last executing test programs:

12.014738426s ago: executing program 3 (id=3089):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x2000005c, &(0x7f0000000500)=ANY=[], 0x1, 0x151b, &(0x7f0000001580)="$eJzs3AuUjlXbOPB97b3vMaZJT5Mchn3t6+ZJg22SJIeEHJIkSZKcEpImSRISQ05JQxJynCSHISSHaUwa5/Mh56TJK0mSkJBk/5fe3k/93/d7D+vt+7zrm+u31l6zr7mfaz/Xfq5Z89zPvdb9fNNjZN3m9Wo1JSLxb4E//0gVQsQKIYYKIa4RQgRCiIoJFRMuHc+vIPXfexL2x3ow40pXwK4k7n/exv3P27j/eRv3P2/j/udt3P+8jfuft3H/GcvLts0uei2PvDv4+n9exu///4ccLjfpiw3lru/5L6Rw//M27n/exv3P27j/eRv3P2/j/v/fV/PvHOP+523cf8bysv+6FnzBe/8fcD2ax//uuNJ/f4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG8oZz/jIthPjL/ErXxRhjjDHGGGOMsT+Oz3elK2CMMcYYY4wxxtj/PBBSKKFFIGJEPhEr8os4cZWIF1eLAuIaERHXigRxnSgorheFRGFRRBQViaKYKC6MQGEFiVCUECVFVNwgSokbRZIoLcqIssKJciJZ3CTKi5tFBXGLqChuFZXEbaKyqCKqimridlFd3CFqiJqilrhT1BZ1RF1RT9wl6ou7RQNxj2go7hWNxH2isbhfNBEPiKbiQdFMPCSai4dFC/GIaClaidaijWj7+/wp/1z+C6KPeFH0Ff1EqugvBoiXxEAxSAwWQ8RQ8bIYJl4Rw8WrIk2MECPFa2KUeF2MFm+IMWKsGCfeFOPFBDFRTBKTxRSRLt4SU8XbYpp4R0wXM8RMMUtkiNlijnhXzBXzxHzxnlgg3hcLxSKxWCwRmeIDkSWWimzxoVgmPhI5YrlYIVaKVWK1WCPWinVivdggNopNYrPYIraKbeJjsV3sEDvFLrFb7BF7xSdin/hU7BefiVzx+b+Yf/b/y+8JAgRIkKBBQwzEQCzEQhzEQTzEQwEoABGIQAIkQEEoCIWgEBSBIpAIiVAcigMCAgFBCSgBUYhCKSgFSZAEZaAMOHCQDMlQHm6GClABKkJFqASVoDJUgSpQDapBdagONaAG1IJaUBtqQ12oC3fBXXA3NIAG0BAaQiNoBI2hMTSBJtAUmkIzaAbNoTm0gBbQElpCa2gNbaEttIN20B7aQ0foCJ2gE3SGzpACKdAFukBX6ArdoBt0h+7QA3pAT+gFveAFeAFehBehH9SW/WEADICBMBAGwxAYAi/DMHgFXoFXIQ1GwEh4DV6D12E0nIExMBbGwTioLifARJgEJKdAOqTDVJgK02AaTIcZMANmQQbMhjkwB+bCPJgH78ECeB/eh0WwCJZAJmRCFiyFbMiGZXAWcmA5rICVsApWwypYC+tgLWyAjbABNsNm2Apb4WP4GHbADtgFu2AP7IFP4BP4FD6FNMiFXDgAB+AgHIRDcAgOw2E4AkfgKByFY3AMjsNxOAEn4RSchNNwGs7AWTgH5+A8nIcL8FziV832lF6fJuQlWmoZI2NkrIyVcTJOxst4WUAWkBEZkQkyQRaUBWUhWUgWkUVkokyUxWVxiRIlyVCWkCVkVEZlKVlKJskkWUaWkU46mSyTZXlZXlaQFWRFeausJG+TlWUV2cFVk9VkddnR1ZA1ZS1ZS9aWdWRdWU/Wk/VlfdlANpANZUPZSDaSjeX9sonsD4PhQXmpM83lCGghR0JL2Uq2lm3k6/CobCdHQ3vZQXaUj8uxMAY6y3YuRT4lu8iJ0FU+IyfBs7K7nAI95POyp+wle8sXZB/Z3vWV/eR06C8HyFkwUA6Sg+UQORfqyEsdqytflWlyhBwpX5NL4HU5Wr4hx8ixcpx8U46XE+REOUlOllNkunxLTpVvy2nyHTldzpAz5SyZIWfLOfJdOVfOk/Ple3KBfF8ulIvkYrlEZsoPZJZcKrPlh3KZ/EjmyOVyhVwpV8nVco1cK9fJ9XKD3Cg3yc1yi9wqt8mP5Xa5Q+6Uu+RuuUfulZ/IffJTuV9+JnPl5/KA/JM8KL+Qh+SX8rD8Sh6RX8uj8ht5TH4rj8vv5Al5Up6S38vT8gd5Rp6V5+SP8rz8SV6QP8uL0kuhQEmllFaBilH5VKzKr+LUVSpeXa0KqGtURF2rEtR1qqC6XhVShVURVVQlqmKquDIKlVWkQlVClVRRdYMqpW5USaq0KqPKKqfKqWR1kyqvblYV1C2qorpVVVK3qcqqiqqqqqnbVXV1h6qhaqpa6k5VW9VRdVU9dZeqr+5WDdQ9qqG6VzVS96nG6n7VRD2gmqoHVTP1kGquHlYt1COqpWqlWqs2qq16VLVTj6n2qoPqqB5XndQTqrN6UqWop1QX9bTqqp5R3dSzqrt6TvVQz6ueqpfqrX5WF5VXfVU/lar6qwHqJTVQDVKD1RA1VL2shqlX1HD1qkpTI9RI9ZoapV5Xo9Ubaowaq8apN9V4NUFNVJPUZDVFpau31FT1tpqm3lHT1Qw1U81SGWq2GvzrSvP/ify3/0b+8F+efavapj5W29UOtVPtUrvVHrVX7VX71D61X+1XuSpXHVAH1EF1UB1Sh9RhdVgdUUfUUXVUHVPH1HF1XJ1QJ9WP6nt1Wv2gzqiz6qz6UZ1X59WFX18DoUFLrbTWgY7R+XSszq/j9FU6Xl+tC+hrdERfqxP0dbqgvl4X0oV1EV1UJ+piurg2GrXVpENdQpfUUX2DLqVv1Em6tC6jy2qny+lkfdO/nf+P6mur2+p2up1ur9vrjrqj7qQ76c66s07RKbqL7qK76q66m+6mu+vuuofuoXvqnrq37q376D66r+6rU3WqHqBf0gP1ID1YD9FD9ct6mB6mh+vhOk2n6ZF6pB6lR+nRerQeo8focXqcHq/H64l6op6sJ+t0na6n6ql6mp6mp+vpeqaeqTN0hp6j5+i5eq6er+frBXqBXqgX6sV6sc7UmTpLZ+lsna2X6WU6Ry/Xy/VKvVKv1qv1Wr1Wr9fr9Ua9UW/Wm3WO3qa36e16u96pd+rderfeq/fqfXqf3q/361ydqw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6BP6lD6lT+vT+ow+o8/pc/q8Pq8v6Av6or546bQvkIEMdKCDmCAmiA1ig7ggLogP4oMCQYEgEkSChCAhKBhcHxQKCgdFgqJBYlAsKB6YAAMbUBAGJYKSQTS4ISgV3BgkBaWDMkHZwAXlguTgpqB8cHNQIbglqBjcGlQKbgsqB1WCqkG14PagenBHUCOoGdQK7gxqB3WCukG94K6gfnB30CC4J2gY3Bs0Cu4LGgf3B02CB4KmwYNBs+ChoHnwcNAieCRoGbQKWgdtgrZ/6Prenyn8mOtr+plU098MMC+ZgWaQGWyGmKHmZTPMvGKGm1dNmhlhRprXzCjzuhlt3jBjzFgzzrxpxpsJZqKZZCabKSbdvGWmmrfNNPOOmW5mmJlmlskws80c866Za+aZ+eY9s8C8bxaaRWaxWWIyzQcmyyw12eZDs8x8ZHLMcrPCrDSrzGqzxqw168x6s8FsNJvMZrPFbDXbzMdmu9lhdppdZrfZY/aaT8w+86nZbz4zueZzc8D8yRw0X5hD5ktz2HxljpivzVHzjTlmvjXHzXfmhDlpTpnvzWnzgzljzppz5kdz3vxkLpifzUXjL53cX3p7R40aYzAGYzEW4zAO4zEeC2ABjGAEEzABC2JBLISFsAgWwURMxOJYHC8hJCyBJTCKUSyFpTAJk7AMlkGHDpMxGctjeayAFbAiVsRKWAkrY2WsilXxdrwd78A7sCbWxDvxTqyDdbAe1sP6WB8bYANsiA2xETbCxtgYm2ATbIpNsRk2w+bYHFtgC2yJLbE1tsa22BbbYTtsj+2xI3bETtgJO2NnTMEU7IJdsCt2xW7YDbtjd+yBPbAn9sTe2Bv7YB/si30xFVNxAA7AgTgQB+NgHIpDcRgOw+E4HNMwDUfiSByFo3A0jsYxOBbH4Zs4HifgRJyEk3EKpmM6TsWpOA2n4XScjjNxJmZgBs7BOTgX5+J8nI8LcAEuxIW4GBdjJmZiFmZhNmbjMlyGOZiDK3AFrsJVuAbX4DpchxtwA27CTbgFt+A23IbbcTvuxJ24G3fjXtyL+3Af7sf9mIu5eAAP4EE8iIfwEB7Gw3gEj+BRPIrH8Bgex+N4Ak/gKTyFp/E0nsEzeA7P4Xn8CS/gz3gRPcZaKeLsVTbeXm0L2GtsrM1vfxsXsUVtoi1mi1tjC9nCv4vRWptkS9sytqx2tpxNtjf9JbZ/iSvbKraqrWZvt9XtHbbGX8X17d22gb3HNrT32nr2rt/Fjex9trF92Daxj9imtpVtZtvY5vZh28I+YlvaVra1bWM72SdsZ/ukTbFP2S726b+Ks+xSu86utxvsRrvPfmrP2R/tUfuNPW9/sn1tPzvUvmyH2VfscPuqTbMj/ioeZ9+04+0EO9FOspPtlL+KZ9pZNsPOtnMsiLl23m/id+2lONN+YBdYAQvtIrvYLvklvlRTtv3QLrMf2Ry73K6wK+0qu9qusWv/q9aVdrPdYrfavfYTu93usDvtLrvb7vklvrSP/fYzm2s/t0fs1/ag/cIessfsYfvVL/Gl/R2z39rj9jt7wp60p+z39rT9wZ6xZ3/Z/6W9f29/thett4KAJCnSFFAM5aNYyk9xdBXF09VUgK6hCF1LCXQdFaTrqRAVpiJUlBKpGBUnQ0iWiEIqQSUpSjdQKbqRkqg0laGy5KgcJdNNVJ5upgp0C1WkW6kS3UaVqQpVpWp0O1WnO6gG1aRadCfVpjpUl+rRXVSf7qYGdA81pHupEd1Hjel+akIPUFN6kJrRQ9ScHqYW9Ai1pFbUmtpQW3qU2tFj1J46UEd6nDrRE9SZnqQUeoq60NPUlZ6hbvQsdafnqAc9Tz2pF/WmF6gPvUh9qR+lUn8aQC/RQBpEg2kIDaWXaRi9QsPpVUqjETSSXqNR9DqNpjdoDI2lcfQmjacJNJEm0WSaQun0Fk2lt2kavUPTaQbNpFmUQbNpDr1Lc2kezaf3aAG9TwtpES2mJZRJH1AWLaVs+pCW0UeUQ8tpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpGH9N22kE7aRftpj20lz6hffQp7afPKJc+pwP0JzpIX9Ah+pIO01d0hL6mo/QNHaNv6Th9RyfoJJ2i7+k0/UBn6Cydox/pPP1EF+hnukieRAihDFWowyCMCfOFsWH+MC68KowPrw4LhNeEkfDaMCG8LiwYXh8WCguHRcKiYWJYLCwemhBDG1IYhiXCkmE0vCEsFd4YJoWlwzJh2dCF5cLk8KawfHhzWCG8JawY3hpWCm8LK4dVwofvrRbeHlYP7whrhDXDWuGdYe2wTlg3rBfeFdYP7w4bhPeEDcN7wwrhfWHj8P6wSfhA2DR8MGwWPhQ2Dx8OW4SPhC3DVmHrsE3YNnw0bBc+FrYPO4Qdw8fDTuETYefwyTAlfCrsEj79D4+nhv3DAeFL4Uuh9/eoxdEl0czoB9Gs6NJodvTD6LLoR9Gc6PLoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujWqPf18gkHTjrltAtcjMvnYl1+F+eucvHualfAXeMi7lqX4K5zBd31rpAr7Iq4oi7RFXPFnXHorCMXuhKupIu6G1wpd6NLcqVdGVfWOVfOJbs2rq1r69q5x1x718F1dI+7x90T7gn3pHvSPeW6uKddV/eM6+aedd3dc+4597zr6Xq53u4F18e96Pq6fi7VpboBboAb6Aa6wW6wG+qGumFumBvuhrs0l+ZGupFulBvlRrvRbowb48a5cW68G+8muoluspvs0l26m+qmumlumpvupruZbqbLcBlujpvj5rq5br6b7xYkLXAL3UK32C12mS7TZbksl+2y3TK3zOW4HLfCrXCr3Cq3xq1x69w6t8FtcJvcJrfFbXHb3Da33W13O91Ot9vtdnvdXrfP7XP73X6X63LdAXfAHXQH3SH3pTvsvnJH3NfuqPvGHXPfuuPuO3fCnXSn3PfutPvBnXFn3Tn3ozvvfnIX3M/uovMuPfJWZGrk7ci0yDuR6ZEZkZmRWZGMyOzInMi7kbmReZH5kfciCyLvRxZGFkUWR5ZEMiMfRLIiSyPZkQ8jyyIfRXIiyyMrIisjqyKrI94X2x76Er6kj/obfCl/o0/ypX0ZX9Y7X84n+5t8eX+zr+Bv8RX9rb6Sv81X9lV8Vf+Ib+lb+da+jW/rH/Xt/GO+ve/gO/rHfSf/hO/sn/Qp/infxT/tu/pnfDf/rO/un/M9/PO+p+/le/sXfB//ou/r+/lU398P8C/5gX6QH+yH+KH+ZT/Mv+KH+1d9mh/hR/rX/Cj/uh/t3/Bj/Fg/zr/px/sJfqKf5Cf7KT7dv+Wn+rf9NP+On+5n+Jl+ls/ws/0c/66f6+f5+f49v8C/7xf6RX6xX+Iz/Qc+yy/12f5Dv8x/5HP8cr/Cr/Sr/Gq/xq/16/x6v8Fv9Jv8Zr/Fb/Xb/Md+u9/hd/pdfrff4/f6T/w+/6nf7z/zuf5zf8D/yR/0X/hD/kt/2H/lj/iv/VH/jT/mv/XH/Xf+hD/pT/nv/Wn/gz/jz/pz/kd/3v/kL/if/UW+Z40xxhhj7J/yj+717/83fid/HZcMEEJcvaPos789roUQmwr9eT5IJnaKCCGe6tfjwb+M2rVTU1N/fWyOEkHJRUKIyOX8GHE5Xi46iidEiuggyv/N+gbJXufp76wPJ7yP3ipE3G9yYsXl+PL6N/836z/6+LisSuG5hN+vf+HX1+1S/dFFQiSVvJyTX1yOL69f4b9Zv3C7v1d/jhL5v0gXov1vcuLF5fjy+sniMfG0SPndIxljjDHGGGOMsT8bJKt2q/pPfD5P1Jdz8onL8T/6fM4YY4wxxhhjjLEr79levZ98NCWlQ7c8PYkR/xFl8IQn/zGTK/2fiTHGGGOMMfZHu3zS/y8k9Yb/wYoYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLG853/j68Su9B4ZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxK+3/BQAA//8vFUY1")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000780), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$netlink(r1, 0x10e, 0x0, 0x0, &(0x7f0000000040))

9.997895171s ago: executing program 1 (id=3092):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000feff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r2, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r1}, &(0x7f0000000040), &(0x7f0000000300)='%-010d \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r3}, 0xc)

9.691639337s ago: executing program 3 (id=3093):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00000000009d0000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0xf1, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

9.015330092s ago: executing program 4 (id=3095):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000040)={0x3, 0xffffffff})

8.971389125s ago: executing program 1 (id=3096):
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000d00)={{{@in, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000000440)=0xe3)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000005c0)={[{@bsdgroups}, {@usrjquota_path={'usrjquota', 0x3d, './file0/file0'}}], [{@dont_hash}, {@appraise}, {@fowner_gt={'fowner>', r0}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'ext4\x00'}}, {@fsname={'fsname', 0x3d, 'l.!+-\'&]*,[-+*'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'ext4\x00'}}, {@euid_eq={'euid', 0x3d, r0}}]}, 0xfd, 0x55c, &(0x7f0000000780)="$eJzs3U9rHOUfAPDvbJL+//2aQinqQQI9WKndNIl/KnioR9FiQe9xSaahZNMt2U1pYsH2YC9epAgiFsQX4N1j8Q34KgpaKFKCHryszGY2XbO7+bPZNqn7+cAkzzMzm2e+O/N98sw+u2wAA2ss+1GIeDkivk4ijrdsG45849jafqtPbs1kSxL1+id/JJHk65r7J/nvo3nlpYj45cuIs4X2dqvLK/OlcjldzOvjtYXr49XllXNXF0pz6Vx6bXJq6sJbU5PvvvN222OnD/YW6+uX//ru4wcfXPjq9Oq3Pz06cS+Ji3Es39Yaxy7cbq2MxVj+nIzExQ07TvShsf0k2esDoCdDeZ6PRNYHHI+hPOuB/74vIqIODKhE/sOAao4Dmvf2fboPfmE8fn/tBqg9/uG110biUOPe6Mhq8q87o+x+d7QP7Wdt/Pz7/XvZEv17HQJgS7fvRMT54eH2/i/J+7/end/GPhvb0P/B8/MgG/+80Wn8U1gf/0SH8c/RDrnbi63zv/CoD810lY3/3us4/l2ftBodymv/a4z5RpIrV8tp1rf9PyLOxMjBrL7ZfM6F1Yf1bttax3/ZkrXfHAvmx/FoeMN812ypVtpNzK0e34l4peP4N1k//0mH8589H5fbQ+noVHr/1W7bto7/2ar/GPFax/P/dEYr2Xx+crxxPYw3r4p2f9499Wu39ncYf9+n2bLzf2Tz+EeT1vna6s7b+OHQ32m3bb1e/weSTxvlA/m6m6VabXEi4kDyUfv6yaePbdab+2fxnzm9ef/X6fo/HBGfbTP+uyfvdt11r6//LP7ZHZ3/nRcefvj5993a3975f7NROpOv2U7/t90D3M1zBwAAAAAAAPtNISKORVIorpcLhWJx7f0dJ+NIoVyp1s5eqSxdm43GZ2VHY6TQnOk+3vJ+iIn8/bDN+uSG+lREnIiIb4YON+rFmUp5dq+DBwAAAAAAAAAAAAAAAAAAgH3iaMShTp//z/w2tNdHBzxzvvIbBlf3/M+39OObnoB9yf9/GFzyHwaX/IfBJf9hcMl/GFzyHwaX/IfBJf8BAAAAAAAAAAAAAAAAAAAAAAAAAACgry5fupQt9dUnt2ay+uyN5aX5yo1zs2l1vriwNFOcqSxeL85VKnPltDhTWdjq75UrlesTk7F0c7yWVmvj1eWV6YXK0rXa9NWF0lw6nY48l6gAAAAAAAAAAAAAAAAAAADgxVJdXpkvlcvpooJCT4Xh/XEYCn0u7HXPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABP/RMAAP//5SI5Sg==")
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000002700)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800007f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRESDEC=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'nicvf0\x00', 0x112})
ioctl$TUNATTACHFILTER(r8, 0x401054d5, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{}]})

8.92004779s ago: executing program 3 (id=3097):
r0 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00'}, 0x45c)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet_sctp(0x2, 0x0, 0x84)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x45, &(0x7f00000002c0)=0x4084, 0xfffffffffffffe2b)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r2 = openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000300)={{0x2, 0x0, @empty}, {0x0, @random="df511109fd7c"}, 0x1e, {0x2, 0x0, @multicast2}, 'lo\x00'})
r4 = socket(0x10, 0x2, 0x0)
write(r4, &(0x7f0000000040)="240000001e005ff6991a2b200e0f7a0002000000000000000000080008000e00000000ff", 0x24)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
prctl$PR_SET_SECUREBITS(0x1c, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r4)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000100)=0x6)

8.67095665s ago: executing program 2 (id=3098):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
fchdir(0xffffffffffffffff)
r2 = landlock_create_ruleset(&(0x7f0000000140)={0x18a}, 0x10, 0x0)
landlock_restrict_self(r2, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x228000, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000380)="0790baa68b95258f19a80958e87093095818", &(0x7f0000000040)=@tcp}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x4091}, 0x40000)
socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f00000042c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_script(r4, &(0x7f00000001c0), 0x4e)
pipe(&(0x7f00000002c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000000000)=0x9)
tee(r3, r6, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0x6e}, {0x80000006}]}, 0x10)

8.503098354s ago: executing program 3 (id=3099):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x101c08a, &(0x7f0000000a00)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2c8, &(0x7f0000002500)="$eJzs3b+LHHUUAPA3d7O74w/YLaxEcEALq5BLa7NBEhCvMmyhFnqYBOR2ERI48AeOqcTOxtK/QBD8H2xt7CwF/wA7IwRGZnbmdtZM9u7k9sTc59PkZb7vzffN7HA3V9y7D15aHN7O4+6Dz3+LLEtiZxrTeJjEJHai9WWsmX4TAMD/2cOyjD/KpZ7lX79+Ql0SEdmWewMAtuOE7/+NdBX+eCFtAQBbdOudd9+6vr9/4+08z+Lm4qujWfWTffXvcv363fgo5nEnrsY4HkXULwqDqN8WqvBmWZZFmlcm8eqiOJpVlYv3f27O/9PzTbAX45jU0fHbRl3/5v6NvXypU19UfTzb7D+t9r8W43jhuHit/lpPfcyG8dornf6vxDh++TA+jnncrptY1X+xl+dvlN/++dl7VXtVfVIczUZ13kq5225eXODnAwAAAAAAAAAAAAAAAAAAAADA0+lKMztnFPX8nupQM39n91H1n0Hkrcn6fJ5lfdKeqDsfqCzLoozv2vk6V/M8L5vEVX0aL6bdwYIAAAAAAAAAAAAAAAAAAABwed3/5NPDg/n8zr1zCdppAGlE/HUr4t+eZ9o58nJsTh41ex7M5ztNuJ6Tdo/EbpuTRGxso7qIc7otJwXPPNZzE3z/Q29VuvbBpdFZyk7edNC/13kG7dN1eJD038PRcc/Z8iGpB0GscoZxyr2GT1oq4yyP37B3aXzmax8+VwfFhpxINjX2+u/LO9ccSf55FcP6rvaWD5qgU76ek53qeY5sWf7414rEtA4AAAAAAAAAAAAAAAAAANiq1W//9iw+2Fi6U4621hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXKjV3/8/Q1A0xadIHsa9+//xJQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJ/B0AAP//eWdglQ==")
r1 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240))
openat(r0, &(0x7f0000000100)='./bus\x00', 0x2880, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000e80)=ANY=[@ANYBLOB="040e04001120"], 0x7)

8.006874264s ago: executing program 2 (id=3100):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000100)='./file0\x00', 0x1008008, &(0x7f0000000000)={[{@longad}, {@volume={'volume', 0x3d, 0x3}}, {@shortad}, {@anchor={'anchor', 0x3d, 0x2}}, {@adinicb}, {@adinicb}, {@session={'session', 0x3d, 0xffffffffffffff81}}, {}, {@anchor={'anchor', 0x3d, 0x2}}, {@gid_ignore}, {@lastblock}]}, 0x2, 0xc30, &(0x7f0000002740)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcZy9S+mYhXOqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgpYzOxbcUWRNi2KEmV9Pjb13Z15b/a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/cvHU6fSwWwEAPEiXx7526oz7PwA8Vq74/38AAAAAAAAAAAAAADjoUhTxZKSYv7yeJqr3HfVL7b6bt8aHR7avdiRVNQ9V5cuf+ukzZ8996YWh89281J79gPr322fjtbErFxsvz92YX5heXJyeaozPtifnpqZ3fYS91t9qsDoBjRuv35y6dm2xceb5s3fsvjXwfv8TxwcuDD178plu2fHhkZGxzSL13vK1e25Ix04zPA5HEScjxXPf/1lqRUQRez8X9Qc79lsdqToxWHVifHik6shMuzW7VO4c7Z6IIqLRU6nZPUfbj0XU+h5oH3bWjFgum182eLDs3th8a6F1dWa6MdpaWGovtedmR1OntWV/GlHE+RSxEhFr/Xcfri+KqEWK7x5bT1cj4lD3PHyxmhi8czuKfezjLpTtbPRFrBSPwJgdYP1RxKuR4ufvnIjJfJ2prjVfiHi1zB9GvFXmSxGp/GKci3hvm+8Rj6ZaFPEX5fhfWE9T1fWge1259PXGV2evzfWU7V5XPuL94a4rxUO6PxzZkg/GAb821aOIVnXFX0/3/psdAAAAAAAAAAAAAAAAAO63I1HEZyLFK//+x9W84qjmpR+7MPQHA7/aO2f86Q85Tln2+YhYLnY3J/dwnhg4mkZTeshziR9n9SjiT/L8v28/7MYAAAAAAAAAAAAAAAAAAAA81or4aaR48d0TaSV61xRvz15vXGldnemsCttd+7e7ZvrGxsZGI3WymXMi53LOlZyrOddyRpHr52zmnMi5nHMl52rOtZxxKNfP2cw5kXM550rO1ZxrOaOW6+ds5pzIuZxzJedqzrWccUDW7gUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DgpoohfRorvfHM9RYqIZsREdHK1/2G3DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo9acifhApGn/YvL2tFhGp+rfjRPnLuWgeLvOT0Rwq86VoXszZqrLW/PZDaD9705eK+Emk6K+/fXvA8/j3dd7d/hrEW9/afPfZWicPdXcOvN//xPFjF4ZGfuPpnV6n7RoweKk9e/NWY3x4ZGSsZ3Mtf/one7YN5M8t7k/XiYjFN958vTUzM71w7y/Kr8Aeqj9CL1LtcempF9WLqB2IZjycvvMYKO//70WK3333P7o3/M79vx6/0nl3+w4fv/jTzfv/i1sPtMv7f21rvXz/L+/p293/n+zZ9mL+3UhfLaK+dGO+73hEffGNN0+2b7SuT1+fnj136tSXh4a+fPZU3+GI+rX2zHTPq/tyugAAAAAAAAAAAAAAAAAenFTEVyJF6yfrqRERt6r5WgMXhp49+cyhOFTNt7pj3vZrY1cuNl6euzG/ML24OD3VGJ9tT85NTe/24+rVdK/x4ZF96cyHOrLP7T9Sf3lu/o2F9vU/Wtp2/9H6xauLSwutye13x5EoIpq9WwarBo8Pj1SNnmm3Zquqo9tOpv/o+lIR/xkpJs810ufztjz/f+sM/zvm/y9vPdA+zf//RM+28jNTKuIXkeJ3/vLp+HzVzqNx1znL5f42Ugye/1wuF4fLct02dJ4r0JkZWJb930jxj7+8s2x3PuSTm2VP7/rEPiLK8T8WKX7w59+L38zb7nz+w/bjf3TrgfZp/J/q2Xb0jucV7Lnr5PE/GSleevLt+K287YOe/9F99saJXPj28zn2afw/1bNtIH/ub9+frgMAAAAAAAAAADzS+lIRfxcpfjRSSy/kbbv5+39TWw+0T3//69M926buz3pFH/pizycVAAAAAA6IvlTETyPF9aW3b8+hvnP+d8/8z9/bnP85nLbsrf6c79eq5wbczz//6zWQP3di790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66lPVPP5p3ZcT301Urzy38/lcul4Wa67DvxA9Wv98tzsyYszM3OTraXW1Znpxth8a3K6rPtUpFj/m8/lukW1vnp3vfnOGu+ba7EvRIqRv++W7azF3l2b/KnNsqfLsp+IFP/1D3eW7a5j/anNsmfKsn8dKb7xz9uXPb5Z9mxZ9nuR4sffaHTLHi3Ldp+P+unNss9PzhX7MCoAAAAAAAAAAAAAAAAAAAA8bvpSEX8WKf7nxsrtufx5/f++nreVt77Vs97/Freqdf4HqvX/d3p9L+v/V88VWN7pUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OMpRRFvRor5y+tptb9831G/1J69eWt8eGT7akdSVfNQVb78qZ8+c/bcl14YOt/ND65/v30mXhu7crHx8tyN+YXpxcXpqcb4bHtybmp610fYa/2tBqsT0Ljx+s2pa9cWG2eeP1ttPpx33xp4v/+J4wMXhp49+Uy37PjwyMhYzyFqfff86XdJO2w/HEX8VaR47vs/Sz/qjyhi7+fiQ747++1I1YnBqhPjwyNVR2bardmlcudo90QUEY2eSs3uOXoAY7EnzYjlsvllgwfL7o3NtxZaV2emG6OthaX2UntudjR1Wlv2pxFFnE8RKxGx1n/34fqiiNcjxXePrad/6Y841D0PX7w89rVTZ3ZuR7GPfdyFsp2NvoiV4hEYswOsP4r4p0jx83dOxL/2R9Si8xNfiHi1zB9GvBWd8U7lF+NcxHvbfI94NNWiiP8rx//Cenqnv7wedK8rl77e+Orstbmest3ryiN/f3iQdr42feWBtmMH9Sjix9UVfz39m/+uAQAAAAAAAAAAAAAAAA6QIn49Urz47olUzQ/Oc4qfynuvznSm9XXn/nXnTG9sbGw0UiebOSdyLudcybmacy1nFLl+zmaZ9Y2Nifx+OedKztWcaznjUK6fs5lzIudyzpWcqznXckYt18/ZzDmRcznnSs7VnGs5w7xiAAAAAAAAAAAAAAAAAABgHxTVPym+8831tNHfWV96Ijq5aj3Qj73/DwAA//8H5/Ye")

7.843957898s ago: executing program 3 (id=3102):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x20000848, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX, @ANYBLOB="00646d61736b3d303030303030303030303030303135322c696f636861720300000069736f383835392d312c6769643d00000000000000", @ANYRESHEX, @ANYRESHEX, @ANYBLOB="1e1456b97f43020078423fad8569494e28e58bd88d6b502cfe943956d9f8efde4f8659ce67cc37b7e1d988638175e2db1b654dccc1a203850b09873b0184822257d4c12aaf0b5efe2105301b585b58256d90fffa59ece5882178fb533b8ed99c4c2c6d1ba6d7f5dac0cad0eaeee76479fb488f67037b1b2a880c53fe952d632ba034c8d2758f1bd92565024144b0862cb3639c534e323806be01dd7a6252a5999b81aa1f34d13acf872bbbfc5bb3bd8b2cfe4db9838e94", @ANYRESOCT], 0x81, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
getpgid(0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x20000014)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f00000003a840"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r2, 0x81044804, &(0x7f0000000400)={0x1})
ioctl$HIDIOCGUSAGE(r1, 0x40184810, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

7.464835909s ago: executing program 2 (id=3103):
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x7a, &(0x7f0000000700)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd6092c01f00442f002001000000000000000000000000000200000000000000000000ffffffffffff2421880b0000000000000057000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000bec1461e53ac70e99ad18d980f9f896d95bd5e57611055b22c4331717c7212f328db4c2788a7f8882ea4013156b129d16f6372c990"], 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newqdisc={0x28, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff3}, {0x0, 0x9}, {0x904c1a0779a86383}}, [@TCA_STAB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000010}, 0x1)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2604010, &(0x7f0000000500)=ANY=[@ANYRES32=0x0, @ANYRESOCT], 0x6, 0x2d3, &(0x7f0000000640)="$eJzs3E9PE1sYx/GnpUApgXZxc2+uieGJbnQzgera2BhIjE0kSI1/EpMBptp0bEmnwdQYgZVb44twQViyI1HeABt3unHjjo2JC1kYazrTgVKKQGw7gN9PQuYw5/yYc4aBPDNh2Lr3+mk+6xhZsyzhqEpIRGRbJCFh8YXq27Db7pNGS3J58NvH83fuP7iVSqfHp1QnUtNXkqo6PPLu2YuB+rD1ftlMPNr6mvyy+e/m/1s/p5/kHM05WiiW1dSZ4ueyOWNbOpdz8obqpG2ZjqW5gmOVvP6i15+1i/PzFTULc0Ox+ZLlOGoWKpq3KlouarlUUfOxmSuoYRg6FBMcJrMyNWWmGveM/D6w3NCe7dCk0GalUsrsEZGBfT2ZlUAmBAAAAtVc/4drJX376v/VCxvlwbtrw/X6f72vVf1/9ZP3tfbU/1ER6Xj9v78iOv1Cxxi7v/7H2VOr/2P1n1/X8sPVUbdB/Q8AAAAAAAAAAAAAAAAAAAAAwGmwXa3Gq9Vq3N/6H/0iEhUR//Og54nOOOb3PxQJeL5or90X9yLDIvarhcxCxtvWB2yIiC2WjEpcfrjXQ12t7b8LqDUJeW8v1vOLC5ketyeVlZybH5O4JJrz1erEzfT4mHr25nsl1phPSlz+aZ1Ptsz3yaWLDXlD4vJhVopiy5x7Xe/mX46p3ridbsoPuOMAAAAAADgLDN3R8v7dMA7q9/I799ctnw9499ejtXQuInvzETnHwyQAAAAAALrCqTzPm7Ztlc5cI7TkrfCoKf9vGQKZs3/wowxelhNwesNHmmpzY0REbP3To/uPjQ4aI5NtWmn4uJfEf2/efm/feb62Fj1kpR1r9HbzdxAAAACA7tgt+v0914OdEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6Fu/DuxoNcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//+KLQ/w")
creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

6.4719318s ago: executing program 4 (id=3105):
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x7a, &(0x7f0000000700)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd6092c01f00442f002001000000000000000000000000000200000000000000000000ffffffffffff2421880b0000000000000057000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000bec1461e53ac70e99ad18d980f9f896d95bd5e57611055b22c4331717c7212f3"], 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newqdisc={0x28, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff3}, {0x0, 0x9}, {0x904c1a0779a86383}}, [@TCA_STAB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000010}, 0x1)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2604010, &(0x7f0000000500)=ANY=[@ANYRES32=0x0, @ANYRESOCT], 0x6, 0x2d3, &(0x7f0000000640)="$eJzs3E9PE1sYx/GnpUApgXZxc2+uieGJbnQzgera2BhIjE0kSI1/EpMBptp0bEmnwdQYgZVb44twQViyI1HeABt3unHjjo2JC1kYazrTgVKKQGw7gN9PQuYw5/yYc4aBPDNh2Lr3+mk+6xhZsyzhqEpIRGRbJCFh8YXq27Db7pNGS3J58NvH83fuP7iVSqfHp1QnUtNXkqo6PPLu2YuB+rD1ftlMPNr6mvyy+e/m/1s/p5/kHM05WiiW1dSZ4ueyOWNbOpdz8obqpG2ZjqW5gmOVvP6i15+1i/PzFTULc0Ox+ZLlOGoWKpq3KlouarlUUfOxmSuoYRg6FBMcJrMyNWWmGveM/D6w3NCe7dCk0GalUsrsEZGBfT2ZlUAmBAAAAtVc/4drJX376v/VCxvlwbtrw/X6f72vVf1/9ZP3tfbU/1ER6Xj9v78iOv1Cxxi7v/7H2VOr/2P1n1/X8sPVUbdB/Q8AAAAAAAAAAAAAAAAAAAAAwGmwXa3Gq9Vq3N/6H/0iEhUR//Og54nOOOb3PxQJeL5or90X9yLDIvarhcxCxtvWB2yIiC2WjEpcfrjXQ12t7b8LqDUJeW8v1vOLC5ketyeVlZybH5O4JJrz1erEzfT4mHr25nsl1phPSlz+aZ1Ptsz3yaWLDXlD4vJhVopiy5x7Xe/mX46p3ridbsoPuOMAAAAAADgLDN3R8v7dMA7q9/I799ctnw9499ejtXQuInvzETnHwyQAAAAAALrCqTzPm7Ztlc5cI7TkrfCoKf9vGQKZs3/wowxelhNwesNHmmpzY0REbP3To/uPjQ4aI5NtWmn4uJfEf2/efm/feb62Fj1kpR1r9HbzdxAAAACA7tgt+v0914OdEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6Fu/DuxoNcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//+KLQ/w")
creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fdatasync(0xffffffffffffffff)
unlink(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
fallocate(r5, 0x0, 0x0, 0x10fff9)
getsockopt$IP_SET_OP_VERSION(r5, 0x1, 0x53, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40500000000fd8f71104700000000007e0500000000008095000000"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x2000}, 0x10}, 0x90)
lseek(r5, 0x0, 0x3)

6.422548424s ago: executing program 2 (id=3106):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000feff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r1}, &(0x7f0000000040), &(0x7f0000000300)='%-010d \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r3}, 0xc)

6.168012385s ago: executing program 2 (id=3108):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_int(r5, 0x29, 0x18, &(0x7f00000000c0)=0x9, 0x4)
rename(&(0x7f0000000040)='./bus\x00', &(0x7f0000000340)='./file0\x00')
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x40505331, &(0x7f0000000300)={0x2000000})

5.447144474s ago: executing program 1 (id=3109):
r0 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00'}, 0x45c)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$inet_sctp(0x2, 0x0, 0x84)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x45, &(0x7f00000002c0)=0x4084, 0xfffffffffffffe2b)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r2 = openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000300)={{0x2, 0x0, @empty}, {0x0, @random="df511109fd7c"}, 0x1e, {0x2, 0x0, @multicast2}, 'lo\x00'})
r4 = socket(0x10, 0x2, 0x0)
write(r4, &(0x7f0000000040)="240000001e005ff6991a2b200e0f7a0002000000000000000000080008000e00000000ff", 0x24)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
prctl$PR_SET_SECUREBITS(0x1c, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r4)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000100)=0x6)

5.292737677s ago: executing program 4 (id=3111):
socket(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x129100, 0x0)
ioctl$TIOCGSOFTCAR(r4, 0x5420, 0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
setpriority(0x1, 0x0, 0x7)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8)
fsetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
mkdir(&(0x7f0000000140)='./control\x00', 0x408)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[], &(0x7f0000000180)='GPL\x00'}, 0x90)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f00000001c0)=r7, 0x4)
write$binfmt_misc(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="3a00030007"], 0xd)
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='iso9660\x00', 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x2000010, &(0x7f0000000140)=ANY=[], 0x3, 0x6b5, &(0x7f0000001240)="$eJzs3c1vHGcdB/DvrNeOHargtEkaoaJaiVSQIhInVgrhQkAI5VChqhw4W4nTWNkkle0it0LgQgUnJA79AwqSb5yQkDgGhXM50auPlZC4RBwiLkYzO2uv7d14Hb+XzycazzP7vMxvfvvMjHed1Qb4v3XrUpqPU+TWpbcWy+2V5anWyvLUibq6laQsv5Q0kzSSFA+T4klys6wvkozW6/b2x73388nsjXc+f7ryRXurWS9Vv0ZX/0H0aLtUL5lIMlSvtxoedBcbxrvdPv5NRgYda0PDMmkXOwcPh211i6WddN/JeQscMZ27U9G+b24xnpys7/HV7wT11aFxcBHujx1d5QAAAOCY+uzRYUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx0/9/f9FvTTqdSZSdL7/f6TzWF0+1h4fdgAAAAAAAAAAsAdef5ZnWcypzvZqUf3N/0K1cSb/XU2+kvczn5nM5XIWM52FLGQuV5OMdw00sji9sDB3da1nqXfPaz17XjuoIwYAAAAAAACAL6Vf5db63/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAoKJKh9qpaznTK42k028WMlD+Wkn90ysdE0evBxwcfBwAAAOzK6Av0+eqzPMtiTv3zr+3t1aJ6zX+uer08mvfzMAuZzUJamcmd+jV0+aq/sbI81VpZnnpQLlvH/f6/dxRGNWLa7z303vP5qsVY7ma2euRyblfB3Emj6lk634mnd1wflTEV36sNGFmzTmu5s9/3exdhT+z0rYjxMrhkLSOTdWyNZDhJmYGieqOmLL++oeu2z05z857SyPDanq6msfbOz5l9yPnJel0ez2/2Nec7tZaJRqpMXOuafeeen4nkG3/500/vtR7ev3d3/tLROaRtDPV5fPOcmOrKxKvHOhPNHbafrDJxdm37Vn6Un+RSJvJ25jKbn2U6C5nJal0/Xc/n8uf48zN1c8PW29tFMlI/L+3nbJuYGmVME/lhFd10LlR9T2U2RR7lTmbyZvXvWq7m27me67nR9Qyf7Rt3dWzVWd9YP+tX16uS/K1n8Be/WRfGkvy2Xm/JwSb9ZudeaV/7y7ye7spre9Y/XWt1uus8mOzK0stlZvrflV/k2tj8Wl0o9/Hren00jNeZKE+gzl2iE90r7XnSrO9Lm+f5H6oJMt96eH/u3vR7fcZf2rT9Rr0up9Xy1weNcnjwA3ph5Xx5OaP1lWTj7CjrXlm7ypzecFcdqf/i0q5rbKk7W9UVRedM/XHfM3UkmTjXc6Rr1Uiv9qybqurOd9Vt+H0rj9LKnQPIHwC7NJ6TI2P/Gvts7NOxj8fujb01+oMT3znx2kiG/z783ebk0BuN14o/59P8IqcOO1IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgymP/gw/vTrdbMXO9Co3/VNoXtRt5UKOov9HmhfW0snNhd976Fp6PJwI1Hs6nxcPnA/gT2nMLY5jC2FFZ/mRxcPHWh8yWCvdv8riw0M8iAN7dr89EA8Zw44CflaBWG0nsCHPKFCdh3VxYevHdl/oMPvzX7YPrdmXdnHg5fv35j8sb1N6eu3J1tzUy2fx52lMB+WL/pH3YkAAAAAAAAAAAAwKB6fTDgwks7+KBL/894+J+FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ64dSnNxylydfLyZLm9sjzVKpdOeb1lM0mjkRQ/T4onyc20l4x3DVfkj0+y2mM/n8zeeOfzpytfrI/VbLdPGvV6F5bqJRNJhur1Xo13e9fjFf/pHGGZsIudxMFh+18AAAD//9kP8rA=")

4.429724997s ago: executing program 1 (id=3113):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300)={0x73622a85, 0x0, 0x1})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r7}, 0x10)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), r8)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x1, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90)

3.093951876s ago: executing program 4 (id=3114):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0xa00a14, &(0x7f0000000080)=ANY=[], 0x1, 0x322, &(0x7f0000000580)="$eJzs3M9LI2cYwPEnP4xJxEwOpaWF4kt7aXsYNO25EIpCaaCiplQLhVEnbcg0kUywpJRqT72W/ge97EE8ehN29x/wsrfdy1725mVhDyuL7CyZH5roJO6OZqPr9wMy78zzPOP7khieCc4c/vjvb7WKrVeMlsTTSmIiIkcieYlLIOZv4+44Jd225fOJZw8/Xlxe+a5YKs0uKDVXXPqyoJTKTd39/c+Mn7Y/Lgf5nw+fFp4cvH/w4eHLpV+rtqraqt5oKUOtNh63jFXLVOtVu6YrNW+Zhm2qat02m1684cUrVmNjo62M+vpkdqNp2rYy6m1VM9uq1VCtZlsZvxjVutJ1XU1mJUwq9OhtVd5ZWDCKEYvXrngyiOqF4zgDwk6saCREJHMuUt4Z6rwAAMC1dKb/T7gtfaT+X3Ju/99JPu3/dz+535r4YS/n9//7qbD+/6tH3rl6+v+0iFxp/58OWf35jujG23qT5Ev1/7geps5f08Z69prNopH1/35df/+0O+0O6P8BAAAAAAAAAAAAAAAAAAAAALgJjhxHcxxHC7b+zxenGd6xUc4Rw9Pn9dfG/Tumgv1RzxPDsbi8Imn3xr1kTsT6Z7O8Wfa2fjxInBZNjt33g68zDu48Uh15uWdt+fVbm+WEGylWpCqWmDIjmuTP1jvO3Lel2Rnl6a0fk2x3fUE0eS+8vhBan5LPPu2q10WTB2vSEEvWO+/rY+ek/q8Zpb75vnSmPuPmAQAAAADwLtDVidDrd13vF/fqT66ve78fEOm6Pp8OvT5Pah8lR7t2AAAAAABuC7v9R82wLLM5YJCRi3OiD5LRyscG5SS6VtgTku2+S075Twge3koHDIJ/pKilukJp+d8/HOXMwfqHM+e4RKmaEmfcm9VlfnvwtVG/HJkf9uuV7BP64L87z6OdOeY/tbc79PVe+oKVDm0w9lofHk7ikp8+AAAAAN6moOnP2O5ubNTzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNhrwGLDkVT1ObNRrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6LVwEAAP//mxn/6g==")
socket$nl_generic(0x10, 0x3, 0x10)
io_setup(0x2, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f0000000000), 0x0}, 0x20)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x21, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={&(0x7f0000000000), 0xc, 0x0}, 0x0)
close(r1)
keyctl$join(0x1, &(0x7f0000000380)={'syz', 0x3})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
io_setup(0xff, &(0x7f0000000040))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000440), 0x208e24b)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
getpgid(0xffffffffffffffff)

3.093308237s ago: executing program 0 (id=3124):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x27, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.024116212s ago: executing program 3 (id=3115):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000040)={0x3, 0xffffffff})

2.898080973s ago: executing program 1 (id=3116):
socket$alg(0x26, 0x5, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x800000000000, 0x1)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r1, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x40000000], [0x10000], [0x6, 0x0, 0x0, 0xfffffffe]], '\x00', [{}, {}, {0xffffffff}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x1, 0x1}, {}, {}, {}, {}, {}, {0xfffffffc}], '\x00', 0x1000})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000002140)={'wg2\x00', <r4=>0x0})
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="040e05003d20", @ANYRES32], 0x7)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@ipv6_newnexthop={0x3c, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x4}, @NHA_OIF={0x8, 0x5, r4}, @NHA_ENCAP={0x14, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x3c}}, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000000)={0x0, r5})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000500)={0x3, 0x0, [{0x4, 0xcf, &(0x7f0000000140)=""/207}, {0x4, 0xa6, &(0x7f0000000240)=""/166}, {0x2, 0xd6, &(0x7f0000000340)=""/214}]})
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000100)={0x0, r5})
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0x0, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2}}}}}}, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000080)=0x200000000)
r6 = dup2(r2, r2)
ioctl$VHOST_VSOCK_SET_RUNNING(r6, 0x4004af61, &(0x7f0000000040)=0x1)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0)
eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r7, 0x4004af07, 0x0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r7, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r7, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000000380)={0x0, 0x1fffe000000})

2.882789194s ago: executing program 0 (id=3117):
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x7a, &(0x7f0000000700)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd6092c01f00442f002001000000000000000000000000000200000000000000000000ffffffffffff2421880b0000000000000057000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000bec1461e53ac70e99ad18d980f9f896d95bd5e57611055b22c4331717c7212f328db4c2788a7f8882ea4013156b129d16f6372c990"], 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newqdisc={0x28, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff3}, {0x0, 0x9}, {0x904c1a0779a86383}}, [@TCA_STAB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000010}, 0x1)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2604010, &(0x7f0000000500)=ANY=[@ANYRES32=0x0, @ANYRESOCT], 0x6, 0x2d3, &(0x7f0000000640)="$eJzs3E9PE1sYx/GnpUApgXZxc2+uieGJbnQzgera2BhIjE0kSI1/EpMBptp0bEmnwdQYgZVb44twQViyI1HeABt3unHjjo2JC1kYazrTgVKKQGw7gN9PQuYw5/yYc4aBPDNh2Lr3+mk+6xhZsyzhqEpIRGRbJCFh8YXq27Db7pNGS3J58NvH83fuP7iVSqfHp1QnUtNXkqo6PPLu2YuB+rD1ftlMPNr6mvyy+e/m/1s/p5/kHM05WiiW1dSZ4ueyOWNbOpdz8obqpG2ZjqW5gmOVvP6i15+1i/PzFTULc0Ox+ZLlOGoWKpq3KlouarlUUfOxmSuoYRg6FBMcJrMyNWWmGveM/D6w3NCe7dCk0GalUsrsEZGBfT2ZlUAmBAAAAtVc/4drJX376v/VCxvlwbtrw/X6f72vVf1/9ZP3tfbU/1ER6Xj9v78iOv1Cxxi7v/7H2VOr/2P1n1/X8sPVUbdB/Q8AAAAAAAAAAAAAAAAAAAAAwGmwXa3Gq9Vq3N/6H/0iEhUR//Og54nOOOb3PxQJeL5or90X9yLDIvarhcxCxtvWB2yIiC2WjEpcfrjXQ12t7b8LqDUJeW8v1vOLC5ketyeVlZybH5O4JJrz1erEzfT4mHr25nsl1phPSlz+aZ1Ptsz3yaWLDXlD4vJhVopiy5x7Xe/mX46p3ridbsoPuOMAAAAAADgLDN3R8v7dMA7q9/I799ctnw9499ejtXQuInvzETnHwyQAAAAAALrCqTzPm7Ztlc5cI7TkrfCoKf9vGQKZs3/wowxelhNwesNHmmpzY0REbP3To/uPjQ4aI5NtWmn4uJfEf2/efm/feb62Fj1kpR1r9HbzdxAAAACA7tgt+v0914OdEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6Fu/DuxoNcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//+KLQ/w")
creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

1.848044068s ago: executing program 0 (id=3118):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000feff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2}, 0x0, 0x0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r1}, &(0x7f0000000040), &(0x7f0000000300)='%-010d \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r3}, 0xc)

1.728012558s ago: executing program 1 (id=3119):
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000d00)={{{@in, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000000440)=0xe3)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000005c0)={[{@bsdgroups}, {@usrjquota_path={'usrjquota', 0x3d, './file0/file0'}}], [{@dont_hash}, {@appraise}, {@fowner_gt={'fowner>', r0}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'ext4\x00'}}, {@fsname={'fsname', 0x3d, 'l.!+-\'&]*,[-+*'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'ext4\x00'}}, {@euid_eq={'euid', 0x3d, r0}}]}, 0xfd, 0x55c, &(0x7f0000000780)="$eJzs3U9rHOUfAPDvbJL+//2aQinqQQI9WKndNIl/KnioR9FiQe9xSaahZNMt2U1pYsH2YC9epAgiFsQX4N1j8Q34KgpaKFKCHryszGY2XbO7+bPZNqn7+cAkzzMzm2e+O/N98sw+u2wAA2ss+1GIeDkivk4ijrdsG45849jafqtPbs1kSxL1+id/JJHk65r7J/nvo3nlpYj45cuIs4X2dqvLK/OlcjldzOvjtYXr49XllXNXF0pz6Vx6bXJq6sJbU5PvvvN222OnD/YW6+uX//ru4wcfXPjq9Oq3Pz06cS+Ji3Es39Yaxy7cbq2MxVj+nIzExQ07TvShsf0k2esDoCdDeZ6PRNYHHI+hPOuB/74vIqIODKhE/sOAao4Dmvf2fboPfmE8fn/tBqg9/uG110biUOPe6Mhq8q87o+x+d7QP7Wdt/Pz7/XvZEv17HQJgS7fvRMT54eH2/i/J+7/end/GPhvb0P/B8/MgG/+80Wn8U1gf/0SH8c/RDrnbi63zv/CoD810lY3/3us4/l2ftBodymv/a4z5RpIrV8tp1rf9PyLOxMjBrL7ZfM6F1Yf1bttax3/ZkrXfHAvmx/FoeMN812ypVtpNzK0e34l4peP4N1k//0mH8589H5fbQ+noVHr/1W7bto7/2ar/GPFax/P/dEYr2Xx+crxxPYw3r4p2f9499Wu39ncYf9+n2bLzf2Tz+EeT1vna6s7b+OHQ32m3bb1e/weSTxvlA/m6m6VabXEi4kDyUfv6yaePbdab+2fxnzm9ef/X6fo/HBGfbTP+uyfvdt11r6//LP7ZHZ3/nRcefvj5993a3975f7NROpOv2U7/t90D3M1zBwAAAAAAAPtNISKORVIorpcLhWJx7f0dJ+NIoVyp1s5eqSxdm43GZ2VHY6TQnOk+3vJ+iIn8/bDN+uSG+lREnIiIb4YON+rFmUp5dq+DBwAAAAAAAAAAAAAAAAAAgH3iaMShTp//z/w2tNdHBzxzvvIbBlf3/M+39OObnoB9yf9/GFzyHwaX/IfBJf9hcMl/GFzyHwaX/IfBJf8BAAAAAAAAAAAAAAAAAAAAAAAAAACgry5fupQt9dUnt2ay+uyN5aX5yo1zs2l1vriwNFOcqSxeL85VKnPltDhTWdjq75UrlesTk7F0c7yWVmvj1eWV6YXK0rXa9NWF0lw6nY48l6gAAAAAAAAAAAAAAAAAAADgxVJdXpkvlcvpooJCT4Xh/XEYCn0u7HXPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABP/RMAAP//5SI5Sg==")
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000002700)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800007f0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRESDEC=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'nicvf0\x00', 0x112})
ioctl$TUNATTACHFILTER(r8, 0x401054d5, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{}]})

1.727761208s ago: executing program 0 (id=3120):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00000000009d0000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0xf1, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.638070896s ago: executing program 4 (id=3121):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x10000000}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r5, &(0x7f0000000340)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
r6 = socket$inet6(0xa, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x800, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180800000000000008000000000000", @ANYRES32=r9, @ANYBLOB="00000000000000006300000000000000180000000000000000000000000000009500000000000000a600000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000000340)=""/222}, 0x23)
sendmsg$SMC_PNETID_GET(r8, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r8, &(0x7f0000000180)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x30}, 0x4}, 0x1c)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r10, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @dev}, @IFLA_IPTUN_TOS={0x5, 0x5, 0xc9}]}}}]}, 0x40}}, 0x0)
sendmmsg$inet(r6, &(0x7f00000008c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @remote}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @empty, @empty}}}], 0x20}}], 0x1, 0x0)
sendmsg$inet6(r5, &(0x7f0000000580)={&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0}, 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

1.637632426s ago: executing program 0 (id=3122):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
fchdir(0xffffffffffffffff)
landlock_create_ruleset(&(0x7f0000000140)={0x18a}, 0x10, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x228000, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000380)="0790baa68b95258f19a80958e87093095818", &(0x7f0000000040)=@tcp}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x4091}, 0x40000)
socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f00000042c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_script(r3, &(0x7f00000001c0), 0x4e)
pipe(&(0x7f00000002c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r4, 0x5452, &(0x7f0000000000)=0x9)
tee(r2, r5, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0x6e}, {0x80000006}]}, 0x10)

1.46459648s ago: executing program 2 (id=3123):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100), 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff)

851.46323ms ago: executing program 0 (id=3125):
socket(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x129100, 0x0)
ioctl$TIOCGSOFTCAR(r4, 0x5420, 0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
setpriority(0x1, 0x0, 0x7)
syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8)
fsetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
mkdir(&(0x7f0000000140)='./control\x00', 0x408)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[], &(0x7f0000000180)='GPL\x00'}, 0x90)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f00000001c0)=r7, 0x4)
write$binfmt_misc(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="3a00030007"], 0xd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000630100f80000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x2000010, &(0x7f0000000140)=ANY=[], 0x3, 0x6b5, &(0x7f0000001240)="$eJzs3c1vHGcdB/DvrNeOHargtEkaoaJaiVSQIhInVgrhQkAI5VChqhw4W4nTWNkkle0it0LgQgUnJA79AwqSb5yQkDgGhXM50auPlZC4RBwiLkYzO2uv7d14Hb+XzycazzP7vMxvfvvMjHed1Qb4v3XrUpqPU+TWpbcWy+2V5anWyvLUibq6laQsv5Q0kzSSFA+T4klys6wvkozW6/b2x73388nsjXc+f7ryRXurWS9Vv0ZX/0H0aLtUL5lIMlSvtxoedBcbxrvdPv5NRgYda0PDMmkXOwcPh211i6WddN/JeQscMZ27U9G+b24xnpys7/HV7wT11aFxcBHujx1d5QAAAOCY+uzRYUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx0/9/f9FvTTqdSZSdL7/f6TzWF0+1h4fdgAAAAAAAAAAsAdef5ZnWcypzvZqUf3N/0K1cSb/XU2+kvczn5nM5XIWM52FLGQuV5OMdw00sji9sDB3da1nqXfPaz17XjuoIwYAAAAAAACAL6Vf5db63/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAoKJKh9qpaznTK42k028WMlD+Wkn90ysdE0evBxwcfBwAAAOzK6Av0+eqzPMtiTv3zr+3t1aJ6zX+uer08mvfzMAuZzUJamcmd+jV0+aq/sbI81VpZnnpQLlvH/f6/dxRGNWLa7z303vP5qsVY7ma2euRyblfB3Emj6lk634mnd1wflTEV36sNGFmzTmu5s9/3exdhT+z0rYjxMrhkLSOTdWyNZDhJmYGieqOmLL++oeu2z05z857SyPDanq6msfbOz5l9yPnJel0ez2/2Nec7tZaJRqpMXOuafeeen4nkG3/500/vtR7ev3d3/tLROaRtDPV5fPOcmOrKxKvHOhPNHbafrDJxdm37Vn6Un+RSJvJ25jKbn2U6C5nJal0/Xc/n8uf48zN1c8PW29tFMlI/L+3nbJuYGmVME/lhFd10LlR9T2U2RR7lTmbyZvXvWq7m27me67nR9Qyf7Rt3dWzVWd9YP+tX16uS/K1n8Be/WRfGkvy2Xm/JwSb9ZudeaV/7y7ye7spre9Y/XWt1uus8mOzK0stlZvrflV/k2tj8Wl0o9/Hren00jNeZKE+gzl2iE90r7XnSrO9Lm+f5H6oJMt96eH/u3vR7fcZf2rT9Rr0up9Xy1weNcnjwA3ph5Xx5OaP1lWTj7CjrXlm7ypzecFcdqf/i0q5rbKk7W9UVRedM/XHfM3UkmTjXc6Rr1Uiv9qybqurOd9Vt+H0rj9LKnQPIHwC7NJ6TI2P/Gvts7NOxj8fujb01+oMT3znx2kiG/z783ebk0BuN14o/59P8IqcOO1IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgymP/gw/vTrdbMXO9Co3/VNoXtRt5UKOov9HmhfW0snNhd976Fp6PJwI1Hs6nxcPnA/gT2nMLY5jC2FFZ/mRxcPHWh8yWCvdv8riw0M8iAN7dr89EA8Zw44CflaBWG0nsCHPKFCdh3VxYevHdl/oMPvzX7YPrdmXdnHg5fv35j8sb1N6eu3J1tzUy2fx52lMB+WL/pH3YkAAAAAAAAAAAAwKB6fTDgwks7+KBL/894+J+FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ64dSnNxylydfLyZLm9sjzVKpdOeb1lM0mjkRQ/T4onyc20l4x3DVfkj0+y2mM/n8zeeOfzpytfrI/VbLdPGvV6F5bqJRNJhur1Xo13e9fjFf/pHGGZsIudxMFh+18AAAD//9kP8rA=")

0s ago: executing program 4 (id=3126):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x20000848, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX, @ANYBLOB="00646d61736b3d303030303030303030303030303135322c696f636861720300000069736f383835392d312c6769643d00000000000000", @ANYRESHEX, @ANYRESHEX, @ANYBLOB="1e1456b97f43020078423fad8569494e28e58bd88d6b502cfe943956d9f8efde4f8659ce67cc37b7e1d988638175e2db1b654dccc1a203850b09873b0184822257d4c12aaf0b5efe2105301b585b58256d90fffa59ece5882178fb533b8ed99c4c2c6d1ba6d7f5dac0cad0eaeee76479fb488f67037b1b2a880c53fe952d632ba034c8d2758f1bd92565024144b0862cb3639c534e323806be01dd7a6252a5999b81aa1f34d13acf872bbbfc5bb3bd8b2cfe4db9838e94", @ANYRESOCT], 0x81, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
getpgid(0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x20000014)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f00000003a840"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r2, 0x81044804, &(0x7f0000000400)={0x1})
ioctl$HIDIOCGUSAGE(r1, 0x40184810, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

g=31 arch=c000003e syscall=202 compat=0 ip=0x7f82b7f79e79 code=0x0
[  723.183237][T11883] erofs: (device loop2): mounted with root inode @ nid 36.
[  723.526813][T11875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  723.536235][T11875] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  723.594679][T11889] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  724.157395][T11899] vivid-000: =================  START STATUS  =================
[  724.165202][T11899] vivid-000: Generate PTS: true
[  724.171329][T11899] vivid-000: Generate SCR: true
[  724.176349][T11899] tpg source WxH: 640x360 (Y'CbCr)
[  724.181582][T11899] tpg field: 1
[  724.185071][T11899] tpg crop: 640x360@0x0
[  724.189329][T11899] tpg compose: 640x360@0x0
[  724.193896][T11899] tpg colorspace: 8
[  724.197808][T11899] tpg transfer function: 0/0
[  724.202532][T11899] tpg Y'CbCr encoding: 0/0
[  724.207118][T11899] tpg quantization: 0/0
[  724.211420][T11899] tpg RGB range: 0/2
[  724.215447][T11899] vivid-000: ==================  END STATUS  ==================
[  725.103620][T11901] loop4: detected capacity change from 0 to 512
[  725.278699][T11901] EXT4-fs (loop4): 1 orphan inode deleted
[  725.328398][T11901] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  725.348089][T11901] ext4 filesystem being mounted at /314/file1 supports timestamps until 2038 (0x7fffffff)
[  725.408102][T11910] loop0: detected capacity change from 0 to 128
[  725.760277][   T27] audit: type=1804 audit(2000000063.669:101): pid=11911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2442" name="/newroot/314/file1/bus" dev="loop4" ino=16 res=1 errno=0
[  726.134201][T11913] loop0: detected capacity change from 0 to 256
[  726.160826][T11913] exfat: Bad value for 'uid'
[  726.201126][ T4161] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  726.483508][ T3636] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  726.710318][ T3636] usb 1-1: device descriptor read/64, error -71
[  726.764199][ T6196] usb 4-1: USB disconnect, device number 56
[  727.141534][ T3636] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  727.350615][ T3636] usb 1-1: device descriptor read/64, error -71
[  727.525147][ T3636] usb usb1-port1: attempt power cycle
[  727.958804][   T27] audit: type=1326 audit(2000000065.889:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11928 comm="syz.3.2449" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff09bf79e79 code=0x0
[  728.021600][ T3636] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  728.132447][ T3636] usb 1-1: device descriptor read/8, error -71
[  728.410153][ T3636] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  728.510358][ T3636] usb 1-1: device descriptor read/8, error -71
[  728.646732][ T3636] usb usb1-port1: unable to enumerate USB device
[  728.788322][T11936] loop2: detected capacity change from 0 to 256
[  728.899504][ T4161] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  729.223002][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  729.461515][T11949] loop3: detected capacity change from 0 to 16
[  729.523271][T11949] erofs: (device loop3): mounted with root inode @ nid 36.
[  729.583848][T11942] loop2: detected capacity change from 0 to 4096
[  729.758755][ T4161] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  729.939394][T11954] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  729.946689][T11954] IPv6: NLM_F_CREATE should be set when creating new route
[  730.668497][T11965] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2461'.
[  730.918828][T11970] loop0: detected capacity change from 0 to 256
[  730.951485][T11970] exfat: Bad value for 'uid'
[  731.020564][ T4161] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  731.320312][ T6196] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  731.526360][ T6196] usb 1-1: device descriptor read/64, error -71
[  731.810223][ T6196] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  732.010254][ T6196] usb 1-1: device descriptor read/64, error -71
[  732.140377][ T6196] usb usb1-port1: attempt power cycle
[  732.560363][ T6196] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[  732.656666][ T6196] usb 1-1: device descriptor read/8, error -71
[  732.889543][T11993] loop3: detected capacity change from 0 to 512
[  732.976214][T11999] loop2: detected capacity change from 0 to 128
[  733.019292][T11993] EXT4-fs: Ignoring removed bh option
[  733.029600][T11993] EXT4-fs: inline encryption not supported
[  733.226025][T11993] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.2472: inline data xattr refers to an external xattr inode
[  733.518383][T11993] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.2472: couldn't read orphan inode 12 (err -117)
[  733.576766][T11993] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  733.615434][ T6196] usb 1-1: new high-speed USB device number 69 using dummy_hcd
[  733.710556][ T6196] usb 1-1: device descriptor read/8, error -71
[  733.840437][ T6196] usb usb1-port1: unable to enumerate USB device
[  733.959338][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  734.117398][T12006] fuse: Unknown parameter '0x0000000000000003'
[  734.208753][T12010] loop3: detected capacity change from 0 to 1024
[  734.217050][T12010] EXT4-fs: quotafile must be on filesystem root
[  734.283373][ T4161] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  735.445486][T12035] loop4: detected capacity change from 0 to 128
[  735.839433][T12034] loop2: detected capacity change from 0 to 512
[  735.992229][T12034] EXT4-fs: Ignoring removed bh option
[  735.997674][T12034] EXT4-fs: inline encryption not supported
[  736.203339][T12034] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.2485: inline data xattr refers to an external xattr inode
[  736.260345][T12034] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.2485: couldn't read orphan inode 12 (err -117)
[  736.285136][T12039] loop4: detected capacity change from 0 to 256
[  736.328748][T12039] exfat: Bad value for 'uid'
[  736.346555][T12034] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  736.696511][ T6196] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  736.793205][T12045] vivid-000: =================  START STATUS  =================
[  736.800942][T12045] vivid-000: Generate PTS: true
[  736.805925][T12045] vivid-000: Generate SCR: true
[  736.810926][T12045] tpg source WxH: 640x360 (Y'CbCr)
[  736.816101][T12045] tpg field: 1
[  736.819516][T12045] tpg crop: 640x360@0x0
[  736.823750][T12045] tpg compose: 640x360@0x0
[  736.828213][T12045] tpg colorspace: 8
[  736.832096][T12045] tpg transfer function: 0/0
[  736.836740][T12045] tpg Y'CbCr encoding: 0/0
[  736.841237][T12045] tpg quantization: 0/0
[  736.845501][T12045] tpg RGB range: 0/2
[  736.849494][T12045] vivid-000: ==================  END STATUS  ==================
[  737.596574][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  737.723307][T12050] fuse: Unknown parameter '0x0000000000000003'
[  737.882510][T12057] usb usb8: usbfs: process 12057 (syz.0.2492) did not claim interface 0 before use
[  737.898519][ T6196] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  737.935885][ T6196] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  737.980263][ T6196] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  737.989354][ T6196] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.059525][ T6196] usb 5-1: config 0 descriptor??
[  738.082467][  T120] block nbd2: Attempted send on invalid socket
[  738.088665][  T120] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  738.100918][  T120] block nbd2: Attempted send on invalid socket
[  738.107172][  T120] I/O error, dev nbd2, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  738.117622][T12063] Mount JFS Failure: -5
[  738.127337][T12063] jfs_mount failed w/return code = -5
[  738.169362][   T27] audit: type=1326 audit(2000000076.099:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12062 comm="syz.3.2495" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff09bf79e79 code=0x0
[  738.255304][T12069] vivid-000: =================  START STATUS  =================
[  738.263151][T12069] vivid-000: Generate PTS: true
[  738.268128][T12069] vivid-000: Generate SCR: true
[  738.273166][T12069] tpg source WxH: 640x360 (Y'CbCr)
[  738.278326][T12069] tpg field: 1
[  738.281794][T12069] tpg crop: 640x360@0x0
[  738.286011][T12069] tpg compose: 640x360@0x0
[  738.290503][T12069] tpg colorspace: 8
[  738.294363][T12069] tpg transfer function: 0/0
[  738.298995][T12069] tpg Y'CbCr encoding: 0/0
[  738.303641][T12069] tpg quantization: 0/0
[  738.308288][T12069] tpg RGB range: 0/2
[  738.312357][T12069] vivid-000: ==================  END STATUS  ==================
[  738.620300][ T6196] usb 1-1: new high-speed USB device number 70 using dummy_hcd
[  738.945147][ T6196] usb 1-1: Using ep0 maxpacket: 8
[  739.044229][T12075] loop1: detected capacity change from 0 to 512
[  739.115983][T12075] EXT4-fs (loop1): 1 orphan inode deleted
[  739.122023][T12075] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  739.139530][T12075] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038 (0x7fffffff)
[  739.160447][ T6196] usb 1-1: config index 0 descriptor too short (expected 6427, got 27)
[  739.218743][ T6196] usb 1-1: config 0 has too many interfaces: 241, using maximum allowed: 32
[  739.235499][ T6196] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 241
[  739.247632][ T6196] usb 1-1: config 0 has no interface number 0
[  739.254765][ T6196] usb 1-1: config 0 interface 21 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  739.294371][   T27] audit: type=1804 audit(2000000077.229:104): pid=12083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2496" name="/newroot/205/file1/bus" dev="loop1" ino=16 res=1 errno=0
[  739.410428][ T6196] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  739.445298][ T6196] usb 1-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0
[  739.467582][ T6196] usb 1-1: Product: syz
[  739.486374][ T6196] usb 1-1: Manufacturer: syz
[  739.514805][ T6196] usb 1-1: config 0 descriptor??
[  739.540395][T12069] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  740.133791][T12069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  740.160315][ T3959] usb 5-1: USB disconnect, device number 60
[  740.169903][T12069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  740.206091][T12085] loop3: detected capacity change from 0 to 512
[  740.250496][T12085] EXT4-fs: Ignoring removed bh option
[  740.255958][T12085] EXT4-fs: inline encryption not supported
[  740.334957][T12085] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.2498: inline data xattr refers to an external xattr inode
[  740.370957][T12085] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.2498: couldn't read orphan inode 12 (err -117)
[  740.398529][T12085] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  740.679624][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  740.838882][T12096] fuse: Unknown parameter '0x0000000000000003'
[  741.165452][T12102] loop3: detected capacity change from 0 to 1024
[  741.238574][T10478] usb 1-1: USB disconnect, device number 70
[  741.246272][T12102] EXT4-fs: quotafile must be on filesystem root
[  741.421527][T12104] usb usb8: usbfs: process 12104 (syz.4.2506) did not claim interface 0 before use
[  741.811601][T12114] loop0: detected capacity change from 0 to 256
[  741.830394][T12115] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  741.837674][T12115] IPv6: NLM_F_CREATE should be set when creating new route
[  741.855983][T12114] exfat: Bad value for 'uid'
[  742.200213][T10478] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[  742.595269][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  742.617131][T12119] loop4: detected capacity change from 0 to 512
[  742.637088][T12119] EXT4-fs: Ignoring removed bh option
[  742.646847][T12119] EXT4-fs: inline encryption not supported
[  742.720368][T10478] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  742.740481][T10478] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  742.751949][T12119] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz.4.2512: inline data xattr refers to an external xattr inode
[  742.769824][T10478] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  742.790020][T10478] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.790371][T12119] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2512: couldn't read orphan inode 12 (err -117)
[  742.805665][T10478] usb 1-1: config 0 descriptor??
[  742.909494][T12119] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  743.059662][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  743.315245][T12132] fuse: Unknown parameter '0x0000000000000003'
[  743.511494][T12139] usb usb8: usbfs: process 12139 (syz.2.2519) did not claim interface 0 before use
[  743.686246][T12143] device syz_tun entered promiscuous mode
[  743.736283][T12145] loop1: detected capacity change from 0 to 512
[  743.828735][T12145] EXT4-fs (loop1): 1 orphan inode deleted
[  743.841493][T12145] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  743.858659][T12145] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038 (0x7fffffff)
[  743.882973][   T27] audit: type=1804 audit(2000000081.819:105): pid=12145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2522" name="/newroot/210/file1/bus" dev="loop1" ino=16 res=1 errno=0
[  743.926416][T12152] loop2: detected capacity change from 0 to 1024
[  743.940832][T12152] EXT4-fs: quotafile must be on filesystem root
[  744.449083][T12157] loop3: detected capacity change from 0 to 512
[  744.476320][T12157] EXT4-fs: Ignoring removed bh option
[  744.499002][T12157] EXT4-fs: inline encryption not supported
[  744.517046][T12157] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.2525: inline data xattr refers to an external xattr inode
[  744.539656][T12157] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.2525: couldn't read orphan inode 12 (err -117)
[  744.894365][T12157] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  744.925637][ T3636] usb 1-1: USB disconnect, device number 71
[  744.983237][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  745.191365][T12168] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2528'.
[  745.514948][T12175] fuse: Unknown parameter '0x0000000000000004'
[  745.682015][T12180] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  745.689338][T12180] IPv6: NLM_F_CREATE should be set when creating new route
[  745.801555][T12182] usb usb8: usbfs: process 12182 (syz.2.2533) did not claim interface 0 before use
[  745.975025][T12184] netlink: 'syz.4.2534': attribute type 10 has an invalid length.
[  746.018637][T12184] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  746.144055][T12189] loop2: detected capacity change from 0 to 256
[  746.174985][T12189] exfat: Bad value for 'uid'
[  746.520163][ T3713] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  746.731302][T12196] loop0: detected capacity change from 0 to 1024
[  746.738525][T12196] EXT4-fs: quotafile must be on filesystem root
[  746.803727][ T4161] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  746.820499][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  746.880336][ T3713] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  746.897309][ T3713] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  746.920242][ T3713] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  746.929731][ T3713] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.952739][ T3713] usb 3-1: config 0 descriptor??
[  746.992417][ T1261] ieee802154 phy0 wpan0: encryption failed: -22
[  746.998778][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[  747.022244][ T3959] usb 5-1: new full-speed USB device number 61 using dummy_hcd
[  747.065587][T12201] fuse: Unknown parameter '0x0000000000000003'
[  747.070324][T12203] loop1: detected capacity change from 0 to 256
[  747.151592][ T4161] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  747.710487][ T3959] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  747.725050][ T3959] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  747.757121][ T3959] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  747.791419][ T3959] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  747.830876][ T3959] usb 5-1: config 0 interface 0 has no altsetting 0
[  748.005973][T12213] loop1: detected capacity change from 0 to 4096
[  748.010358][ T3959] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  748.031262][ T3959] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  748.039713][ T3959] usb 5-1: Product: syz
[  748.072898][ T3959] usb 5-1: Manufacturer: syz
[  748.077532][ T3959] usb 5-1: SerialNumber: syz
[  748.111727][ T3959] usb 5-1: config 0 descriptor??
[  748.127096][ T4161] I/O error, dev loop1, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  748.151573][ T3959] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  748.189187][ T3959] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  748.334584][T12219] usb usb8: usbfs: process 12219 (syz.0.2547) did not claim interface 0 before use
[  748.643077][ T3636] usb 5-1: USB disconnect, device number 61
[  748.658108][ T3636] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  748.765982][T12226] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  749.368021][ T6196] usb 3-1: USB disconnect, device number 64
[  749.471503][T12238] fuse: Unknown parameter 'fd0x0000000000000003'
[  749.578028][T12241] loop1: detected capacity change from 0 to 1024
[  749.838943][T12241] EXT4-fs: quotafile must be on filesystem root
[  749.995489][T12256] loop2: detected capacity change from 0 to 128
[  750.194517][   T27] audit: type=1326 audit(2000000088.119:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12246 comm="syz.4.2559" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f82b7f79e79 code=0x0
[  750.562920][T12258] loop3: detected capacity change from 0 to 128
[  750.661874][ T4161] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  750.686816][T12260] sctp: [Deprecated]: syz.4.2562 (pid 12260) Use of struct sctp_assoc_value in delayed_ack socket option.
[  750.686816][T12260] Use struct sctp_sack_info instead
[  750.860314][T12264] loop4: detected capacity change from 0 to 256
[  750.903279][ T3894] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  751.041248][T12266] loop2: detected capacity change from 0 to 256
[  751.063963][T12266] exfat: Bad value for 'uid'
[  751.397142][  T153] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  751.716340][T12272] loop4: detected capacity change from 0 to 4096
[  751.793383][ T4161] I/O error, dev loop4, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  751.803812][  T153] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  751.834763][  T153] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  751.878128][  T153] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  751.904771][  T153] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  751.934292][  T153] usb 3-1: config 0 descriptor??
[  751.992436][  T153] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  752.119424][T12274] [U] 
[  752.122643][T12274] [U] 
[  752.125346][T12274] [U] 
[  752.128045][T12274] [U] 
[  752.131529][T12274] [U] 
[  752.134259][T12274] [U] 
[  752.136961][T12274] [U] 
[  752.139661][T12274] [U] 
[  752.142536][T12274] [U] 
[  752.145252][T12274] [U] 
[  752.147974][T12274] [U] 
[  752.150669][T12274] [U] 
[  752.153921][T12274] [U] 
[  752.156638][T12274] [U] 
[  752.159340][T12274] [U] 
[  752.162046][T12274] [U] 
[  752.164989][T12274] [U] 
[  752.167692][T12274] [U] 
[  752.170394][T12274] [U] 
[  752.173093][T12274] [U] 
[  752.175937][T12274] [U] 
[  752.179075][T12274] [U] 
[  752.181779][T12274] [U] 
[  752.184486][T12274] [U] 
[  752.187313][T12274] [U] 
[  752.190016][T12274] [U] 
[  752.192718][T12274] [U] 
[  752.195419][T12274] [U] 
[  752.198273][T12274] [U] 
[  752.200979][T12274] [U] 
[  752.203691][T12274] [U] 
[  752.206393][T12274] [U] 
[  752.209225][T12274] [U] 
[  752.211932][T12274] [U] 
[  752.214631][T12274] [U] 
[  752.217340][T12274] [U] 
[  752.220207][T12274] [U] 
[  752.222915][T12274] [U] 
[  752.225628][T12274] [U] 
[  752.228330][T12274] [U] 
[  752.231238][T12274] [U] 
[  752.233940][T12274] [U] 
[  752.236637][T12274] [U] 
[  752.239349][T12274] [U] 
[  752.242191][T12274] [U] 
[  752.244891][T12274] [U] 
[  752.247650][T12274] [U] 
[  752.250355][T12274] [U] 
[  752.253558][T12274] [U] 
[  752.256267][T12274] [U] 
[  752.258964][T12274] [U] 
[  752.261656][T12274] [U] 
[  752.264481][T12274] [U] 
[  752.267215][T12274] [U] 
[  752.269924][T12274] [U] 
[  752.272637][T12274] [U] 
[  752.275525][T12274] [U] 
[  752.278661][T12274] [U] 
[  752.281385][T12274] [U] 
[  752.284083][T12274] [U] 
[  752.286932][T12274] [U] 
[  752.289635][T12274] [U] 
[  752.292341][T12274] [U] 
[  752.295038][T12274] [U] 
[  752.297887][T12274] [U] 
[  752.300599][T12274] [U] 
[  752.303302][T12274] [U] 
[  752.306005][T12274] [U] 
[  752.308841][T12274] [U] 
[  752.311548][T12274] [U] 
[  752.314256][T12274] [U] 
[  752.316975][T12274] [U] 
[  752.319872][T12274] [U] 
[  752.322584][T12274] [U] 
[  752.325292][T12274] [U] 
[  752.327993][T12274] [U] 
[  752.330855][T12274] [U] 
[  752.333570][T12274] [U] 
[  752.336273][T12274] [U] 
[  752.338974][T12274] [U] 
[  752.341854][T12274] [U] 
[  752.344562][T12274] [U] 
[  752.347266][T12274] [U] 
[  752.349972][T12274] [U] 
[  752.353252][T12274] [U] 
[  752.355972][T12274] [U] 
[  752.358696][T12274] [U] 
[  752.361398][T12274] [U] 
[  752.364304][T12274] [U] 
[  752.367020][T12274] [U] 
[  752.369723][T12274] [U] 
[  752.372435][T12274] [U] 
[  752.375309][T12274] [U] 
[  752.378030][T12274] [U] 
[  752.380735][T12274] [U] 
[  752.383446][T12274] [U] 
[  752.386314][T12274] [U] 
[  752.389023][T12274] [U] 
[  752.391750][T12274] [U] 
[  752.394462][T12274] [U] 
[  752.397326][T12274] [U] 
[  752.400034][T12274] [U] 
[  752.402726][T12274] [U] 
[  752.405414][T12274] [U] 
[  752.408237][T12274] [U] 
[  752.410932][T12274] [U] 
[  752.413615][T12274] [U] 
[  752.416295][T12274] [U] 
[  752.419110][T12274] [U] 
[  752.421816][T12274] [U] 
[  752.424517][T12274] [U] 
[  752.427219][T12274] [U] 
[  752.430178][T12274] [U] 
[  752.432915][T12274] [U] 
[  752.435621][T12274] [U] 
[  752.438330][T12274] [U] 
[  752.441170][T12274] [U] 
[  752.443879][T12274] [U] 
[  752.446580][T12274] [U] 
[  752.449279][T12274] [U] 
[  752.452166][T12274] [U] 
[  752.454875][T12274] [U] 
[  752.457575][T12274] [U] 
[  752.460297][T12274] [U] 
[  752.463513][T12274] [U] 
[  752.466229][T12274] [U] 
[  752.468933][T12274] [U] 
[  752.475428][T12273] [U] 
[  753.205288][T12283] fuse: Unknown parameter 'fd0x0000000000000003'
[  753.756121][T12297] loop0: detected capacity change from 0 to 128
[  754.495990][T11407] usb 3-1: USB disconnect, device number 65
[  754.796659][T12312] loop4: detected capacity change from 0 to 128
[  755.004114][T12316] loop3: detected capacity change from 0 to 16
[  755.019141][T12316] erofs: (device loop3): mounted with root inode @ nid 36.
[  755.383094][T12321] fuse: Unknown parameter 'fd0x0000000000000003'
[  755.610366][T12326] usb usb8: usbfs: process 12326 (syz.3.2584) did not claim interface 0 before use
[  755.918817][T12336] loop0: detected capacity change from 0 to 256
[  756.014690][ T4161] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  756.016190][T12338] loop3: detected capacity change from 0 to 256
[  756.132651][T12338] exfat: Bad value for 'uid'
[  756.460150][T10112] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  756.842009][T12340] loop0: detected capacity change from 0 to 4096
[  756.850502][T10112] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  756.880259][T10112] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  756.916555][T10112] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  756.936708][T10112] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.989075][T10112] usb 4-1: config 0 descriptor??
[  757.032253][T10112] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  757.331832][T12348] loop2: detected capacity change from 0 to 16
[  757.374241][T12348] erofs: (device loop2): mounted with root inode @ nid 36.
[  757.592841][T12355] sctp: [Deprecated]: syz.1.2590 (pid 12355) Use of struct sctp_assoc_value in delayed_ack socket option.
[  757.592841][T12355] Use struct sctp_sack_info instead
[  757.852870][T12363] usb usb8: usbfs: process 12363 (syz.4.2596) did not claim interface 0 before use
[  759.037910][ T3636] usb 4-1: USB disconnect, device number 57
[  759.253435][T12383] loop2: detected capacity change from 0 to 128
[  760.442602][T12391] sctp: [Deprecated]: syz.3.2605 (pid 12391) Use of struct sctp_assoc_value in delayed_ack socket option.
[  760.442602][T12391] Use struct sctp_sack_info instead
[  761.071455][T12398] usb usb8: usbfs: process 12398 (syz.3.2608) did not claim interface 0 before use
[  761.114042][T12402] loop4: detected capacity change from 0 to 256
[  761.338959][T12409] loop1: detected capacity change from 0 to 16
[  761.406149][T12409] erofs: (device loop1): mounted with root inode @ nid 36.
[  761.408702][T12411] loop2: detected capacity change from 0 to 256
[  761.443628][T12411] exfat: Bad value for 'uid'
[  762.003947][ T3636] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  762.137001][T12424] loop0: detected capacity change from 0 to 128
[  762.410691][ T3636] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  762.497144][ T3636] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  762.739116][T12422] loop4: detected capacity change from 0 to 4096
[  762.749820][ T3636] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  762.767598][T12426] sctp: [Deprecated]: syz.3.2617 (pid 12426) Use of struct sctp_assoc_value in delayed_ack socket option.
[  762.767598][T12426] Use struct sctp_sack_info instead
[  762.790789][ T3636] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  762.902144][ T3636] usb 3-1: config 0 descriptor??
[  762.963215][ T3636] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  763.035743][T12431] loop3: detected capacity change from 0 to 512
[  763.131583][T12431] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  763.135107][T12436] loop1: detected capacity change from 0 to 128
[  763.149594][T12431] ext4 filesystem being mounted at /356/file1 supports timestamps until 2038 (0x7fffffff)
[  763.180957][T12431] EXT4-fs error (device loop3): ext4_empty_dir:3143: inode #12: block 32: comm syz.3.2619: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  763.246903][T12436] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  763.272603][T12436] ext4 filesystem being mounted at /221/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  763.305218][T12431] EXT4-fs warning (device loop3): ext4_empty_dir:3145: inode #12: comm syz.3.2619: directory missing '.'
[  763.414643][T12439] loop0: detected capacity change from 0 to 128
[  763.597346][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  763.655539][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  763.814156][T12445] loop1: detected capacity change from 0 to 512
[  763.878188][T12445] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  763.923683][T12445] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  763.959476][T12445] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038 (0x7fffffff)
[  764.350165][T12457] loop4: detected capacity change from 0 to 16
[  764.530027][T12457] erofs: (device loop4): mounted with root inode @ nid 36.
[  764.886703][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  764.896493][ T3636] usb 3-1: USB disconnect, device number 66
[  765.245552][T12469] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2630'.
[  765.423169][T12473] loop4: detected capacity change from 0 to 2048
[  765.459790][T12473] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  765.823318][T11407] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  766.255604][T11407] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  766.333232][T11407] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  766.453466][T12488] loop2: detected capacity change from 0 to 2048
[  766.470907][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  766.490290][T11407] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  766.512017][T11407] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  766.546449][T11407] usb 4-1: SerialNumber: syz
[  766.557824][T12488] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  766.845702][T12498] loop4: detected capacity change from 0 to 512
[  766.852570][T11407] usb 4-1: 0:2 : does not exist
[  766.858236][T12498] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  767.208659][T12498] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  767.307481][T12498] ext4 filesystem being mounted at /345/file0 supports timestamps until 2038 (0x7fffffff)
[  767.663959][T11407] usb 4-1: USB disconnect, device number 58
[  767.708034][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  767.719939][ T4161] udevd[4161]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  767.761598][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  767.861573][T12503] loop2: detected capacity change from 0 to 512
[  767.871554][T12505] loop4: detected capacity change from 0 to 256
[  767.894397][T12505] exfat: Bad value for 'uid'
[  767.913723][T12503] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  768.008966][T12503] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  768.028712][T12503] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038 (0x7fffffff)
[  768.165920][T12511] loop0: detected capacity change from 0 to 16
[  768.183681][T12511] erofs: (device loop0): mounted with root inode @ nid 36.
[  768.429340][T10478] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  768.727515][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  768.800842][T12519] sctp: [Deprecated]: syz.2.2644 (pid 12519) Use of struct sctp_assoc_value in delayed_ack socket option.
[  768.800842][T12519] Use struct sctp_sack_info instead
[  769.074224][T10478] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  769.091134][T10478] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  769.105079][T10478] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  769.121559][T10478] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  769.131601][T10478] usb 5-1: config 0 descriptor??
[  769.172632][T10478] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  769.590988][T12545] loop1: detected capacity change from 0 to 1024
[  769.612847][T12545] hfsplus: request for non-existent node -709361664 in B*Tree
[  769.620857][T12545] hfsplus: request for non-existent node -709361664 in B*Tree
[  769.629397][T12545] hfsplus: b-tree write err: -5, ino 8
[  769.931912][T12551] loop0: detected capacity change from 0 to 512
[  769.956503][T12551] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  769.976305][T12551] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  769.985498][T12551] ext4 filesystem being mounted at /599/file0 supports timestamps until 2038 (0x7fffffff)
[  770.564135][T12561] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2657'.
[  770.704676][ T3640] EXT4-fs (loop0): unmounting filesystem.
[  770.852141][T12566] loop2: detected capacity change from 0 to 16
[  770.870372][T12566] erofs: (device loop2): mounted with root inode @ nid 36.
[  771.018673][T12568] loop1: detected capacity change from 0 to 256
[  771.348296][ T3636] usb 5-1: USB disconnect, device number 62
[  771.740198][ T3646] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  771.755247][ T3646] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  771.763080][ T3646] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  771.790435][ T3650] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  771.793839][T12577] device syzkaller0 entered promiscuous mode
[  771.799591][ T3650] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  771.817050][ T3650] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  771.960518][   T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.979996][T12586] loop1: detected capacity change from 0 to 128
[  772.041642][T12586] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  772.070848][T12586] ext4 filesystem being mounted at /234/file0 supports timestamps until 2038 (0x7fffffff)
[  772.169803][T12591] loop2: detected capacity change from 0 to 512
[  772.188994][T12591] EXT4-fs: Ignoring removed bh option
[  772.221460][T12591] EXT4-fs: inline encryption not supported
[  772.270319][T12591] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.2668: inline data xattr refers to an external xattr inode
[  772.318115][T12591] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.2668: couldn't read orphan inode 12 (err -117)
[  772.338700][T12591] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  772.347608][   T27] audit: type=1800 audit(2000000110.279:107): pid=12586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2666" name="bus" dev="loop1" ino=12 res=0 errno=0
[  772.347644][   T27] audit: type=1800 audit(2000000110.279:108): pid=12586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2666" name="bus" dev="loop1" ino=12 res=0 errno=0
[  772.542631][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  772.719706][T12599] loop1: detected capacity change from 0 to 512
[  772.748342][T12599] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  772.824063][T12599] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  772.902342][T12599] ext4 filesystem being mounted at /235/file0 supports timestamps until 2038 (0x7fffffff)
[  772.951471][T12602] loop4: detected capacity change from 0 to 256
[  773.010651][T12602] exfat: Bad value for 'uid'
[  773.556737][T11407] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  773.882572][ T3650] Bluetooth: hci2: command tx timeout
[  773.940336][T11407] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  773.951006][T11407] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  773.964660][T11407] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  773.974050][T11407] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  773.990191][T11407] usb 5-1: config 0 descriptor??
[  774.037727][T11407] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  775.006325][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  775.047250][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  775.108075][   T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.197781][T12614] loop3: detected capacity change from 0 to 16
[  775.222839][   T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.229300][T12614] erofs: (device loop3): mounted with root inode @ nid 36.
[  775.497710][   T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.637528][T12578] chnl_net:caif_netlink_parms(): no params data found
[  775.800565][T12627] loop1: detected capacity change from 0 to 512
[  775.851415][T12578] bridge0: port 1(bridge_slave_0) entered blocking state
[  775.861838][T12578] bridge0: port 1(bridge_slave_0) entered disabled state
[  775.877692][T12578] device bridge_slave_0 entered promiscuous mode
[  775.889667][T12578] bridge0: port 2(bridge_slave_1) entered blocking state
[  775.897082][T12578] bridge0: port 2(bridge_slave_1) entered disabled state
[  775.906031][T12578] device bridge_slave_1 entered promiscuous mode
[  775.933662][T12627] loop1: detected capacity change from 0 to 256
[  775.960426][ T3650] Bluetooth: hci2: command tx timeout
[  776.181227][T12578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  776.195284][T10112] usb 5-1: USB disconnect, device number 63
[  776.228198][T12578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  776.488189][T12578] team0: Port device team_slave_0 added
[  776.561652][T12578] team0: Port device team_slave_1 added
[  776.669936][T12578] batman_adv: batadv0: Adding interface: batadv_slave_0
[  776.688330][T12578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  776.713903][T12651] loop4: detected capacity change from 0 to 512
[  776.743937][T12651] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  776.776561][T12578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  776.799007][T12654] loop2: detected capacity change from 0 to 512
[  776.814048][T12654] EXT4-fs: Ignoring removed bh option
[  776.819511][T12654] EXT4-fs: inline encryption not supported
[  776.868934][T12651] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  776.889069][T12578] batman_adv: batadv0: Adding interface: batadv_slave_1
[  776.892231][T12657] loop1: detected capacity change from 0 to 512
[  776.896356][T12651] ext4 filesystem being mounted at /351/file0 supports timestamps until 2038 (0x7fffffff)
[  776.938961][T12654] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.2683: inline data xattr refers to an external xattr inode
[  776.949611][T12578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  776.982618][T12578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  777.007844][T12657] EXT4-fs (loop1): 1 orphan inode deleted
[  777.010418][T12654] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.2683: couldn't read orphan inode 12 (err -117)
[  777.026155][T12654] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  777.044285][T12657] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  777.084730][T12657] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038 (0x7fffffff)
[  777.246072][   T27] audit: type=1804 audit(2000000115.069:109): pid=12657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2682" name="/newroot/238/file1/bus" dev="loop1" ino=18 res=1 errno=0
[  777.473096][T12578] device hsr_slave_0 entered promiscuous mode
[  777.500616][T12578] device hsr_slave_1 entered promiscuous mode
[  778.030346][ T3650] Bluetooth: hci2: command tx timeout
[  778.674636][   T11] device hsr_slave_0 left promiscuous mode
[  778.736229][   T11] device hsr_slave_1 left promiscuous mode
[  778.793798][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  778.827021][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  778.842571][T12690] loop3: detected capacity change from 0 to 16
[  778.859337][T12690] erofs: (device loop3): mounted with root inode @ nid 36.
[  778.896952][   T11] device batadv0 left promiscuous mode
[  778.954781][   T11] bridge0: port 3(batadv0) entered disabled state
[  779.040007][   T11] device bridge_slave_1 left promiscuous mode
[  779.051671][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.160663][   T11] device bridge_slave_0 left promiscuous mode
[  779.170329][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.285198][   T11] device veth1_macvtap left promiscuous mode
[  779.306251][   T11] device veth0_macvtap left promiscuous mode
[  779.325528][   T11] device veth1_vlan left promiscuous mode
[  779.345417][   T11] device veth0_vlan left promiscuous mode
[  779.541645][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  779.701347][T12695] loop2: detected capacity change from 0 to 512
[  779.756071][T12695] EXT4-fs error (device loop2): __ext4_fill_super:5399: inode #2: comm syz.2.2686: casefold flag without casefold feature
[  779.797593][T12695] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  779.824727][T12695] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  780.040482][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  780.110372][ T3650] Bluetooth: hci2: command tx timeout
[  781.126703][   T27] audit: type=1326 audit(2000000119.059:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12703 comm="syz.2.2688" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f04179e79 code=0x0
[  781.218107][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  781.415366][   T11] team0 (unregistering): Port device team_slave_1 removed
[  781.490823][T12711] loop1: detected capacity change from 0 to 1024
[  781.516793][   T11] team0 (unregistering): Port device team_slave_0 removed
[  781.718142][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  781.744531][T12716] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2691'.
[  782.696668][T12720] loop2: detected capacity change from 0 to 512
[  782.740312][T12720] EXT4-fs: Ignoring removed nobh option
[  782.750709][T12720] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  782.779447][T12720] EXT4-fs (loop2): 1 truncate cleaned up
[  782.801922][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  782.807134][T12720] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  782.941828][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  782.969768][T12725] loop1: detected capacity change from 0 to 2048
[  783.069869][T12725] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  784.246708][   T11] bond0 (unregistering): Released all slaves
[  784.580202][T12738] loop3: detected capacity change from 0 to 512
[  784.587088][T12738] EXT4-fs: Ignoring removed bh option
[  784.604527][T12738] EXT4-fs: inline encryption not supported
[  784.620430][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  784.698663][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  784.713869][T12742] loop1: detected capacity change from 0 to 512
[  784.734174][T12742] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  784.734227][T12738] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.2695: inline data xattr refers to an external xattr inode
[  784.796478][T12742] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  784.810890][T12738] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.2695: couldn't read orphan inode 12 (err -117)
[  784.835094][T12738] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  784.858950][T12742] EXT4-fs (loop1): 1 truncate cleaned up
[  784.888791][T12742] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  785.998965][ T3636] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  787.045819][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  787.233339][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  787.431119][ T3636] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  787.478151][ T3636] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.585377][T12772] loop3: detected capacity change from 0 to 128
[  788.236310][   T27] audit: type=1326 audit(2000000126.169:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.2.2701" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f04179e79 code=0x0
[  788.281758][ T3636] usb 5-1: config 0 descriptor??
[  788.320326][ T3636] usb 5-1: can't set config #0, error -71
[  788.360275][ T3636] usb 5-1: USB disconnect, device number 64
[  788.422221][T12578] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  788.484357][T12578] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  788.535807][T12787] loop4: detected capacity change from 0 to 16
[  788.561231][T12784] loop3: detected capacity change from 0 to 512
[  788.595479][T12578] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  788.640692][T12787] erofs: (device loop4): mounted with root inode @ nid 36.
[  788.696482][T12578] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  788.901776][T12794] loop2: detected capacity change from 0 to 1024
[  789.056925][T12794] hfsplus: request for non-existent node -709361664 in B*Tree
[  789.064531][T12794] hfsplus: request for non-existent node -709361664 in B*Tree
[  789.075447][T12794] hfsplus: b-tree write err: -5, ino 8
[  789.636200][T12578] 8021q: adding VLAN 0 to HW filter on device bond0
[  789.670584][T12784] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  789.701485][T12784] ext4 filesystem being mounted at /372/file1 supports timestamps until 2038 (0x7fffffff)
[  789.742406][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  789.761807][T12802] loop2: detected capacity change from 0 to 512
[  789.763399][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  789.817128][T12578] 8021q: adding VLAN 0 to HW filter on device team0
[  789.880838][T12802] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  789.924899][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  789.960882][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  789.971180][T12802] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  789.990462][T12802] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038 (0x7fffffff)
[  790.007328][T12809] loop4: detected capacity change from 0 to 256
[  790.021275][T12809] exfat: Bad value for 'uid'
[  790.047334][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  790.076006][ T3919] bridge0: port 1(bridge_slave_0) entered blocking state
[  790.083148][ T3919] bridge0: port 1(bridge_slave_0) entered forwarding state
[  790.098951][T12811] loop1: detected capacity change from 0 to 512
[  790.190447][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  790.217597][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  790.240919][T12811] EXT4-fs: Ignoring removed bh option
[  790.248658][T12811] EXT4-fs: inline encryption not supported
[  790.279073][ T3919] bridge0: port 2(bridge_slave_1) entered blocking state
[  790.286242][ T3919] bridge0: port 2(bridge_slave_1) entered forwarding state
[  790.649409][   T26] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  790.999703][T12811] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz.1.2708: inline data xattr refers to an external xattr inode
[  791.153707][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  791.162874][T12811] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.2708: couldn't read orphan inode 12 (err -117)
[  791.210224][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  791.265154][T12811] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  791.295176][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  791.336850][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  791.358041][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  791.470997][T12818] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  791.478235][T12818] IPv6: NLM_F_CREATE should be set when creating new route
[  791.580392][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  791.588338][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  791.602025][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  791.671182][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  791.813245][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  791.820317][   T26] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  791.830743][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  791.915217][T12830] loop3: detected capacity change from 0 to 128
[  792.532831][   T26] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  792.550201][   T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.578239][   T26] usb 5-1: config 0 descriptor??
[  792.641657][   T26] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  792.906340][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  793.076485][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  793.251259][T12578] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  793.340853][   T27] audit: type=1326 audit(2000000131.279:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.3.2714" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff09bf79e79 code=0x0
[  793.705378][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  793.724998][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  793.768097][T12578] 8021q: adding VLAN 0 to HW filter on device batadv0
[  793.809006][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  793.838780][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  793.909868][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  793.928539][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  793.960329][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  793.985750][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  794.010165][T12578] device veth0_vlan entered promiscuous mode
[  794.038464][T12578] device veth1_vlan entered promiscuous mode
[  794.114432][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  794.129951][ T4781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  794.158874][T12578] device veth0_macvtap entered promiscuous mode
[  794.191460][T12578] device veth1_macvtap entered promiscuous mode
[  794.229343][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  794.286477][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  794.327090][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  794.334954][T12861] loop3: detected capacity change from 0 to 512
[  794.345600][T12859] loop2: detected capacity change from 0 to 2048
[  794.371672][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  794.407862][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  794.425636][T12861] EXT4-fs error (device loop3): __ext4_fill_super:5399: inode #2: comm syz.3.2716: casefold flag without casefold feature
[  794.469962][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  794.497522][T12861] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  794.514237][T12859] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  794.525044][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  794.543681][T12861] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  794.579215][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  794.592316][T12578] batman_adv: batadv0: Interface activated: batadv_slave_0
[  794.604764][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  794.615427][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  794.625382][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  794.636021][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  794.646350][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  794.656938][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  794.680398][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  794.706679][T12578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  794.717783][T12578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  794.737925][T12578] batman_adv: batadv0: Interface activated: batadv_slave_1
[  794.989513][T10112] usb 5-1: USB disconnect, device number 65
[  795.041183][T12578] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  795.313909][T12578] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  795.363377][T12578] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  795.393747][T12578] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  795.435838][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  795.444539][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  795.452679][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  795.467657][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  795.484048][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  795.484356][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  795.492947][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  795.512210][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  795.645289][ T1060] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  795.681942][T12882] loop4: detected capacity change from 0 to 512
[  795.713577][ T1060] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  795.743150][ T3938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  795.760330][T12882] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  795.777230][T12887] loop2: detected capacity change from 0 to 16
[  795.786352][ T3938] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  795.797743][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  795.820611][T12887] erofs: (device loop2): mounted with root inode @ nid 36.
[  795.845567][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  795.852808][T12882] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  795.852893][T12882] ext4 filesystem being mounted at /355/file0 supports timestamps until 2038 (0x7fffffff)
[  796.088091][   T26] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  797.350289][T12903] sctp: [Deprecated]: syz.0.2659 (pid 12903) Use of struct sctp_assoc_value in delayed_ack socket option.
[  797.350289][T12903] Use struct sctp_sack_info instead
[  797.683201][T12901] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  797.712493][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  798.552554][T12916] loop4: detected capacity change from 0 to 16
[  798.588883][T12916] erofs: (device loop4): mounted with root inode @ nid 36.
[  798.730232][   T26] usb 2-1: unable to read config index 0 descriptor/start: -71
[  798.737863][   T26] usb 2-1: can't read configurations, error -71
[  798.960898][T12924] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  798.970654][T12924] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32
[  798.991001][T12924] loop3: detected capacity change from 0 to 1024
[  799.852776][T12924] hfsplus: request for non-existent node -709361664 in B*Tree
[  799.860414][T12924] hfsplus: request for non-existent node -709361664 in B*Tree
[  799.871411][T12924] hfsplus: b-tree write err: -5, ino 8
[  799.926104][T12919] loop0: detected capacity change from 0 to 512
[  800.067910][T12919] EXT4-fs: Ignoring removed bh option
[  800.157106][T12919] EXT4-fs: inline encryption not supported
[  800.193418][T12919] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.2727: inline data xattr refers to an external xattr inode
[  800.210475][T12919] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.2727: couldn't read orphan inode 12 (err -117)
[  800.233092][T12919] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  800.266216][T12934] loop1: detected capacity change from 0 to 512
[  800.406289][T12934] EXT4-fs (loop1): Test dummy encryption mode enabled
[  800.451505][ T3687] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  800.490874][T12934] EXT4-fs error (device loop1): __ext4_fill_super:5399: inode #2: comm syz.1.2730: casefold flag without casefold feature
[  800.521090][T12934] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  800.530187][ T4329] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  800.570210][T12934] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  800.622086][   T27] audit: type=1800 audit(2000000138.559:113): pid=12934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2730" name="bus" dev="loop1" ino=18 res=0 errno=0
[  800.717851][T12946] loop3: detected capacity change from 0 to 256
[  800.728919][T12946] exfat: Bad value for 'uid'
[  800.751394][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  800.793955][ T4161] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  800.860539][ T3687] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  800.866416][T12948] loop1: detected capacity change from 0 to 512
[  800.892262][ T3687] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  800.900423][ T4329] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  800.925884][ T4329] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  800.935045][ T3687] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  800.962907][T12948] EXT4-fs (loop1): 1 orphan inode deleted
[  800.979112][T12948] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  800.980118][ T3687] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.990948][T12948] ext4 filesystem being mounted at /252/file1 supports timestamps until 2038 (0x7fffffff)
[  801.020363][ T4329] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  801.022123][   T27] audit: type=1804 audit(2000000138.959:114): pid=12948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2732" name="/newroot/252/file1/bus" dev="loop1" ino=16 res=1 errno=0
[  801.039590][ T4329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  801.069352][ T4329] usb 5-1: SerialNumber: syz
[  801.090159][T11407] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  801.225204][ T3687] usb 3-1: config 0 descriptor??
[  801.272315][ T3687] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  801.422654][ T4329] usb 5-1: 0:2 : does not exist
[  801.439271][ T4329] usb 5-1: unit 5 not found!
[  801.465985][T11407] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  801.498658][ T4329] usb 5-1: USB disconnect, device number 66
[  801.524215][T11407] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  801.540506][T11407] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  801.580483][T11407] usb 4-1: config 0 descriptor??
[  801.609823][T12578] EXT4-fs (loop0): unmounting filesystem.
[  801.635949][T11407] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  801.822075][T12970] loop0: detected capacity change from 0 to 16
[  801.829496][T12970] erofs: (device loop0): mounted with root inode @ nid 36.
[  801.851834][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  801.958908][T12975] loop1: detected capacity change from 0 to 512
[  802.047803][T12975] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  802.099665][T12975] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  802.109609][T12975] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038 (0x7fffffff)
[  802.522995][T12985] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  802.530333][T12985] IPv6: NLM_F_CREATE should be set when creating new route
[  803.232135][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  803.499530][ T4109] usb 3-1: USB disconnect, device number 67
[  804.084349][T12996] loop4: detected capacity change from 0 to 16
[  804.097517][T12996] erofs: (device loop4): mounted with root inode @ nid 36.
[  804.320002][ T3687] usb 4-1: USB disconnect, device number 59
[  804.718787][T12991] 9pnet_virtio: no channels available for device 
[  804.839098][   T27] audit: type=1326 audit(2000000142.769:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13001 comm="syz.2.2741" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f04179e79 code=0x0
[  804.883167][T13006] loop4: detected capacity change from 0 to 2048
[  804.888046][T13007] loop3: detected capacity change from 0 to 512
[  804.915417][T13007] EXT4-fs: Ignoring removed bh option
[  804.934754][T13007] EXT4-fs: inline encryption not supported
[  804.962254][T13006] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  804.972818][T13007] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.2743: inline data xattr refers to an external xattr inode
[  805.002188][T13014] loop0: detected capacity change from 0 to 512
[  805.040397][T13007] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.2743: couldn't read orphan inode 12 (err -117)
[  805.103393][T13014] EXT4-fs (loop0): 1 orphan inode deleted
[  805.119254][T13014] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  805.157637][T13014] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038 (0x7fffffff)
[  805.188799][T13007] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  805.213732][   T27] audit: type=1804 audit(2000000143.149:116): pid=13014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2745" name="/newroot/5/file1/bus" dev="loop0" ino=16 res=1 errno=0
[  806.297525][T12578] EXT4-fs (loop0): unmounting filesystem.
[  806.321185][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  806.331338][T13029] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2747'.
[  806.710237][T11407] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  806.777911][T13041] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  807.356221][T13043] loop0: detected capacity change from 0 to 16
[  807.393201][T13043] erofs: (device loop0): mounted with root inode @ nid 36.
[  807.867813][T13046] loop4: detected capacity change from 0 to 256
[  807.901099][T13046] exfat: Bad value for 'uid'
[  808.271695][ T6196] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  808.300357][T11407] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  808.330831][T11407] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  808.367811][T11407] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  808.398428][T11407] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.442237][ T1261] ieee802154 phy0 wpan0: encryption failed: -22
[  808.450615][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[  808.471141][T11407] usb 2-1: config 0 descriptor??
[  808.513386][T11407] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  808.690332][ T6196] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  808.819441][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  808.840262][ T6196] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  808.906901][ T6196] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  808.959693][ T6196] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  809.028407][ T6196] usb 5-1: config 0 descriptor??
[  809.112391][ T6196] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  809.153367][T13060] sctp: [Deprecated]: syz.3.2756 (pid 13060) Use of struct sctp_assoc_value in delayed_ack socket option.
[  809.153367][T13060] Use struct sctp_sack_info instead
[  809.516612][   T27] audit: type=1326 audit(2000000147.449:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13061 comm="syz.3.2757" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff09bf79e79 code=0x0
[  809.715054][T13069] loop0: detected capacity change from 0 to 512
[  809.791397][T13069] EXT4-fs (loop0): 1 orphan inode deleted
[  809.808049][T13069] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  809.829145][T13069] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038 (0x7fffffff)
[  809.905391][   T27] audit: type=1804 audit(2000000147.839:118): pid=13069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2759" name="/newroot/10/file1/bus" dev="loop0" ino=16 res=1 errno=0
[  810.326442][T13078] loop3: detected capacity change from 0 to 2048
[  810.440422][ T3651] Bluetooth: hci2: command tx timeout
[  810.469521][T13078] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  810.479388][T11407] usb 2-1: USB disconnect, device number 44
[  810.725753][T12578] EXT4-fs (loop0): unmounting filesystem.
[  811.389983][T11407] usb 5-1: USB disconnect, device number 67
[  811.482140][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  811.622412][T13092] loop4: detected capacity change from 0 to 16
[  811.662636][T13092] erofs: (device loop4): mounted with root inode @ nid 36.
[  811.983900][T13099] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  813.840427][T13101] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  814.299118][T13105] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2767'.
[  814.470319][T13107] sctp: [Deprecated]: syz.0.2768 (pid 13107) Use of struct sctp_assoc_value in delayed_ack socket option.
[  814.470319][T13107] Use struct sctp_sack_info instead
[  814.729260][   T27] audit: type=1326 audit(2000000152.659:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13110 comm="syz.1.2771" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7072f79e79 code=0x0
[  814.763486][T13115] 9pnet_virtio: no channels available for device syz
[  814.940149][T11407] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  814.977396][T13118] loop0: detected capacity change from 0 to 1024
[  814.991476][T13118] EXT4-fs: quotafile must be on filesystem root
[  815.450973][T11407] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  815.567435][T11407] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  815.824350][T11407] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  815.918324][T11407] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  815.948202][T13124] loop4: detected capacity change from 0 to 256
[  815.948633][T11407] usb 4-1: config 0 descriptor??
[  815.993496][T13124] exfat: Bad value for 'uid'
[  816.048307][T11407] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  816.103127][T13128] loop1: detected capacity change from 0 to 16
[  816.191631][T13128] erofs: (device loop1): mounted with root inode @ nid 36.
[  816.945056][T13137] loop2: detected capacity change from 0 to 128
[  819.668123][ T6196] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  819.709214][T13138] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  819.716506][T13138] IPv6: NLM_F_CREATE should be set when creating new route
[  819.724113][T13135] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  819.731407][T13135] IPv6: NLM_F_CREATE should be set when creating new route
[  819.866126][ T4109] usb 4-1: USB disconnect, device number 60
[  820.054302][T13143] sctp: [Deprecated]: syz.4.2783 (pid 13143) Use of struct sctp_assoc_value in delayed_ack socket option.
[  820.054302][T13143] Use struct sctp_sack_info instead
[  820.119171][T13149] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2782'.
[  820.592479][T13160] loop2: detected capacity change from 0 to 128
[  822.981825][T13176] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  823.463036][T13178] loop0: detected capacity change from 0 to 128
[  824.477779][T13181] loop3: detected capacity change from 0 to 256
[  824.530782][T13181] exfat: Bad value for 'uid'
[  824.571498][ T3894] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  824.799870][T13187] loop4: detected capacity change from 0 to 512
[  824.840284][T13189] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2797'.
[  824.860202][T10478] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  824.875977][T13187] EXT4-fs: Ignoring removed bh option
[  824.886463][ T6196] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  824.920685][T13187] EXT4-fs: inline encryption not supported
[  824.986932][T13187] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz.4.2796: inline data xattr refers to an external xattr inode
[  825.059021][T13187] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2796: couldn't read orphan inode 12 (err -117)
[  825.073026][T13187] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  825.264710][T10478] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  825.270309][ T6196] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  825.292621][T10478] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  825.304871][ T6196] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  825.348738][ T6196] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  825.357860][T10478] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  825.367732][T10478] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  825.406652][T10478] usb 4-1: config 0 descriptor??
[  825.418797][ T6196] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  825.462242][T10478] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  825.484131][ T6196] usb 2-1: config 0 descriptor??
[  825.552159][ T6196] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  826.291304][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  826.657382][T13215] loop4: detected capacity change from 0 to 128
[  827.335464][ T3938] kworker/u4:10: attempt to access beyond end of device
[  827.335464][ T3938] loop4: rw=1, sector=681, nr_sectors = 136 limit=128
[  827.479177][ T3687] usb 4-1: USB disconnect, device number 61
[  827.643490][ T4329] usb 2-1: USB disconnect, device number 45
[  827.912528][T13230] loop4: detected capacity change from 0 to 128
[  828.375116][T13232] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2808'.
[  828.923597][T13244] sctp: [Deprecated]: syz.4.2813 (pid 13244) Use of struct sctp_assoc_value in delayed_ack socket option.
[  828.923597][T13244] Use struct sctp_sack_info instead
[  828.923633][T13242] loop1: detected capacity change from 0 to 16
[  828.982328][T13242] erofs: (device loop1): mounted with root inode @ nid 36.
[  829.620501][T13252] loop0: detected capacity change from 0 to 128
[  830.545427][T13256] 9pnet_virtio: no channels available for device syz
[  830.586050][T13259] loop3: detected capacity change from 0 to 256
[  830.642379][T13259] exfat: Bad value for 'uid'
[  830.828470][T13272] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2823'.
[  830.977760][T13275] sctp: [Deprecated]: syz.4.2825 (pid 13275) Use of struct sctp_assoc_value in delayed_ack socket option.
[  830.977760][T13275] Use struct sctp_sack_info instead
[  830.996173][ T3687] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  831.125198][T13280] loop0: detected capacity change from 0 to 128
[  832.200637][ T3687] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  832.208587][T13279] loop4: detected capacity change from 0 to 16
[  832.308546][ T3687] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  832.318792][ T3687] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  832.324980][T13279] erofs: (device loop4): mounted with root inode @ nid 36.
[  832.332320][ T3687] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  832.357091][ T3687] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  832.577539][ T3687] usb 4-1: config 0 descriptor??
[  833.395927][T13299] loop1: detected capacity change from 0 to 128
[  834.150254][ T3687] usbhid 4-1:0.0: can't add hid device: -71
[  834.156301][ T3687] usbhid: probe of 4-1:0.0 failed with error -71
[  834.186436][ T3687] usb 4-1: USB disconnect, device number 62
[  834.276411][T13307] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2834'.
[  834.333219][T13310] loop4: detected capacity change from 0 to 512
[  834.393607][T13310] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  834.592266][T13310] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  834.615252][T13310] ext4 filesystem being mounted at /381/file0 supports timestamps until 2038 (0x7fffffff)
[  834.697491][T13321] loop1: detected capacity change from 0 to 16
[  834.847712][T13322] loop0: detected capacity change from 0 to 128
[  835.973638][T13321] erofs: (device loop1): mounted with root inode @ nid 36.
[  836.447309][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  837.497175][T13354] sctp: [Deprecated]: syz.2.2848 (pid 13354) Use of struct sctp_assoc_value in delayed_ack socket option.
[  837.497175][T13354] Use struct sctp_sack_info instead
[  837.526757][ T3651] Bluetooth: hci2: Malformed Event: 0x13
[  837.662843][T13357] loop3: detected capacity change from 0 to 512
[  837.691979][T13359] loop1: detected capacity change from 0 to 256
[  837.711271][T13357] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  837.717732][T13359] exfat: Bad value for 'uid'
[  837.833754][T13366] loop4: detected capacity change from 0 to 16
[  837.841008][ T4161] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  837.847347][T13357] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  837.880789][T13357] ext4 filesystem being mounted at /399/file0 supports timestamps until 2038 (0x7fffffff)
[  837.893259][T13366] erofs: (device loop4): mounted with root inode @ nid 36.
[  838.110192][T10112] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  839.263702][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  839.413061][T10112] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  839.448320][T13377] 9pnet_virtio: no channels available for device syz
[  839.462481][T10112] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  839.482692][T10112] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  839.537695][T10112] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  839.557160][T10112] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  839.600728][T10112] usb 2-1: config 0 descriptor??
[  839.650320][T10478] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  840.010231][T10478] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  840.034533][T10478] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  840.140617][T10112] usbhid 2-1:0.0: can't add hid device: -71
[  840.155781][T10112] usbhid: probe of 2-1:0.0 failed with error -71
[  840.160221][T10478] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  840.187650][T10478] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  840.224791][T10478] usb 5-1: SerialNumber: syz
[  840.278423][T10112] usb 2-1: USB disconnect, device number 46
[  840.532866][T10478] usb 5-1: 0:2 : does not exist
[  840.633888][T10478] usb 5-1: USB disconnect, device number 69
[  840.686727][ T4161] udevd[4161]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  841.447878][T13400] sctp: [Deprecated]: syz.0.2863 (pid 13400) Use of struct sctp_assoc_value in delayed_ack socket option.
[  841.447878][T13400] Use struct sctp_sack_info instead
[  841.539375][T13402] loop2: detected capacity change from 0 to 512
[  841.562629][T13402] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  841.693671][T13402] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  841.742805][T13402] ext4 filesystem being mounted at /216/file0 supports timestamps until 2038 (0x7fffffff)
[  841.791027][ T3650] Bluetooth: hci2: command tx timeout
[  842.500594][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  842.780294][   T27] audit: type=1326 audit(2000000638.705:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13427 comm="syz.2.2871" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f04179e79 code=0x0
[  843.330192][ T3687] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  843.648397][T13444] sctp: [Deprecated]: syz.2.2878 (pid 13444) Use of struct sctp_assoc_value in delayed_ack socket option.
[  843.648397][T13444] Use struct sctp_sack_info instead
[  843.721498][ T3687] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  843.762762][ T3687] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  843.897007][ T3687] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  843.910600][ T3687] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  843.936216][ T3687] usb 5-1: SerialNumber: syz
[  844.078865][T13458] loop0: detected capacity change from 0 to 512
[  844.124034][T13458] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  844.215909][T13458] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  844.250231][T13458] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038 (0x7fffffff)
[  844.263196][ T3687] usb 5-1: 0:2 : does not exist
[  844.340504][ T3687] usb 5-1: USB disconnect, device number 70
[  844.452685][ T4161] udevd[4161]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  844.479102][T13470] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2887'.
[  845.210571][T12578] EXT4-fs (loop0): unmounting filesystem.
[  845.273281][T13478] sctp: [Deprecated]: syz.4.2890 (pid 13478) Use of struct sctp_assoc_value in delayed_ack socket option.
[  845.273281][T13478] Use struct sctp_sack_info instead
[  845.306454][   T27] audit: type=1326 audit(2000000641.235:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13475 comm="syz.2.2889" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f04179e79 code=0x0
[  846.290228][ T4109] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  846.710584][ T4109] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  846.825364][ T4109] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  846.835546][ T4109] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  846.855026][ T4109] usb 5-1: config 0 descriptor??
[  846.902438][ T4109] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  846.941107][T13508] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2900'.
[  847.033813][T13510] loop3: detected capacity change from 0 to 512
[  847.078758][T13510] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  847.140412][T13510] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  847.149370][T13510] ext4 filesystem being mounted at /410/file0 supports timestamps until 2038 (0x7fffffff)
[  847.159708][T10478] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  847.470375][ T3650] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  847.485551][ T3650] Bluetooth: hci2: Injecting HCI hardware error event
[  847.498638][ T3651] Bluetooth: hci2: hardware error 0x00
[  847.564728][T13523] loop1: detected capacity change from 0 to 128
[  848.726877][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  848.820239][T10478] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  848.840213][T10478] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  848.920338][T10478] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  848.959909][T10478] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  848.980158][T10478] usb 3-1: SerialNumber: syz
[  849.302552][T10478] usb 3-1: 0:2 : does not exist
[  849.418595][T10478] usb 3-1: USB disconnect, device number 68
[  849.587300][ T4161] udevd[4161]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  849.626744][T13541] loop3: detected capacity change from 0 to 512
[  849.697299][T13541] EXT4-fs (loop3): 1 orphan inode deleted
[  849.707932][T13541] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  849.719541][   T27] audit: type=1326 audit(2000000645.655:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13537 comm="syz.1.2909" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7072f79e79 code=0x0
[  849.808564][T11407] usb 5-1: USB disconnect, device number 71
[  849.865892][T13541] ext4 filesystem being mounted at /413/file1 supports timestamps until 2038 (0x7fffffff)
[  850.045444][   T27] audit: type=1804 audit(2000000645.975:123): pid=13541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2910" name="/newroot/413/file1/bus" dev="loop3" ino=16 res=1 errno=0
[  850.243271][T13550] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  850.770366][ T3651] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  850.997844][T13556] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2914'.
[  851.157738][T13560] loop2: detected capacity change from 0 to 256
[  851.168130][T13559] loop4: detected capacity change from 0 to 512
[  851.205685][T13559] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  851.252010][ T4161] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  851.416553][T13559] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  851.438185][T13559] ext4 filesystem being mounted at /396/file0 supports timestamps until 2038 (0x7fffffff)
[  851.986677][T13565] loop2: detected capacity change from 0 to 4096
[  852.608917][T13569] loop0: detected capacity change from 0 to 16
[  852.747435][T13569] erofs: (device loop0): mounted with root inode @ nid 36.
[  852.786956][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  852.913505][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  854.331663][   T27] audit: type=1326 audit(2000000650.265:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13582 comm="syz.1.2924" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7072f79e79 code=0x0
[  854.478643][T13602] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  855.209712][T13604] loop2: detected capacity change from 0 to 2048
[  855.263854][T13608] loop0: detected capacity change from 0 to 512
[  855.331450][T13604] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  855.447068][T13608] EXT4-fs (loop0): 1 orphan inode deleted
[  855.490673][T13608] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  855.704137][T13614] loop3: detected capacity change from 0 to 4096
[  855.894026][T13608] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038 (0x7fffffff)
[  856.083290][ T9724] EXT4-fs (loop2): unmounting filesystem.
[  856.191894][   T27] audit: type=1804 audit(2000000652.125:125): pid=13617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2931" name="/newroot/51/file1/bus" dev="loop0" ino=18 res=1 errno=0
[  856.192927][T13616] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2932'.
[  856.538668][T13626] loop1: detected capacity change from 0 to 16
[  856.555840][T13627] loop3: detected capacity change from 0 to 1024
[  856.598963][T13627] EXT4-fs: quotafile must be on filesystem root
[  856.610168][T13626] erofs: (device loop1): mounted with root inode @ nid 36.
[  859.955876][T13643] loop1: detected capacity change from 0 to 16
[  859.975334][T13643] erofs: (device loop1): mounted with root inode @ nid 36.
[  860.177557][T13645] sctp: [Deprecated]: syz.4.2941 (pid 13645) Use of struct sctp_assoc_value in delayed_ack socket option.
[  860.177557][T13645] Use struct sctp_sack_info instead
[  860.288079][T13648] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  860.295351][T13648] IPv6: NLM_F_CREATE should be set when creating new route
[  861.003010][T12578] EXT4-fs (loop0): unmounting filesystem.
[  861.101505][T13653] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  861.281934][T13655] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2945'.
[  862.031218][T13666] loop0: detected capacity change from 0 to 128
[  862.066557][   T26] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  862.740953][   T26] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  862.789300][T13672] loop4: detected capacity change from 0 to 1024
[  862.810313][   T26] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  862.840853][T13672] EXT4-fs: quotafile must be on filesystem root
[  862.847539][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  862.911340][   T26] usb 2-1: config 0 descriptor??
[  862.961024][ T3894] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  862.982342][   T26] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  864.865344][ T3636] usb 2-1: USB disconnect, device number 47
[  864.931963][T13686] loop3: detected capacity change from 0 to 16
[  864.995166][T13686] erofs: (device loop3): mounted with root inode @ nid 36.
[  865.244449][T13695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2958'.
[  865.329730][T13696] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  866.088003][T13705] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  867.299792][T13712] loop3: detected capacity change from 0 to 4096
[  867.730400][   T26] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  868.043541][T13717] loop1: detected capacity change from 0 to 128
[  868.127234][ T4161] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  868.170270][   T26] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  868.213059][   T26] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  868.432668][T13721] loop0: detected capacity change from 0 to 128
[  869.220300][   T26] usb 3-1: string descriptor 0 read error: -71
[  869.233400][   T26] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  869.262276][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  869.290291][   T26] usb 3-1: can't set config #1, error -71
[  869.313292][   T26] usb 3-1: USB disconnect, device number 69
[  869.364826][T13732] loop2: detected capacity change from 0 to 1024
[  869.383371][T13732] EXT4-fs: quotafile must be on filesystem root
[  869.453066][ T4161] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  869.716666][T11407] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  870.021011][ T1261] ieee802154 phy0 wpan0: encryption failed: -22
[  870.040347][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[  870.590620][T11407] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  870.607720][T11407] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  870.612820][T13740] loop2: detected capacity change from 0 to 16
[  870.682408][T11407] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  870.690353][T13740] erofs: (device loop2): mounted with root inode @ nid 36.
[  870.713518][T11407] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  870.742939][T11407] usb 5-1: config 0 descriptor??
[  870.802440][T11407] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  870.995263][T13743] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  871.002582][T13743] IPv6: NLM_F_CREATE should be set when creating new route
[  871.787241][T13752] loop1: detected capacity change from 0 to 512
[  871.849338][T13752] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  871.894510][T13752] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  871.914329][T13752] ext4 filesystem being mounted at /292/file0 supports timestamps until 2038 (0x7fffffff)
[  872.794889][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  872.866830][ T3682] usb 5-1: USB disconnect, device number 72
[  873.241036][T13767] loop3: detected capacity change from 0 to 128
[  874.951445][T13773] loop3: detected capacity change from 0 to 16
[  874.971603][T13775] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2982'.
[  874.999599][T13773] erofs: (device loop3): mounted with root inode @ nid 36.
[  875.061523][T13777] loop0: detected capacity change from 0 to 1024
[  875.068398][T13777] EXT4-fs: quotafile must be on filesystem root
[  876.170451][T13784] loop1: detected capacity change from 0 to 128
[  876.356081][ T3646] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  876.367849][ T3646] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  876.376561][ T3646] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  876.385600][ T3646] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  876.393523][ T3646] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  876.401610][ T3646] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  876.486325][T13792] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  876.493620][T13792] IPv6: NLM_F_CREATE should be set when creating new route
[  876.499284][T13791] loop0: detected capacity change from 0 to 16
[  876.560476][T13791] erofs: (device loop0): mounted with root inode @ nid 36.
[  877.637329][T13798] loop0: detected capacity change from 0 to 512
[  877.780212][T13798] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  877.833130][T13787] chnl_net:caif_netlink_parms(): no params data found
[  877.881252][T13798] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  877.938438][T13798] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038 (0x7fffffff)
[  878.199909][T13787] bridge0: port 1(bridge_slave_0) entered blocking state
[  878.257572][T13787] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.266365][T13787] device bridge_slave_0 entered promiscuous mode
[  878.275954][T13787] bridge0: port 2(bridge_slave_1) entered blocking state
[  878.300242][T13787] bridge0: port 2(bridge_slave_1) entered disabled state
[  878.316546][T13787] device bridge_slave_1 entered promiscuous mode
[  878.458183][ T3651] Bluetooth: hci3: command tx timeout
[  878.688722][T13787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  878.771959][T13787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  878.880900][T12578] EXT4-fs (loop0): unmounting filesystem.
[  879.001658][T13787] team0: Port device team_slave_0 added
[  879.009494][T13787] team0: Port device team_slave_1 added
[  879.086178][T13814] loop0: detected capacity change from 0 to 128
[  879.104541][T13787] batman_adv: batadv0: Adding interface: batadv_slave_0
[  879.136093][T13787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  879.164677][T13814] FAT-fs (loop0): Unrecognized mount option "00000000000000000000000��1�N���7%���
̏��I����;n�-�Y]����T)��'�[�HF���+$g�*X���+���6�
[  879.164677][T13814] ��E+�^D$K�c�w��=�U�`ļ������[M��e
�z�'(EX>�㨺�ł��ޟo��H��6YJҧ.�0f��a�3�~�b)K������FY�طom"<F���>�	����" or missing value
[  879.213193][T13787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  879.239051][T13787] batman_adv: batadv0: Adding interface: batadv_slave_1
[  879.246324][T13787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  879.285641][T13787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  880.279727][ T3938] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  880.361737][T13826] loop1: detected capacity change from 0 to 128
[  880.581677][ T3646] Bluetooth: hci3: command tx timeout
[  880.968798][T13829] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2992'.
[  881.100865][ T3938] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.175486][T13834] loop1: detected capacity change from 0 to 1024
[  881.214481][T13834] EXT4-fs: quotafile must be on filesystem root
[  881.292243][T13787] device hsr_slave_0 entered promiscuous mode
[  881.361366][ T4161] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  883.050378][ T3651] Bluetooth: hci3: command tx timeout
[  883.089486][T13787] device hsr_slave_1 entered promiscuous mode
[  883.158056][T13787] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  883.208348][T13847] loop3: detected capacity change from 0 to 512
[  883.227862][T13787] Cannot create hsr debugfs directory
[  883.233616][T13847] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  883.386448][ T3938] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.454907][T13853] loop1: detected capacity change from 0 to 16
[  883.462719][T13847] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  883.502841][T13847] ext4 filesystem being mounted at /432/file0 supports timestamps until 2038 (0x7fffffff)
[  883.544239][T13853] erofs: (device loop1): mounted with root inode @ nid 36.
[  883.571865][ T3938] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.593091][ T6900] EXT4-fs (loop3): unmounting filesystem.
[  885.070296][ T3651] Bluetooth: hci3: command tx timeout
[  885.411227][T13875] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3004'.
[  885.462609][T13872] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  885.469907][T13872] IPv6: NLM_F_CREATE should be set when creating new route
[  887.230430][T13787] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  887.302631][T13787] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  887.360039][T13905] loop3: detected capacity change from 0 to 1024
[  887.381130][T13905] EXT4-fs: quotafile must be on filesystem root
[  887.467972][T13787] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  887.476185][ T4161] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  887.509533][T13787] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  889.050820][T13909] loop0: detected capacity change from 0 to 16
[  889.298180][T13909] erofs: (device loop0): mounted with root inode @ nid 36.
[  889.432640][T13915] loop1: detected capacity change from 0 to 128
[  889.452956][T13918] loop4: detected capacity change from 0 to 512
[  889.471988][T13918] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  889.520560][T13915] FAT-fs (loop1): Unrecognized mount option "00000000000000000000000��1�N���7%���
̏��I����;n�-�Y]����T)��'�[�HF���+$g�*X���+���6�
[  889.520560][T13915] ��E+�^D$K�c�w��=�U�`ļ������[M��e
�z�'(EX>�㨺�ł��ޟo��H��6YJҧ.�0f��a�3�~�b)K������FY�طom"<F���>�	����" or missing value
[  889.620017][T13787] 8021q: adding VLAN 0 to HW filter on device bond0
[  889.639030][T13787] 8021q: adding VLAN 0 to HW filter on device team0
[  889.672785][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  889.711882][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  889.731285][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  889.736626][T13918] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  889.792824][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  889.812786][T13918] ext4 filesystem being mounted at /419/file0 supports timestamps until 2038 (0x7fffffff)
[  889.836915][ T3861] bridge0: port 1(bridge_slave_0) entered blocking state
[  889.844074][ T3861] bridge0: port 1(bridge_slave_0) entered forwarding state
[  890.691418][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  890.705897][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  890.753970][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  890.799924][ T3861] bridge0: port 2(bridge_slave_1) entered blocking state
[  890.807127][ T3861] bridge0: port 2(bridge_slave_1) entered forwarding state
[  890.870521][T13938] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  890.877758][T13938] IPv6: NLM_F_CREATE should be set when creating new route
[  890.908568][T13914] loop1: detected capacity change from 0 to 40427
[  890.957684][ T6666] EXT4-fs (loop4): unmounting filesystem.
[  890.977567][T13914] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  891.015522][T13914] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  891.073865][T13914] F2FS-fs (loop1): invalid crc value
[  891.086683][ T3938] device hsr_slave_0 left promiscuous mode
[  891.115225][ T3938] device hsr_slave_1 left promiscuous mode
[  891.135064][T13914] F2FS-fs (loop1): Current segment's next free block offset is inconsistent with bitmap, logtype:5, segno:2, type:0, next_blkoff:0, blkofs:1
[  891.186012][ T3938] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  891.270279][ T3938] batman_adv: batadv0: Removing interface: batadv_slave_0
[  891.275663][T13914] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-117)
[  891.304830][ T3938] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  891.313809][ T3938] batman_adv: batadv0: Removing interface: batadv_slave_1
[  891.329148][ T3938] device bridge_slave_1 left promiscuous mode
[  891.336931][ T3938] bridge0: port 2(bridge_slave_1) entered disabled state
[  891.357475][ T3938] device bridge_slave_0 left promiscuous mode
[  891.364581][ T3938] bridge0: port 1(bridge_slave_0) entered disabled state
[  891.769613][ T3938] device veth1_macvtap left promiscuous mode
[  891.802084][ T3938] device veth0_macvtap left promiscuous mode
[  891.808202][ T3938] device veth1_vlan left promiscuous mode
[  891.820465][ T3938] device veth0_vlan left promiscuous mode
[  892.009061][T13914] loop1: detected capacity change from 0 to 128
[  892.059437][T13914] EXT4-fs (loop1): Test dummy encryption mode enabled
[  892.109001][T13914] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  892.134675][T13914] ext4 filesystem being mounted at /298/mnt supports timestamps until 2038 (0x7fffffff)
[  892.941606][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  893.249808][T13971] input: syz1 as /devices/virtual/input/input20
[  893.302493][ T3938] team0 (unregistering): Port device team_slave_1 removed
[  893.346038][ T3938] team0 (unregistering): Port device team_slave_0 removed
[  893.396487][ T3938] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  893.441699][ T3938] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  893.885920][ T3938] bond0 (unregistering): Released all slaves
[  893.971007][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  893.987856][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  893.997103][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  894.015317][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  894.038114][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  894.047279][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  894.060659][T13951] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3014'.
[  894.084538][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  894.121871][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  894.147743][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  894.156517][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  894.167313][ T3861] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  894.189734][T13787] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  894.309981][T13979] Bluetooth: MGMT ver 1.22
[  894.340814][T13979] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes
[  894.477799][   T27] audit: type=1326 audit(2000000690.405:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13976 comm="syz.3.3019" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff09bf79e79 code=0x0
[  894.632474][T13989] loop1: detected capacity change from 0 to 128
[  894.654391][T13987] loop0: detected capacity change from 0 to 1024
[  894.700795][T13987] EXT4-fs: quotafile must be on filesystem root
[  894.774710][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  894.791105][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  894.880398][T13787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  894.927491][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  894.954473][ T3919] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  895.624495][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  895.643786][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  895.717786][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  895.745599][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  895.772238][T13787] device veth0_vlan entered promiscuous mode
[  895.856536][T13787] device veth1_vlan entered promiscuous mode
[  895.938270][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  895.938895][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  895.939284][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  895.939815][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  895.957946][T13787] device veth0_macvtap entered promiscuous mode
[  895.986534][T13787] device veth1_macvtap entered promiscuous mode
[  896.060069][T13787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.061482][T13787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.061560][T13787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.061609][T13787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.061724][T13787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.061772][T13787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.061811][T13787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  896.061857][T13787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.068155][T13787] batman_adv: batadv0: Interface activated: batadv_slave_0
[  896.068307][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  896.068984][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  896.069631][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  896.070352][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  896.099397][T13787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.099419][T13787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.099432][T13787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.099445][T13787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.099457][T13787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.099469][T13787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.099481][T13787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  896.099494][T13787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  896.112720][T13787] batman_adv: batadv0: Interface activated: batadv_slave_1
[  896.112839][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  896.113518][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  896.144122][T13787] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  896.144157][T13787] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  896.144185][T13787] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  896.144212][T13787] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  896.674566][T14008] loop0: detected capacity change from 0 to 16
[  896.714765][T14008] erofs: (device loop0): mounted with root inode @ nid 36.
[  897.275256][ T1060] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  897.316604][T14016] 9pnet_fd: Insufficient options for proto=fd
[  897.330228][ T1060] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  897.411864][ T1060] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  897.426579][ T4172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  897.507093][T14022] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  897.603087][ T4172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  897.778639][T14026] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes
[  897.797357][T14026] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  897.806791][T14026] isofs_fill_super: bread failed, dev=loop4, iso_blknum=16, block=32
[  897.959969][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  898.278534][T14027] loop3: detected capacity change from 0 to 256
[  898.345595][T14027] FAT-fs (loop3): Directory bread(block 64) failed
[  898.400520][T14027] FAT-fs (loop3): Directory bread(block 65) failed
[  898.407169][T14027] FAT-fs (loop3): Directory bread(block 66) failed
[  898.462438][T14027] FAT-fs (loop3): Directory bread(block 67) failed
[  898.495022][T14027] FAT-fs (loop3): Directory bread(block 68) failed
[  898.510318][T14027] FAT-fs (loop3): Directory bread(block 69) failed
[  898.527130][T14027] FAT-fs (loop3): Directory bread(block 70) failed
[  898.536292][T14027] FAT-fs (loop3): Directory bread(block 71) failed
[  898.560247][T14027] FAT-fs (loop3): Directory bread(block 72) failed
[  898.566794][T14027] FAT-fs (loop3): Directory bread(block 73) failed
[  898.962487][   T27] audit: type=1326 audit(2000000694.895:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14023 comm="syz.3.3034" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff09bf79e79 code=0x0
[  899.473947][   T27] audit: type=1326 audit(2000000695.405:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14038 comm="syz.4.3036" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f82b7f79e79 code=0x0
[  899.495764][    C1] vkms_vblank_simulate: vblank timer overrun
[  899.500313][ T3636] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  899.521125][ T1060] kworker/u4:5: attempt to access beyond end of device
[  899.521125][ T1060] loop3: rw=1, sector=1224, nr_sectors = 4 limit=256
[  899.545455][T14042] syz.0.3037[14042] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  899.545548][T14042] syz.0.3037[14042] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  899.642267][   T27] audit: type=1326 audit(2000000695.575:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.3037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc32df79e79 code=0x7ffc0000
[  899.778619][   T27] audit: type=1326 audit(2000000695.595:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14041 comm="syz.0.3037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc32df79e79 code=0x7ffc0000
[  900.059828][ T3636] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  900.315959][ T3636] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  900.420475][ T3636] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  900.559439][ T3636] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  900.576126][ T3636] usb 3-1: SerialNumber: syz
[  900.674940][T14060] loop4: detected capacity change from 0 to 128
[  900.871656][ T3636] usb 3-1: 0:2 : does not exist
[  900.913019][ T3636] usb 3-1: USB disconnect, device number 70
[  900.966765][ T4161] udevd[4161]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  901.069495][T14066] loop0: detected capacity change from 0 to 16
[  901.087352][T14066] erofs: (device loop0): mounted with root inode @ nid 36.
[  902.815092][T14074] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  903.104708][T14086] loop3: detected capacity change from 0 to 1024
[  903.115367][T14081] loop0: detected capacity change from 0 to 2048
[  903.131324][T14086] EXT4-fs: quotafile must be on filesystem root
[  903.321047][T14081] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  903.613755][T14089] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  904.142493][T12578] EXT4-fs (loop0): unmounting filesystem.
[  905.323181][T14119] loop1: detected capacity change from 0 to 16
[  905.413475][T14119] erofs: (device loop1): mounted with root inode @ nid 36.
[  906.506466][T14133] loop4: detected capacity change from 0 to 1024
[  906.521932][T14133] EXT4-fs: quotafile must be on filesystem root
[  907.453266][T14141] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  907.919974][T14145] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  907.927257][T14145] IPv6: NLM_F_CREATE should be set when creating new route
[  908.098377][T14149] loop3: detected capacity change from 0 to 128
[  908.673861][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3072'.
[  909.004160][T14163] loop1: detected capacity change from 0 to 512
[  909.041688][T14163] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  909.122577][T14163] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  909.150493][T14163] ext4 filesystem being mounted at /308/file0 supports timestamps until 2038 (0x7fffffff)
[  909.760317][ T3959] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[  910.183517][ T7997] EXT4-fs (loop1): unmounting filesystem.
[  910.297808][T14176] loop2: detected capacity change from 0 to 128
[  910.369228][ T3959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  910.674612][ T3959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  910.907425][ T3959] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  910.948968][ T3959] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  910.958798][ T3959] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  910.997188][ T3959] usb 1-1: config 0 descriptor??
[  911.306075][T14181] loop3: detected capacity change from 0 to 1024
[  911.338022][T14181] EXT4-fs: quotafile must be on filesystem root
[  911.660689][ T3959] usbhid 1-1:0.0: can't add hid device: -71
[  911.667125][ T3959] usbhid: probe of 1-1:0.0 failed with error -71
[  911.791162][ T3959] usb 1-1: USB disconnect, device number 72
[  912.450826][T14194] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3085'.
[  912.473423][T14196] loop0: detected capacity change from 0 to 256
[  912.507699][T14196] exfat: Bad value for 'uid'
[  912.668274][T14200] loop3: detected capacity change from 0 to 256
[  912.839160][T14200] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  912.986457][T14206] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  913.020380][ T3636] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[  913.460803][ T3636] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  913.582211][ T3636] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  913.642584][ T3636] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  913.730161][ T3636] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  914.503899][T14218] loop1: detected capacity change from 0 to 128
[  915.030372][T14215] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes
[  915.048060][T14215] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  915.057974][T14215] isofs_fill_super: bread failed, dev=loop4, iso_blknum=16, block=32
[  915.131305][T14215] loop4: detected capacity change from 0 to 1024
[  915.166984][ T3636] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  915.315944][T14215] hfsplus: request for non-existent node -709361664 in B*Tree
[  915.323657][T14215] hfsplus: request for non-existent node -709361664 in B*Tree
[  915.336090][T14215] hfsplus: b-tree write err: -5, ino 8
[  915.419697][ T3636] usb 1-1: config 0 descriptor??
[  915.520458][ T3636] usb 1-1: can't set config #0, error -71
[  915.528784][ T3636] usb 1-1: USB disconnect, device number 73
[  915.668628][T14222] loop3: detected capacity change from 0 to 256
[  915.681538][T14222] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  915.940469][T14224] loop0: detected capacity change from 0 to 128
[  916.788100][T14233] loop1: detected capacity change from 0 to 1024
[  916.801109][T14235] loop0: detected capacity change from 0 to 1024
[  916.818840][T14235] EXT4-fs (loop0): unsupported descriptor size 129
[  916.866067][T14233] EXT4-fs: quotafile must be on filesystem root
[  916.970324][ T3682] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  917.380348][ T3682] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  917.555060][ T3682] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  917.565750][ T3682] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  917.584869][ T3682] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  917.594552][ T3682] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  917.597601][T14246] loop3: detected capacity change from 0 to 256
[  917.606480][ T3682] usb 5-1: config 0 descriptor??
[  917.689956][T14249] loop2: detected capacity change from 0 to 2048
[  917.734111][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.757560][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.787810][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.792662][T14252] loop0: detected capacity change from 0 to 128
[  917.816995][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.834909][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.855141][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.871113][T14254] loop3: detected capacity change from 0 to 256
[  917.878724][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.903343][T14254] exfat: Bad value for 'uid'
[  917.908933][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.920160][T14252] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  917.929315][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  917.943601][ T4161] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  917.970789][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  918.000888][T14249] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=385, location=385
[  918.018197][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  918.032968][T14249] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  918.048894][T14249] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  918.145824][ T3682] usbhid 5-1:0.0: can't add hid device: -71
[  918.153632][ T3682] usbhid: probe of 5-1:0.0 failed with error -71
[  918.186904][ T3682] usb 5-1: USB disconnect, device number 73
[  918.241632][    T7] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  918.548208][T14259] loop2: detected capacity change from 0 to 128
[  918.804825][T10111] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  919.539971][T14267] loop4: detected capacity change from 0 to 128
[  919.600570][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  919.995290][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  920.192962][    T7] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  920.248402][    T7] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  920.275137][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  920.299112][    T7] usb 4-1: config 0 descriptor??
[  920.962168][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.004802][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.039300][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.103591][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.178327][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.326031][T14289] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes
[  921.335607][T14289] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  921.344975][T14289] isofs_fill_super: bread failed, dev=loop4, iso_blknum=16, block=32
[  921.364185][T14289] loop4: detected capacity change from 0 to 1024
[  921.410310][T14289] hfsplus: request for non-existent node -709361664 in B*Tree
[  921.417894][T14289] hfsplus: request for non-existent node -709361664 in B*Tree
[  921.427398][T14289] hfsplus: b-tree write err: -5, ino 8
[  921.604754][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.614646][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.614677][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.614700][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.614723][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.666065][    T7] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0
[  921.686404][    T7] plantronics 0003:047F:FFFF.0020: No inputs registered, leaving
[  921.726620][    T7] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  921.851145][    T7] usb 4-1: USB disconnect, device number 63
[  922.733497][T14303] loop4: detected capacity change from 0 to 128
[  922.805296][T14303] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  923.154196][T14315] loop0: detected capacity change from 0 to 128
[  923.900225][    T7] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  923.979406][T14319] loop1: detected capacity change from 0 to 1024
[  923.994192][T14319] EXT4-fs: quotafile must be on filesystem root
[  924.030655][ T1060] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  924.050162][ T4161] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  924.314657][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  924.593833][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  924.624616][    T7] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  924.666365][    T7] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  924.686408][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  924.702557][    T7] usb 4-1: config 0 descriptor??
[  924.812079][T14330] loop2: detected capacity change from 0 to 512
[  925.687437][T14330] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  925.706855][T14330] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038 (0x7fffffff)
[  925.743706][T14330] 
[  925.746068][T14330] ======================================================
[  925.753088][T14330] WARNING: possible circular locking dependency detected
[  925.760103][T14330] 6.1.105-syzkaller #0 Not tainted
[  925.765210][T14330] ------------------------------------------------------
[  925.772222][T14330] syz.2.3123/14330 is trying to acquire lock:
[  925.778290][T14330] ffff88802319f0e0 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x955/0x1cb0
[  925.787806][T14330] 
[  925.787806][T14330] but task is already holding lock:
[  925.795170][T14330] ffff888053264208 (&s->s_dquot.dqio_sem){++++}-{3:3}, at: v2_write_dquot+0x9b/0x190
[  925.804679][T14330] 
[  925.804679][T14330] which lock already depends on the new lock.
[  925.804679][T14330] 
[  925.815085][T14330] 
[  925.815085][T14330] the existing dependency chain (in reverse order) is:
[  925.824098][T14330] 
[  925.824098][T14330] -> #2 (&s->s_dquot.dqio_sem){++++}-{3:3}:
[  925.828112][T14340] loop4: detected capacity change from 0 to 256
[  925.832178][T14330]        lock_acquire+0x1f8/0x5a0
[  925.832208][T14330]        down_read+0xad/0xa30
[  925.832224][T14330]        v2_read_dquot+0x4a/0x100
[  925.832246][T14330]        dquot_acquire+0x188/0x680
[  925.856260][T14340] exfat: Bad value for 'uid'
[  925.858274][T14330]        ext4_acquire_dquot+0x2eb/0x4a0
[  925.868406][T14330]        dqget+0x74e/0xe30
[  925.872836][T14330]        __dquot_initialize+0x2d9/0xea0
[  925.878392][T14330]        ext4_create+0xb1/0x550
[  925.883248][T14330]        path_openat+0x12f1/0x2e60
[  925.888366][T14330]        do_filp_open+0x230/0x480
[  925.893395][T14330]        do_sys_openat2+0x13b/0x4f0
[  925.898605][T14330]        __x64_sys_creat+0x11f/0x160
[  925.903900][T14330]        do_syscall_64+0x3b/0xb0
[  925.908845][T14330]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  925.915266][T14330] 
[  925.915266][T14330] -> #1 (&dquot->dq_lock){+.+.}-{3:3}:
[  925.922922][T14330]        lock_acquire+0x1f8/0x5a0
[  925.927963][T14330]        __mutex_lock+0x132/0xd80
[  925.933025][T14330]        dquot_commit+0x57/0x510
[  925.937980][T14330]        ext4_write_dquot+0x1fd/0x360
[  925.943370][T14330]        mark_all_dquot_dirty+0xf7/0x400
[  925.949019][T14330]        __dquot_alloc_space+0xb68/0x10e0
[  925.954757][T14330]        ext4_mb_new_blocks+0x1302/0x4b80
[  925.960500][T14330]        ext4_ext_map_blocks+0x1c1c/0x7ab0
[  925.966322][T14330]        ext4_map_blocks+0xa2b/0x1cb0
[  925.971702][T14330]        _ext4_get_block+0x23b/0x660
[  925.976992][T14330]        ext4_get_block_unwritten+0x2b/0x100
[  925.982979][T14330]        ext4_block_write_begin+0x631/0x1400
[  925.988971][T14330]        ext4_write_begin+0x638/0xf80
[  925.994363][T14330]        ext4_da_write_begin+0x30a/0x9c0
[  926.000013][T14330]        generic_perform_write+0x2fc/0x5e0
[  926.005834][T14330]        ext4_buffered_write_iter+0x122/0x3a0
[  926.011927][T14330]        ext4_file_write_iter+0x1d2/0x1880
[  926.017755][T14330]        vfs_write+0x857/0xbc0
[  926.022532][T14330]        ksys_write+0x19c/0x2c0
[  926.027483][T14330]        do_syscall_64+0x3b/0xb0
[  926.032447][T14330]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  926.038872][T14330] 
[  926.038872][T14330] -> #0 (&ei->i_data_sem/2){++++}-{3:3}:
[  926.046798][T14330]        validate_chain+0x1661/0x5950
[  926.052176][T14330]        __lock_acquire+0x125b/0x1f80
[  926.057646][T14330]        lock_acquire+0x1f8/0x5a0
[  926.062688][T14330]        down_write+0x36/0x60
[  926.067360][T14330]        ext4_map_blocks+0x955/0x1cb0
[  926.072724][T14330]        ext4_getblk+0x1eb/0x7c0
[  926.077643][T14330]        ext4_bread+0x2a/0x170
[  926.082395][T14330]        ext4_quota_write+0x21e/0x570
[  926.087750][T14330]        get_free_dqblk+0x340/0x6c0
[  926.093015][T14330]        do_insert_tree+0x299/0x1ae0
[  926.098292][T14330]        do_insert_tree+0x72a/0x1ae0
[  926.103597][T14330]        do_insert_tree+0x72a/0x1ae0
[  926.108913][T14330]        qtree_write_dquot+0x3b9/0x530
[  926.114355][T14330]        v2_write_dquot+0x11c/0x190
[  926.119537][T14330]        dquot_acquire+0x34d/0x680
[  926.124631][T14330]        ext4_acquire_dquot+0x2eb/0x4a0
[  926.130178][T14330]        dqget+0x74e/0xe30
[  926.134611][T14330]        __dquot_initialize+0x45e/0xea0
[  926.140174][T14330]        ext4_setattr+0x53f/0x1a00
[  926.145309][T14330]        notify_change+0xce3/0xfc0
[  926.150438][T14330]        chown_common+0x5aa/0x900
[  926.155469][T14330]        do_fchownat+0x169/0x240
[  926.160398][T14330]        __x64_sys_chown+0x7e/0x90
[  926.165519][T14330]        do_syscall_64+0x3b/0xb0
[  926.170450][T14330]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  926.176847][T14330] 
[  926.176847][T14330] other info that might help us debug this:
[  926.176847][T14330] 
[  926.187053][T14330] Chain exists of:
[  926.187053][T14330]   &ei->i_data_sem/2 --> &dquot->dq_lock --> &s->s_dquot.dqio_sem
[  926.187053][T14330] 
[  926.200688][T14330]  Possible unsafe locking scenario:
[  926.200688][T14330] 
[  926.208128][T14330]        CPU0                    CPU1
[  926.213473][T14330]        ----                    ----
[  926.218817][T14330]   lock(&s->s_dquot.dqio_sem);
[  926.223651][T14330]                                lock(&dquot->dq_lock);
[  926.230566][T14330]                                lock(&s->s_dquot.dqio_sem);
[  926.237918][T14330]   lock(&ei->i_data_sem/2);
[  926.242495][T14330] 
[  926.242495][T14330]  *** DEADLOCK ***
[  926.242495][T14330] 
[  926.250616][T14330] 4 locks held by syz.2.3123/14330:
[  926.255801][T14330]  #0: ffff888053264460 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80
[  926.264944][T14330]  #1: ffff8880749d9810 (&type->i_mutex_dir_key#3){++++}-{3:3}, at: chown_common+0x3e5/0x900
[  926.275105][T14330]  #2: ffff888057027928 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_acquire+0x64/0x680
[  926.284478][T14330]  #3: ffff888053264208 (&s->s_dquot.dqio_sem){++++}-{3:3}, at: v2_write_dquot+0x9b/0x190
[  926.294377][T14330] 
[  926.294377][T14330] stack backtrace:
[  926.300251][T14330] CPU: 0 PID: 14330 Comm: syz.2.3123 Not tainted 6.1.105-syzkaller #0
[  926.308400][T14330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  926.318439][T14330] Call Trace:
[  926.321715][T14330]  <TASK>
[  926.324639][T14330]  dump_stack_lvl+0x1e3/0x2cb
[  926.329303][T14330]  ? nf_tcp_handle_invalid+0x642/0x642
[  926.334750][T14330]  ? print_circular_bug+0x12b/0x1a0
[  926.339930][T14330]  check_noncircular+0x2fa/0x3b0
[  926.344848][T14330]  ? mark_lock+0x9a/0x340
[  926.349166][T14330]  ? add_chain_block+0x850/0x850
[  926.354088][T14330]  ? lockdep_lock+0x11f/0x2a0
[  926.358837][T14330]  ? validate_chain+0x112/0x5950
[  926.363756][T14330]  ? _find_first_zero_bit+0xd0/0x100
[  926.369029][T14330]  validate_chain+0x1661/0x5950
[  926.373866][T14330]  ? reacquire_held_locks+0x660/0x660
[  926.379227][T14330]  ? reacquire_held_locks+0x660/0x660
[  926.384585][T14330]  ? mark_lock+0x9a/0x340
[  926.389047][T14330]  ? __lock_acquire+0x125b/0x1f80
[  926.394069][T14330]  ? mark_lock+0x9a/0x340
[  926.398386][T14330]  ? mark_lock+0x9a/0x340
[  926.402702][T14330]  __lock_acquire+0x125b/0x1f80
[  926.407541][T14330]  lock_acquire+0x1f8/0x5a0
[  926.412030][T14330]  ? ext4_map_blocks+0x955/0x1cb0
[  926.417042][T14330]  ? read_lock_is_recursive+0x10/0x10
[  926.422406][T14330]  ? __might_sleep+0xb0/0xb0
[  926.426984][T14330]  ? percpu_counter_add_batch+0x142/0x160
[  926.432707][T14330]  ? rcu_is_watching+0x11/0xb0
[  926.437451][T14330]  ? ext4_es_lookup_extent+0x44a/0xb70
[  926.442898][T14330]  down_write+0x36/0x60
[  926.447038][T14330]  ? ext4_map_blocks+0x955/0x1cb0
[  926.452055][T14330]  ext4_map_blocks+0x955/0x1cb0
[  926.456908][T14330]  ? __stack_depot_save+0x3f5/0x470
[  926.462102][T14330]  ? ext4_issue_zeroout+0x250/0x250
[  926.467310][T14330]  ? kasan_set_track+0x60/0x70
[  926.472066][T14330]  ? kasan_set_track+0x4b/0x70
[  926.476813][T14330]  ? __kasan_kmalloc+0x97/0xb0
[  926.481565][T14330]  ? __kmalloc+0xb2/0x230
[  926.485899][T14330]  ? get_free_dqblk+0x45/0x6c0
[  926.490659][T14330]  ? do_insert_tree+0x72a/0x1ae0
[  926.495599][T14330]  ? do_insert_tree+0x72a/0x1ae0
[  926.500541][T14330]  ext4_getblk+0x1eb/0x7c0
[  926.504965][T14330]  ? do_fchownat+0x169/0x240
[  926.509599][T14330]  ? ext4_get_block_unwritten+0x100/0x100
[  926.515316][T14330]  ext4_bread+0x2a/0x170
[  926.519557][T14330]  ext4_quota_write+0x21e/0x570
[  926.524428][T14330]  ? ext4_quota_read+0x2c0/0x2c0
[  926.529352][T14330]  ? get_free_dqblk+0x45/0x6c0
[  926.534102][T14330]  ? get_free_dqblk+0x45/0x6c0
[  926.538856][T14330]  ? __kmalloc+0xe2/0x230
[  926.543171][T14330]  get_free_dqblk+0x340/0x6c0
[  926.547835][T14330]  ? ext4_quota_read+0x2c0/0x2c0
[  926.552761][T14330]  do_insert_tree+0x299/0x1ae0
[  926.557512][T14330]  ? ext4_get_block_unwritten+0x100/0x100
[  926.563219][T14330]  ? from_kgid+0x1a3/0x730
[  926.567624][T14330]  ? ext4_quota_read+0x1ed/0x2c0
[  926.572567][T14330]  ? find_next_id+0x850/0x850
[  926.577254][T14330]  ? ext4_quota_read+0x256/0x2c0
[  926.582181][T14330]  do_insert_tree+0x72a/0x1ae0
[  926.586935][T14330]  ? ext4_quota_read+0x1ed/0x2c0
[  926.591859][T14330]  ? find_next_id+0x850/0x850
[  926.596527][T14330]  ? ext4_quota_read+0x256/0x2c0
[  926.601465][T14330]  do_insert_tree+0x72a/0x1ae0
[  926.606228][T14330]  ? find_next_id+0x850/0x850
[  926.610891][T14330]  ? rcu_is_watching+0x11/0xb0
[  926.615645][T14330]  ? __kmalloc+0xe2/0x230
[  926.620017][T14330]  qtree_write_dquot+0x3b9/0x530
[  926.624962][T14330]  ? qtree_entry_unused+0xe0/0xe0
[  926.629985][T14330]  ? qtree_read_dquot+0x589/0x650
[  926.634995][T14330]  v2_write_dquot+0x11c/0x190
[  926.639657][T14330]  dquot_acquire+0x34d/0x680
[  926.644234][T14330]  ext4_acquire_dquot+0x2eb/0x4a0
[  926.649246][T14330]  dqget+0x74e/0xe30
[  926.653128][T14330]  __dquot_initialize+0x45e/0xea0
[  926.658137][T14330]  ? make_kgid+0x6f0/0x6f0
[  926.662540][T14330]  ? dquot_initialize+0x20/0x20
[  926.667378][T14330]  ? setattr_prepare+0x1e0/0xc20
[  926.672304][T14330]  ? ktime_get_coarse_real_ts64+0x107/0x120
[  926.678181][T14330]  ? fsverity_prepare_setattr+0x73/0x150
[  926.683796][T14330]  ext4_setattr+0x53f/0x1a00
[  926.688370][T14330]  ? atime_needs_update+0x7b0/0x7b0
[  926.693552][T14330]  ? evm_inode_setattr+0xfc/0x820
[  926.698560][T14330]  ? bpf_lsm_inode_setattr+0x5/0x10
[  926.703745][T14330]  ? ext4_write_inode+0x740/0x740
[  926.708752][T14330]  notify_change+0xce3/0xfc0
[  926.713332][T14330]  chown_common+0x5aa/0x900
[  926.717850][T14330]  ? __ia32_sys_chmod+0x180/0x180
[  926.722861][T14330]  ? rcu_read_lock_any_held+0xb3/0x160
[  926.728304][T14330]  ? __mnt_want_write+0x222/0x2a0
[  926.733311][T14330]  do_fchownat+0x169/0x240
[  926.737711][T14330]  ? chown_common+0x900/0x900
[  926.742373][T14330]  ? syscall_enter_from_user_mode+0x2e/0x230
[  926.748335][T14330]  ? lockdep_hardirqs_on+0x94/0x130
[  926.753513][T14330]  __x64_sys_chown+0x7e/0x90
[  926.758089][T14330]  do_syscall_64+0x3b/0xb0
[  926.762492][T14330]  ? clear_bhb_loop+0x45/0xa0
[  926.767156][T14330]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  926.773070][T14330] RIP: 0033:0x7f84b4379e79
[  926.777471][T14330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  926.797058][T14330] RSP: 002b:00007f84b520f038 EFLAGS: 00000246 ORIG_RAX: 000000000000005c
[  926.805463][T14330] RAX: ffffffffffffffda RBX: 00007f84b4515f80 RCX: 00007f84b4379e79
[  926.813418][T14330] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000040
[  926.821383][T14330] RBP: 00007f84b43e7916 R08: 0000000000000000 R09: 0000000000000000
[  926.829348][T14330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  926.837303][T14330] R13: 0000000000000000 R14: 00007f84b4515f80 R15: 00007ffc4f9d7388
[  926.845265][T14330]  </TASK>
[  926.863840][ T3894] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  926.901122][T13787] EXT4-fs (loop2): unmounting filesystem.
[  926.967780][T14342] Bluetooth: hci3: service_discovery: expected 4 bytes, got 7 bytes
[  926.983710][T14342] loop0: detected capacity change from 0 to 1024
[  926.990773][    T7] usbhid 4-1:0.0: can't add hid device: -71
[  926.996731][    T7] usbhid: probe of 4-1:0.0 failed with error -71
[  927.007562][T14342] hfsplus: request for non-existent node -709361664 in B*Tree
[  927.015784][T14342] hfsplus: request for non-existent node -709361664 in B*Tree
[  927.023562][T14342] hfsplus: b-tree write err: -5, ino 8
[  927.042649][    T7] usb 4-1: USB disconnect, device number 64
[  927.082505][ T4161] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  927.200210][ T3682] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  927.560697][ T3682] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  927.571676][ T3682] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  927.581704][ T3682] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  927.594741][ T3682] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  927.603828][ T3682] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  927.612928][ T3682] usb 5-1: config 0 descriptor??
[  928.081038][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.088431][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.095991][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.103415][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.111139][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.118515][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.125917][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.133308][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.140734][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.148117][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.155515][ T3682] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0
[  928.163170][ T3682] plantronics 0003:047F:FFFF.0021: No inputs registered, leaving
[  928.173355][ T3682] plantronics 0003:047F:FFFF.0021: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  929.390996][T14340] usb 5-1: string descriptor 0 read error: -2
[  930.210935][ T6333] usb 5-1: USB disconnect, device number 74
[  931.311206][ T1261] ieee802154 phy0 wpan0: encryption failed: -22
[  931.317531][ T1261] ieee802154 phy1 wpan1: encryption failed: -22