
[  452.722756][T12729] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback.
[  453.359262][T12745] trusted_key: encrypted_key: master key parameter 'us' is invalid
[  455.372406][T12757] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  457.561801][T12812] loop1: detected capacity change from 0 to 1024
[  457.608738][T12812] EXT4-fs (loop1): inline encryption not supported
[  457.625463][T12812] EXT4-fs (loop1): Ignoring removed nobh option
[  457.647356][T12812] EXT4-fs (loop1): Ignoring removed bh option
[  457.660700][T12812] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  457.761684][T12812] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,init_itable=0x0000000000000003,inlinecrypt,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  461.295964][T12896] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  462.550392][T12929] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2176'.
[  463.829753][T12950] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2181'.
[  464.174872][T12958] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  466.461131][T12991] loop1: detected capacity change from 0 to 764
[  467.649660][T13011] loop1: detected capacity change from 0 to 1024
[  467.933348][T13011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2192'.
[  468.127657][T13025] loop1: detected capacity change from 0 to 1024
[  468.190894][T13025] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  468.288818][T13025] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,debug_want_extra_isize=0x0000000000000070,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,max_batch_time=0x00000000000003fe,user_xattr,noinit_itable,,errors=continue. Quota mode: none.
[  468.485795][T13025] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2195'.
[  468.502110][T13025] netlink: 51 bytes leftover after parsing attributes in process `syz.1.2195'.
[  468.511176][T13025] netlink: 51 bytes leftover after parsing attributes in process `syz.1.2195'.
[  468.543137][T13039] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  469.862407][T13076] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2207'.
[  470.054078][T13091] loop1: detected capacity change from 0 to 256
[  470.112184][T13091] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  470.134170][T13091] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  470.157267][T13091] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  471.326362][T13121] netlink: 116 bytes leftover after parsing attributes in process `syz.5.2219'.
[  472.595875][T13149] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2227'.
[  474.208647][ T4198] Bluetooth: hci5: Unknown advertising packet type: 0xffff
[  474.208728][ T4198] Bluetooth: hci5: Unknown advertising packet type: 0x20
[  474.216736][ T4198] ==================================================================
[  474.232150][ T4198] BUG: KASAN: slab-out-of-bounds in hci_le_meta_evt+0x12c0/0x3b80
[  474.239965][ T4198] Read of size 1 at addr ffff888022ce040a by task kworker/u5:7/4198
[  474.248028][ T4198] 
[  474.250351][ T4198] CPU: 0 PID: 4198 Comm: kworker/u5:7 Not tainted syzkaller #0
[  474.257888][ T4198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  474.267946][ T4198] Workqueue: hci5 hci_rx_work
[  474.272631][ T4198] Call Trace:
[  474.275912][ T4198]  <TASK>
[  474.278841][ T4198]  dump_stack_lvl+0x168/0x230
[  474.283527][ T4198]  ? show_regs_print_info+0x20/0x20
[  474.288733][ T4198]  ? load_image+0x3b0/0x3b0
[  474.293233][ T4198]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[  474.298619][ T4198]  print_address_description+0x60/0x2d0
[  474.304177][ T4198]  ? hci_le_meta_evt+0x12c0/0x3b80
[  474.309288][ T4198]  kasan_report+0xdf/0x130
[  474.313706][ T4198]  ? hci_le_meta_evt+0x12c0/0x3b80
[  474.318825][ T4198]  hci_le_meta_evt+0x12c0/0x3b80
[  474.323770][ T4198]  ? hci_event_packet+0x230/0x12f0
[  474.328894][ T4198]  ? hci_remote_host_features_evt+0x280/0x280
[  474.334961][ T4198]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  474.340590][ T4198]  ? mark_lock+0x94/0x320
[  474.344925][ T4198]  ? mutex_unlock+0x10/0x10
[  474.349433][ T4198]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  474.355417][ T4198]  ? lock_chain_count+0x20/0x20
[  474.360268][ T4198]  ? __rwlock_init+0x140/0x140
[  474.365031][ T4198]  hci_event_packet+0xe05/0x12f0
[  474.369974][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  474.375180][ T4198]  ? rcu_lock_release+0x20/0x20
[  474.380039][ T4198]  ? hci_send_to_monitor+0x9c/0x4a0
[  474.385240][ T4198]  hci_rx_work+0x255/0xa10
[  474.389675][ T4198]  process_one_work+0x863/0x1000
[  474.394629][ T4198]  ? worker_detach_from_pool+0x240/0x240
[  474.400268][ T4198]  ? lockdep_hardirqs_off+0x70/0x100
[  474.405656][ T4198]  ? _raw_spin_lock_irq+0xab/0xe0
[  474.410685][ T4198]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  474.416064][ T4198]  ? wq_worker_running+0x97/0x170
[  474.421089][ T4198]  worker_thread+0xaa8/0x12a0
[  474.425769][ T4198]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  474.431667][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  474.436873][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  474.442073][ T4198]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  474.447986][ T4198]  kthread+0x436/0x520
[  474.452053][ T4198]  ? rcu_lock_release+0x20/0x20
[  474.456909][ T4198]  ? kthread_blkcg+0xd0/0xd0
[  474.461504][ T4198]  ret_from_fork+0x1f/0x30
[  474.465935][ T4198]  </TASK>
[  474.468952][ T4198] 
[  474.471272][ T4198] Allocated by task 13168:
[  474.475678][ T4198]  __kasan_kmalloc+0xb5/0xf0
[  474.480270][ T4198]  __alloc_skb+0x22c/0x750
[  474.484685][ T4198]  vhci_write+0xbc/0x450
[  474.488927][ T4198]  vfs_write+0x712/0xd00
[  474.493164][ T4198]  ksys_write+0x14d/0x250
[  474.497495][ T4198]  do_syscall_64+0x4c/0xa0
[  474.501906][ T4198]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  474.507798][ T4198] 
[  474.510115][ T4198] Last potentially related work creation:
[  474.515821][ T4198]  kasan_save_stack+0x35/0x60
[  474.520497][ T4198]  kasan_record_aux_stack+0xb8/0x100
[  474.525786][ T4198]  insert_work+0x54/0x3d0
[  474.530118][ T4198]  __queue_work+0x9c5/0xd50
[  474.534617][ T4198]  queue_work_on+0x11d/0x1d0
[  474.539213][ T4198]  p9_fd_request+0x299/0x4a0
[  474.543808][ T4198]  p9_client_rpc+0x28f/0xf80
[  474.548414][ T4198]  p9_client_create+0x8bf/0xea0
[  474.553280][ T4198]  v9fs_session_init+0x1dd/0x17e0
[  474.558320][ T4198]  v9fs_mount+0x72/0x850
[  474.562570][ T4198]  legacy_get_tree+0xe6/0x180
[  474.567251][ T4198]  vfs_get_tree+0x88/0x270
[  474.571684][ T4198]  do_new_mount+0x24a/0xa40
[  474.576194][ T4198]  __se_sys_mount+0x2d6/0x3c0
[  474.580881][ T4198]  do_syscall_64+0x4c/0xa0
[  474.585310][ T4198]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  474.591346][ T4198] 
[  474.593674][ T4198] Second to last potentially related work creation:
[  474.600255][ T4198]  kasan_save_stack+0x35/0x60
[  474.604941][ T4198]  kasan_record_aux_stack+0xb8/0x100
[  474.610233][ T4198]  insert_work+0x54/0x3d0
[  474.614568][ T4198]  __queue_work+0x9c5/0xd50
[  474.619072][ T4198]  queue_work_on+0x11d/0x1d0
[  474.623672][ T4198]  p9_poll_workfn+0x25d/0x5a0
[  474.628350][ T4198]  process_one_work+0x863/0x1000
[  474.633290][ T4198]  worker_thread+0xaa8/0x12a0
[  474.637968][ T4198]  kthread+0x436/0x520
[  474.642038][ T4198]  ret_from_fork+0x1f/0x30
[  474.646458][ T4198] 
[  474.648774][ T4198] The buggy address belongs to the object at ffff888022ce0000
[  474.648774][ T4198]  which belongs to the cache kmalloc-1k of size 1024
[  474.662821][ T4198] The buggy address is located 10 bytes to the right of
[  474.662821][ T4198]  1024-byte region [ffff888022ce0000, ffff888022ce0400)
[  474.676626][ T4198] The buggy address belongs to the page:
[  474.682269][ T4198] page:ffffea00008b3800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22ce0
[  474.692422][ T4198] head:ffffea00008b3800 order:3 compound_mapcount:0 compound_pincount:0
[  474.700746][ T4198] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  474.708747][ T4198] raw: 00fff00000010200 ffffea0001d8ba00 0000000300000003 ffff888016841dc0
[  474.717333][ T4198] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  474.725911][ T4198] page dumped because: kasan: bad access detected
[  474.732322][ T4198] page_owner tracks the page as allocated
[  474.738021][ T4198] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4183, ts 55551547467, free_ts 55540035927
[  474.757097][ T4198]  get_page_from_freelist+0x1b77/0x1c60
[  474.762630][ T4198]  __alloc_pages+0x1e1/0x470
[  474.767198][ T4198]  new_slab+0xc0/0x4b0
[  474.771242][ T4198]  ___slab_alloc+0x81e/0xdf0
[  474.775808][ T4198]  __kmalloc_node+0x200/0x3b0
[  474.780461][ T4198]  qdisc_alloc+0x8d/0xb10
[  474.784770][ T4198]  qdisc_create_dflt+0x5f/0x430
[  474.789599][ T4198]  dev_activate+0x331/0x12b0
[  474.794166][ T4198]  __dev_open+0x32c/0x420
[  474.798472][ T4198]  __dev_change_flags+0x20a/0x6a0
[  474.803476][ T4198]  dev_change_flags+0x82/0x1a0
[  474.808215][ T4198]  do_setlink+0xc01/0x3980
[  474.812608][ T4198]  rtnl_newlink+0x1419/0x17d0
[  474.817262][ T4198]  rtnetlink_rcv_msg+0x9b9/0xe60
[  474.822178][ T4198]  netlink_rcv_skb+0x1e0/0x430
[  474.826918][ T4198]  netlink_unicast+0x774/0x920
[  474.831658][ T4198] page last free stack trace:
[  474.836303][ T4198]  free_unref_page_prepare+0x637/0x6c0
[  474.841742][ T4198]  free_unref_page+0x94/0x280
[  474.846399][ T4198]  __unfreeze_partials+0x1a5/0x200
[  474.851487][ T4198]  put_cpu_partial+0x12d/0x190
[  474.856228][ T4198]  qlist_free_all+0x35/0x90
[  474.860712][ T4198]  kasan_quarantine_reduce+0x150/0x160
[  474.866149][ T4198]  __kasan_slab_alloc+0x2f/0xd0
[  474.870976][ T4198]  slab_post_alloc_hook+0x4c/0x380
[  474.876066][ T4198]  __kmalloc+0x127/0x330
[  474.880284][ T4198]  tomoyo_realpath_from_path+0x118/0x610
[  474.885894][ T4198]  tomoyo_path_perm+0x1cd/0x510
[  474.890723][ T4198]  security_inode_getattr+0xcf/0x120
[  474.895985][ T4198]  vfs_getattr+0x26/0x3a0
[  474.900294][ T4198]  __x64_sys_newfstat+0x104/0x1d0
[  474.905295][ T4198]  do_syscall_64+0x4c/0xa0
[  474.909688][ T4198]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  474.915560][ T4198] 
[  474.917866][ T4198] Memory state around the buggy address:
[  474.923473][ T4198]  ffff888022ce0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  474.931511][ T4198]  ffff888022ce0380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  474.939548][ T4198] >ffff888022ce0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  474.947584][ T4198]                       ^
[  474.951886][ T4198]  ffff888022ce0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  474.959920][ T4198]  ffff888022ce0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  474.967954][ T4198] ==================================================================
[  474.975985][ T4198] Disabling lock debugging due to kernel taint
[  474.985569][ T4198] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  474.992770][ T4198] CPU: 0 PID: 4198 Comm: kworker/u5:7 Tainted: G    B             syzkaller #0
[  475.001695][ T4198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  475.011746][ T4198] Workqueue: hci5 hci_rx_work
[  475.016421][ T4198] Call Trace:
[  475.019689][ T4198]  <TASK>
[  475.022607][ T4198]  dump_stack_lvl+0x168/0x230
[  475.027280][ T4198]  ? show_regs_print_info+0x20/0x20
[  475.032473][ T4198]  ? load_image+0x3b0/0x3b0
[  475.036976][ T4198]  panic+0x2c9/0x7f0
[  475.040868][ T4198]  ? bpf_jit_dump+0xd0/0xd0
[  475.045367][ T4198]  ? _raw_spin_unlock_irqrestore+0xf6/0x100
[  475.051261][ T4198]  ? _raw_spin_unlock+0x40/0x40
[  475.056114][ T4198]  ? hci_le_meta_evt+0x12c0/0x3b80
[  475.061224][ T4198]  check_panic_on_warn+0x80/0xa0
[  475.066160][ T4198]  ? hci_le_meta_evt+0x12c0/0x3b80
[  475.071270][ T4198]  end_report+0x6d/0xf0
[  475.075420][ T4198]  kasan_report+0x102/0x130
[  475.079922][ T4198]  ? hci_le_meta_evt+0x12c0/0x3b80
[  475.085032][ T4198]  hci_le_meta_evt+0x12c0/0x3b80
[  475.089970][ T4198]  ? hci_event_packet+0x230/0x12f0
[  475.095082][ T4198]  ? hci_remote_host_features_evt+0x280/0x280
[  475.101144][ T4198]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  475.106777][ T4198]  ? mark_lock+0x94/0x320
[  475.111104][ T4198]  ? mutex_unlock+0x10/0x10
[  475.115604][ T4198]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  475.121584][ T4198]  ? lock_chain_count+0x20/0x20
[  475.126436][ T4198]  ? __rwlock_init+0x140/0x140
[  475.131284][ T4198]  hci_event_packet+0xe05/0x12f0
[  475.136218][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  475.141416][ T4198]  ? rcu_lock_release+0x20/0x20
[  475.146267][ T4198]  ? hci_send_to_monitor+0x9c/0x4a0
[  475.151460][ T4198]  hci_rx_work+0x255/0xa10
[  475.155876][ T4198]  process_one_work+0x863/0x1000
[  475.160811][ T4198]  ? worker_detach_from_pool+0x240/0x240
[  475.166442][ T4198]  ? lockdep_hardirqs_off+0x70/0x100
[  475.171724][ T4198]  ? _raw_spin_lock_irq+0xab/0xe0
[  475.176748][ T4198]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  475.182115][ T4198]  ? wq_worker_running+0x97/0x170
[  475.187137][ T4198]  worker_thread+0xaa8/0x12a0
[  475.191812][ T4198]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  475.197712][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  475.202909][ T4198]  ? lockdep_hardirqs_on+0x94/0x140
[  475.208102][ T4198]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  475.213998][ T4198]  kthread+0x436/0x520
[  475.218060][ T4198]  ? rcu_lock_release+0x20/0x20
[  475.222909][ T4198]  ? kthread_blkcg+0xd0/0xd0
[  475.227496][ T4198]  ret_from_fork+0x1f/0x30
[  475.231914][ T4198]  </TASK>
[  475.235111][ T4198] Kernel Offset: disabled
[  475.239431][ T4198] Rebooting in 86400 seconds..