last executing test programs:

8m2.002209283s ago: executing program 2 (id=1998):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b70300001a5d00008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000900)=r2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d800000010", 0x5}], 0x1, 0x0, 0x0, 0xc3ff}, 0x0)

8m1.909723116s ago: executing program 2 (id=2000):
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0xfff, 0x7, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10)

7m59.276611063s ago: executing program 2 (id=2003):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x800000, &(0x7f0000000100)=ANY=[@ANYRES8=0x0, @ANYRESDEC=0x0, @ANYBLOB="2c73686f727461642c7569643d69676e6f72652c73686f727461642c766f6c756d653d30303030303030303030303030303030303030362c001829935912ddb19b617db523a6bb7c0d782285ef952b9282ba93ba5ef9353deee866199e1a1a16f9b8980aa11304cc9667f126de9a575a9cb3c29169cb6e8bd4820f0d3882914f9f4dd2ac97c7c5181676dc89c5fd4f9c455fcdbd2eef48adb33cdc1f17be8a397ef4cdba04d1979e9a7f3a2bcb07fb13cffd272aa79076e8039f7ab310e76e74"], 0x1, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG")
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pwrite64(0xffffffffffffffff, &(0x7f0000000300)='_', 0x1, 0x10000000005)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x12)

7m56.069155231s ago: executing program 2 (id=2009):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)

7m55.709259539s ago: executing program 2 (id=2010):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b70300001a5d00008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000900)=r2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d800000010", 0x5}], 0x1, 0x0, 0x0, 0xc3ff}, 0x0)

7m55.235342879s ago: executing program 2 (id=2014):
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0xfff, 0x7, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10)

7m54.719703211s ago: executing program 32 (id=2014):
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0xfff, 0x7, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r0, 0x0, 0x0}, 0x10)

7m5.381276979s ago: executing program 4 (id=2123):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x800000, &(0x7f0000000100)=ANY=[@ANYRES8=0x0, @ANYRESDEC=0x0, @ANYBLOB="2c73686f727461642c7569643d69676e6f72652c73686f727461642c766f6c756d653d30303030303030303030303030303030303030362c001829935912ddb19b617db523a6bb7c0d782285ef952b9282ba93ba5ef9353deee866199e1a1a16f9b8980aa11304cc9667f126de9a575a9cb3c29169cb6e8bd4820f0d3882914f9f4dd2ac97c7c5181676dc89c5fd4f9c455fcdbd2eef48adb33cdc1f17be8a397ef4cdba04d1979e9a7f3a2bcb07fb13cffd272aa79076e8039f7ab310e76e74"], 0x1, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG")
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0)
pwrite64(r3, &(0x7f0000000300)='_', 0x1, 0x10000000005)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x12)

7m0.533548959s ago: executing program 4 (id=2131):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000280)={0x0, 0x0})
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000280))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000340))
close(0xffffffffffffffff)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
unlinkat(0xffffffffffffffff, &(0x7f00000005c0)='./file1\x00', 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x68, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x32, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x68}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r5=>0xffffffffffffffff})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="cf04000000000000000013000000080003", @ANYRES32=r8, @ANYBLOB="0500130092848b000a00060008021100000100000600100080050000060012"], 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

6m59.878433165s ago: executing program 4 (id=2135):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e", 0x19}], 0x1}, 0x0)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c000000"], 0xfe33)

6m59.467387604s ago: executing program 4 (id=2137):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x7, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x5c, 0x160, 0x0, 0x3e0, 0x248, 0x228, 0x228, 0x248, 0x228, 0x3, 0x0, {[{{@uncond, 0x0, 0xf0, 0x110, 0x52020000, {}, [@common=@unspec=@limit={{0x48}, {0x8dd1, 0x5}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)
unshare(0x20000400)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff1f}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

6m58.349679712s ago: executing program 4 (id=2141):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="18020000feffffff0000000000000000850000001700000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

6m55.650071745s ago: executing program 4 (id=2144):
fsmount(0xffffffffffffffff, 0x1, 0x1)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
umount2(&(0x7f0000000040)='./file0\x00', 0xb)

6m38.949884493s ago: executing program 33 (id=2144):
fsmount(0xffffffffffffffff, 0x1, 0x1)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000000)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
umount2(&(0x7f0000000040)='./file0\x00', 0xb)

2m30.173059633s ago: executing program 3 (id=2894):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000020000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)

2m29.973792618s ago: executing program 3 (id=2896):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2m29.807092819s ago: executing program 3 (id=2898):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000a80)={r2, 0x0, 0x0}, 0x10)

2m29.624364837s ago: executing program 3 (id=2899):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x4080, &(0x7f0000000540)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRESDEC], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x181)
r1 = open_tree(r0, &(0x7f0000000280)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file1\x00', 0x0, 0x2804, 0x0)

2m28.74908805s ago: executing program 3 (id=2900):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$can_j1939(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000200)=""/117, 0x11}], 0x1}, 0x40002100)
sendmsg$kcm(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000280)="16e0154be212663ccffb9c7c0960c0b0e4a9", 0x12}], 0x1}, 0x4040015)

2m24.5925772s ago: executing program 3 (id=2913):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)

2m23.852015232s ago: executing program 34 (id=2913):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000000)="1eb3bf65654102f4af4d221c8bd458d1e7cbdaf3657d0f34e790c85bdba7931791f6d15c3e681411f7a496c0dace6a3c242f5b016f64b4ef8a9cedaf6bec340dee49474360b24cb8", 0x0, 0x48)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)

1m36.853452751s ago: executing program 7 (id=3056):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000180)={[{@norecovery}, {@delalloc}, {@sysvgroups}]}, 0x0, 0x246, &(0x7f0000000700)="$eJzs3T9oJGUcBuB3Znc9c7fIqY0gqCAiGggnWAg2Z6NwIkcQEVSIiNgoiRAT7BIrGwutVVLZBLEzWkqaYKMIVlFTxEbQYGGw0GJldhJJzAbFTXbEeR6YZP598/uGmfebbWY3QGtdTnI1SSfJdJJekuLoDnfV0+WDxbWprblkMHjy52K4X71cO2x3KclqkoeSbJZFXu4myxvP7v66/di9by317vlg45mpiZ7kgb3dnSf237/+5sfXHlj+8usfrxe5mv6x8zp7xYh13SK55TyK/UcU3aZ7wD8x+/pH31S5vzXJ3cP891KmvnhvL96w2cv9753W9p2fvrp9kn0Fzt5g0KuegasDoHXKJP0U5UySer4sZ2bqz/Dfdi6Wrywsvjb90sLS/ItNj1TAWeknO49+euGTS3/J/w+dOv/A/1eV/6dm17+r5vc7TfcGmKQq/9PPr9wX+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2Opr/gfxDq3j+Q3vJP7TX0fwDAO0yuND0G8hAU5oefwAAAAAAAAAAAAAAAAAAgJPWprbmDqdjG87xu8E+fzfZeyRJd1T9zvD3iJMbh38v/lJUu/2pqJuN5bk7xzzAmD6c0NvXjz84ev1N30+m/mm+uKPZ+ivzyeobSa50uyfvv+Lg/vv3bv6b7b0Xxiwwpoefbrb+7+vN1r+2nXxWjT9XRo0/ZW4b/h89/vSr6zdm/Vd/G/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATMwfAQAA//9dAm22")
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, 0x0, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r5 = dup(r4)
write$UHID_DESTROY(r5, &(0x7f0000000000), 0x4)
accept4$unix(r3, 0x0, &(0x7f0000000040), 0x800)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r8 = semget$private(0x0, 0x207, 0x480)
semtimedop(r8, &(0x7f00000001c0), 0x0, 0x0)
semctl$SETALL(r8, 0x0, 0x11, &(0x7f0000000200))
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xa, &(0x7f0000000200)=0x8, 0x4)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0xfffffffffffffffe, 0x2, 0x0, 0x0, 0x3, 0x7fffffff}, 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f00000002c0)={@desc={0x1, 0x0, @desc3}})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

1m35.580893419s ago: executing program 7 (id=3060):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000400000000000000000085000000610000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1m34.980953578s ago: executing program 7 (id=3063):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)

1m34.811637235s ago: executing program 7 (id=3065):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x10000000000005e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x2}}, {@jqfmt_vfsv1}], [{@audit}, {@fowner_eq}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x88000, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000380)='./file0\x00', &(0x7f0000000280)='./file0/../file0/../file0/../file0\x00')

1m34.368483783s ago: executing program 7 (id=3068):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800002, &(0x7f0000000180)={[{@force}, {@nodecompose}, {@uid}, {@gid={'gid', 0x3d, 0xee01}}, {@nobarrier}, {}, {@nls={'nls', 0x3d, 'default'}}, {@nobarrier}]}, 0x3, 0x6b3, &(0x7f0000000780)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7HipJXjorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHhlHskbhxyAIzmz9pre+PYieN1289Hmp03+96895tf5s/ubKwJ8Jl1/vXs76fI+RMXbpXL9+72Fu7d7V0flJNMJGkl7XqWopsUHyfnUk/5fPlm013xsHFevf9R0X7/w1691G6mqn1rs/U2GNmynxxYWdiXZKou/mcLHbZG91dNVT+XVvt7TMVK3GXCjg8SB+O2vEF/tXLUobHW1o9bYM+6XV83N5hMDqa+upafA9KcHR59Zhi/Tc9N/d2LAwAAAJ6Wkd/lhz3zIA9yK4d2JxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4dCjqZwYWzdQalKdSDJ7/3xl6pn5nzOE+ofeuVLPvPjPuQAAAAAAAAADgiRx7kAe5lUOD5eWi+s3/pWrhcPX6ubydm5nLYk7mVmazlKUsZibJ5FBHnVuzS0uLMxvX/GXKNZeXl283a54euebptXH11wc66n8abGgEAAAAAAAAAJ9ZP8r51d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyiSffWsmg4PypNptZMcSNIpplaad8Ya7A7487gDAAAAgKev28wPFf+rC8tF9Z3/SPW9/0Dezo0sZT5LWchcLlf3Aupv/a2/93sL9+72rpfTxo6/8a9txVH1mPrew+iRp6sWL6yscT7fzvdyIlO5mMXM5/uZzVLmMpVvVaXZFJls7l5M3rvbzSDWjfGeW7N0cX1sx4bKZXxHq0i6uZL5KraTudQZhN5q2h0dGu2PnWTdiHfK7BSvNbaYo8vNvNyiXzTzvWGy2vL9KxmZbnJfZuPZ4bxvzP0295P1I82ktXIP6vDqKOXi+pEeK+cHm3mZ658+3Zxv81ba2kz0f14uDfa+I5vnPPnyP/5y8WrrxrWrV26e2Du70WNav0/0hjLx4pYysVBmov8EmTjwJPHvnE6Tjfosur2z5UvVuocyn+/kzVzOXM5kOjM5m+l8LafTy+mhvL6weV6rY621vWPt+JeaQnlN+tnQtWnXTDysoszrs0N5HT7TTVZ1w++sZum5LWSp6GR0lv45MpT2F5pCOcaPh64447c+EzNDmXh+80z8+r/LSW4u3Li2eHX2rS2O93IzLw/b99aem3+zIxu0fc3mlvvLc+U/VurLxvDeUdY9P6hbl69O84tLu+lsTV0n1fFc1z3qSC17OnJnVE913YsjR+lVdUeH6tZ8ysmbWVj5FNLY9YMUgC04+MrBTvd+92/dD7o/6V7tXjjwzYmzE1/sZP9f23/a97vWb1tfL17JB/lhDo07UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4+c6712YXFuYW92AhrR3u8M7IqkEq6nc6I9ocyx7IxiejMLHZHvX71I9resjqnXHE3M1D49ndQtq7MNZERlRdWHmnm7RW4klybY884A54Gk4tXX/r1M133v3K/PXZN+bemLtx+uyZ1870vjpz+9SV+YW56fq1adwec7DAjlr9GDDuSAAAAAAAAAAAAICt2o0/bxgxbNEfw7YCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn0znX8/+forMTJ+cLpfv3e0tlNOgvNqynaSVpPhBUnycnEs9ZXKou+Jh47x6/6Nfvfz+h73VvtqD9q116/3h38vL29yKfjNlKsm+Zv5oE1vq79JQf/1tBlYrVrawTNjxQeJg3P4fAAD//+/HBYc=")
openat(0xffffffffffffff9c, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x12802, 0x0)

1m30.782752294s ago: executing program 7 (id=3082):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b0000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x7, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x5c, 0x160, 0x0, 0x3e0, 0x248, 0x228, 0x228, 0x248, 0x228, 0x3, 0x0, {[{{@uncond, 0x0, 0xf0, 0x110, 0x52020000, {}, [@common=@unspec=@limit={{0x48}, {0x8dd1, 0x5}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)
unshare(0x20000400)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff1f}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1m30.330943239s ago: executing program 35 (id=3082):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b0000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x7, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x5c, 0x160, 0x0, 0x3e0, 0x248, 0x228, 0x228, 0x248, 0x228, 0x3, 0x0, {[{{@uncond, 0x0, 0xf0, 0x110, 0x52020000, {}, [@common=@unspec=@limit={{0x48}, {0x8dd1, 0x5}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, [], [], 'pim6reg1\x00', 'vlan1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)
unshare(0x20000400)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff1f}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

15.580699932s ago: executing program 6 (id=3342):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000000)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000880)={@flat=@binder={0x73622a85, 0x1009, 0x3}, @ptr={0x70742a85, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, @flat=@handle={0x73682a85, 0x80, 0x1}}, &(0x7f0000000240)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

14.917017028s ago: executing program 6 (id=3347):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)

14.722783925s ago: executing program 6 (id=3349):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
syz_open_procfs$userns(r0, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r3, 0xffff)
fcntl$addseals(r3, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000100)={r3, 0x0, 0x0, 0x1000})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x3, 0x6, 0xfffa}, 0x1d, [0x8000, 0x8000, 0xf, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4b, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0x0, 0x6, 0x3, 0x0, 0x5, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x6, 0x9, 0x3, 0x15bb, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x80000000, 0xa72, 0x3, 0x7, 0x0, 0x71, 0x7, 0x1, 0x1, 0x5, 0x5, 0x3e, 0x7, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x9, 0x8, 0x7, 0x1, 0x40], [0x10000007, 0x3, 0x8000012f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x200c7, 0xf9, 0xd, 0x2bf, 0x6c9, 0x10000007, 0xfffffffc, 0x3, 0x0, 0xd14, 0x5, 0x2f, 0xe, 0x4312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x5, 0x5f31, 0x7f5, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0xd, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x7b, 0x9, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0xf5fd, 0x0, 0x5, 0x1, 0x100, 0x8d2, 0x9, 0x800003, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x5, 0x20000005, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x8, 0x6cfc, 0x5, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x7, 0x1000, 0xa2, 0x7, 0x5, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x11, 0x7ff, 0xfffffff9, 0x0, 0x1, 0xffff, 0x0, 0x6, 0xc4, 0x120000, 0xbe, 0x1, 0xa2ed, 0x2, 0x25], [0x9, 0xbb31, 0x7, 0xb, 0x5, 0x938, 0xa, 0x80000006, 0x0, 0x5, 0x81, 0x1fc, 0x2, 0x6, 0x8, 0x57b, 0x101, 0x10000, 0x6, 0x7fff, 0xfffd, 0x4, 0x20002, 0x5, 0x1, 0x2, 0x14c, 0x60a6, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xca, 0xee1, 0xfffff000, 0xffff, 0x3, 0x7e, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x40000006, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xc, 0x7, 0xfffffffe, 0x6, 0x0, 0x4, 0x5, 0xb1e, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

11.4306855s ago: executing program 6 (id=3351):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
creat(&(0x7f0000000100)='./bus\x00', 0x44)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mkdir(&(0x7f0000000100)='./control\x00', 0x0)
rmdir(&(0x7f0000000040)='./control\x00')

10.537058849s ago: executing program 8 (id=3355):
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
r1 = syz_open_procfs$namespace(r0, &(0x7f00000002c0)='ns/ipc\x00')
ioctl$FICLONE(r1, 0x40049409, r1)

10.347394496s ago: executing program 8 (id=3356):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)=ANY=[@ANYBLOB="12010000e6793b10d10501200009010203010902120001000000000904"], 0x0)
setresuid(0xee00, 0xee01, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000900)={0x44, &(0x7f0000000240)={0x20, 0xb, 0x41, "5f6891b4000000000000b0e76409361f1ff0955fb9d0f3426f3526155885a21aa80ef0e8b41dd4a26311144dd0c88682ca3046c9e10cc36637ba4ca01befe57f86"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)={0x0, 0x16, 0x5, "2087f54537"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

9.901091419s ago: executing program 6 (id=3359):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)

6.96173842s ago: executing program 6 (id=3365):
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x804, &(0x7f0000000b80)=ANY=[@ANYBLOB="00a3d9feb86e02e3b0bd5e574a822aa033060829d9f570706daaf7e64385f4c757c8c1509cbd06003c6d03000000ffdde116534a3e539068b679d93c646500b71c53966a788a93af70a9e8378a4dff15e4a14b5a4b6c14d2feff8ec15164ffffba586557115ae1b2470a06d956cae4ea3b76e646ef7b00f8bcbad4030fa2f87bae1c91858fdee78fd19866212b8aedf818fea039932b8d5f454cf4fa9f9c1c0bd1c3f8c02f1bc702d7359eb8be446f88b77ce92c3d943828ece9eef54e10c2b4d66fb887ed9e56e2fbf982ea3443c9c30d40c4dd067682187e224173e49a3d0700efeb8fc6570ce5feb7d4c9ab5c4cc09ba9ae6276845ff55c7fdaab25776edddef50000000064dadb122182564d38cae5597ef4d5a2bf63415fdfe0867dee339da4a49e99fcf977e3be588fb6a8e4ee0d5395982f374f3802e1cf12c5849a07af1ad1e9f1f52725eab00af283cbfbd18fdc8e1951ba26508eb3781117b3a5263e3671d0b9e5aedd4e9261654e7cd5213600a77f55f0ab706a787ac204fff298dc72be1e80389d8f55f42c3b92acaee0df6b6bea8459d98d7bdc8e99b33022a2474d5527b68ba085ce52bf894f86c0f0f2f76c1ffe1e7ecbf2f1d7f8de553ebd38a1ad1f67e43da56f853f594b16be3822b97389b248dd3079e41ce185206267e9f174fd6ba01f9cc52c465608000048d0ad524a70f1688d1f30ca729963f14d140bf06f606065187fef9b44e884699a5bda981b07000000000000009a74a84388dc82ed1ba29aba106b9f6e11ea249e4870494ede40f7bc48dc2a14669c1b94b32209f16b423a9274740b8f4e641d46a6f14f44e26c4b7d5422322a2f8d967532b133014da9c571ffc2664e0838acaa0c00358bdefaf2bc51dcf4a7673703b89cf213c3325c64493f3ed9866c4994c119363dec364813d2a1f3732323d6fde44b8178d35f936200a96118889bc34d1800779c82b877ba24d7aadec4abe72a3b5e9280cc12d3f3b60fa0163fc3ccdce18ced9a8ccf33122055f8870f804fb91d9f91ba8db505d020c01f532c9307117f34693dd535e1df52ccc94ba178aaf524117c214fa858d6da2f91c14ab5ea3080500366075694cf317cdad3e61d17bfa4490124e3616a0d581cf05cf2cecc0a9b83fe000000000000000000000000ed9111e3396fea123d15ff825b66e25945cb3fd6d31773af0634a155fe85159a643b064fba1135ff23d713431f3cf8587d8778f7eb1a02d155fb6185d105d26844d111c85fd6321fc4a9a368c04cd3f29a8badfb8a0152e7bb8b10a8e680292eb9ab00d3efd86111ca430dcfbf1910b235e636e99b615163989a3779e520b59d2e7db309a3710d5b11ae9c21ad7e4c7d000000000000000000000024aafb0479e8ea1ab8bfd97c2186a3a784ce996d63c42c31e3a211c284f7c0187429d7f01748d6f04519921b9d81a510de2ff2f21e7423328036d45adf7df57a0572a6dfba1e0e7dbed9aeebb7cd806f3685459be46dc69d314fd3ea633b1539f466c8d32a2e9392d1620656958900ffbf0c3f5139c03580f83516f02c1adbb6e16040f273456e982741fe40b3f6a3e9c8237f9da13572c209968b40dd6bf4fbb056d303698c74cdbd4c38c54e945e8e93ff946aa2a1fc940646fc7dbcb3455221cf6192c986eb7a087af45e68868f84959509001d495771979182f874501ec163ba8afaaab40e4cc90566b1b8a67d74aaea9338f8cd33cf958f694930efc78c023026d72f28877075652716f3064e5ff183c8889faccc043e1fa79b6e313d2d4432be54986c13f76de703a0c18571f96a77eb9fcaeb27c6caa59d"], 0x41, 0x1d3, &(0x7f0000000980)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF3xv37dmlN+Z05C1TF4astX3NKGiHnqasml9hi5SS7mkWBmCE09sqi4sio7MScntaiYiaHiVnJSxekTDCzX7a+pNEtwOvyR53BI0nTQYTri45E1o7GEc5KUphgbW6bC2TMf5NexaRxheLSCeWOdZ15jXWHq1Ly0vKSqrKqseRMn8sxs7GxsXDmxLirNbxVjS4rLpqZORiaHLWoCm5kN1SfZaE94177qYZIDa4+HX/MpY6XXqcyXjBcWSZ1aUTVzwhel2YyG3xnu8JStkNDQcJK4ImHxj5eBoc62wRXkxJQGhjSFMMYkNTaxti1n5oQw87O5LVBoST7BFHqUY+lMCYsDQlUnf1pqvnVIdJux7akD2xmew8d51hT0CRodl2BwWij4XwZkTEJDQ5nGWqaltgu+FGn8lfBabeyUweBuz7QMFqAsDSByJZQnC9aTkLzCQ0dT0yglmZNhk0RCkluBoTLD1j2cHAwNDAzMDBDMwKDCwMCwnREWtxBwDcYYBaNgFIyCUTAKRsEoGAWjYBSMglEwIgAgAAD//4YhlCI=")
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='bpf\x00', 0x2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)

6.932054204s ago: executing program 36 (id=3365):
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x804, &(0x7f0000000b80)=ANY=[@ANYBLOB="00a3d9feb86e02e3b0bd5e574a822aa033060829d9f570706daaf7e64385f4c757c8c1509cbd06003c6d03000000ffdde116534a3e539068b679d93c646500b71c53966a788a93af70a9e8378a4dff15e4a14b5a4b6c14d2feff8ec15164ffffba586557115ae1b2470a06d956cae4ea3b76e646ef7b00f8bcbad4030fa2f87bae1c91858fdee78fd19866212b8aedf818fea039932b8d5f454cf4fa9f9c1c0bd1c3f8c02f1bc702d7359eb8be446f88b77ce92c3d943828ece9eef54e10c2b4d66fb887ed9e56e2fbf982ea3443c9c30d40c4dd067682187e224173e49a3d0700efeb8fc6570ce5feb7d4c9ab5c4cc09ba9ae6276845ff55c7fdaab25776edddef50000000064dadb122182564d38cae5597ef4d5a2bf63415fdfe0867dee339da4a49e99fcf977e3be588fb6a8e4ee0d5395982f374f3802e1cf12c5849a07af1ad1e9f1f52725eab00af283cbfbd18fdc8e1951ba26508eb3781117b3a5263e3671d0b9e5aedd4e9261654e7cd5213600a77f55f0ab706a787ac204fff298dc72be1e80389d8f55f42c3b92acaee0df6b6bea8459d98d7bdc8e99b33022a2474d5527b68ba085ce52bf894f86c0f0f2f76c1ffe1e7ecbf2f1d7f8de553ebd38a1ad1f67e43da56f853f594b16be3822b97389b248dd3079e41ce185206267e9f174fd6ba01f9cc52c465608000048d0ad524a70f1688d1f30ca729963f14d140bf06f606065187fef9b44e884699a5bda981b07000000000000009a74a84388dc82ed1ba29aba106b9f6e11ea249e4870494ede40f7bc48dc2a14669c1b94b32209f16b423a9274740b8f4e641d46a6f14f44e26c4b7d5422322a2f8d967532b133014da9c571ffc2664e0838acaa0c00358bdefaf2bc51dcf4a7673703b89cf213c3325c64493f3ed9866c4994c119363dec364813d2a1f3732323d6fde44b8178d35f936200a96118889bc34d1800779c82b877ba24d7aadec4abe72a3b5e9280cc12d3f3b60fa0163fc3ccdce18ced9a8ccf33122055f8870f804fb91d9f91ba8db505d020c01f532c9307117f34693dd535e1df52ccc94ba178aaf524117c214fa858d6da2f91c14ab5ea3080500366075694cf317cdad3e61d17bfa4490124e3616a0d581cf05cf2cecc0a9b83fe000000000000000000000000ed9111e3396fea123d15ff825b66e25945cb3fd6d31773af0634a155fe85159a643b064fba1135ff23d713431f3cf8587d8778f7eb1a02d155fb6185d105d26844d111c85fd6321fc4a9a368c04cd3f29a8badfb8a0152e7bb8b10a8e680292eb9ab00d3efd86111ca430dcfbf1910b235e636e99b615163989a3779e520b59d2e7db309a3710d5b11ae9c21ad7e4c7d000000000000000000000024aafb0479e8ea1ab8bfd97c2186a3a784ce996d63c42c31e3a211c284f7c0187429d7f01748d6f04519921b9d81a510de2ff2f21e7423328036d45adf7df57a0572a6dfba1e0e7dbed9aeebb7cd806f3685459be46dc69d314fd3ea633b1539f466c8d32a2e9392d1620656958900ffbf0c3f5139c03580f83516f02c1adbb6e16040f273456e982741fe40b3f6a3e9c8237f9da13572c209968b40dd6bf4fbb056d303698c74cdbd4c38c54e945e8e93ff946aa2a1fc940646fc7dbcb3455221cf6192c986eb7a087af45e68868f84959509001d495771979182f874501ec163ba8afaaab40e4cc90566b1b8a67d74aaea9338f8cd33cf958f694930efc78c023026d72f28877075652716f3064e5ff183c8889faccc043e1fa79b6e313d2d4432be54986c13f76de703a0c18571f96a77eb9fcaeb27c6caa59d"], 0x41, 0x1d3, &(0x7f0000000980)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF3xv37dmlN+Z05C1TF4astX3NKGiHnqasml9hi5SS7mkWBmCE09sqi4sio7MScntaiYiaHiVnJSxekTDCzX7a+pNEtwOvyR53BI0nTQYTri45E1o7GEc5KUphgbW6bC2TMf5NexaRxheLSCeWOdZ15jXWHq1Ly0vKSqrKqseRMn8sxs7GxsXDmxLirNbxVjS4rLpqZORiaHLWoCm5kN1SfZaE94177qYZIDa4+HX/MpY6XXqcyXjBcWSZ1aUTVzwhel2YyG3xnu8JStkNDQcJK4ImHxj5eBoc62wRXkxJQGhjSFMMYkNTaxti1n5oQw87O5LVBoST7BFHqUY+lMCYsDQlUnf1pqvnVIdJux7akD2xmew8d51hT0CRodl2BwWij4XwZkTEJDQ5nGWqaltgu+FGn8lfBabeyUweBuz7QMFqAsDSByJZQnC9aTkLzCQ0dT0yglmZNhk0RCkluBoTLD1j2cHAwNDAzMDBDMwKDCwMCwnREWtxBwDcYYBaNgFIyCUTAKRsEoGAWjYBSMglEwIgAgAAD//4YhlCI=")
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='bpf\x00', 0x2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)

6.000379931s ago: executing program 1 (id=3370):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0xc0000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000800)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000c40)={[{@jqfmt_vfsv0}, {@nojournal_checksum}, {@barrier}, {@barrier}, {@test_dummy_encryption}, {@nomblk_io_submit}]}, 0xff, 0x4ab, &(0x7f0000000080)="$eJzs3DtsHEUfAPD/nu34+/KyCeGREMAQEBEPO3ECSYHEQ0KiAIQERSgPx4lCLjGKjYQjixgUhQYJIiFaBKJBUFNQUSGgQqKhgB5FipCbhFSH9m7vOJ99j1wuPj9+P2m9M3t7NzO7O7szO94NYMMaSf8kEVsj4o+IGIqIXP0KI+XZtYW5iX8W5iaSKBZf+ztJvxZXF+YmKqsm2XxLOdKfznIXknh2mXSnZ8+dyhcKk2ez+NjM6bfHpmfPPXHydP7E5InJM+NHjhw6eODwU+NPdqWct6V53f3e1J5dL75x6eWJo5fe/PnbpCbTteWo2wIdGoj5mm1S7+EupLCabKsJJ/1NV+3GxqVLBiNKFXWgVP+Hou/C9upnQ/HCBz3NHHBLFYvF4njjj+eLwDqWRK9zAPRG5UJ/deGzibQPvLgfvP5dea7cAUrLfS2byp2e/mpHdaCuf9tNcxFxdP765+kUS+5DAAB03w9p++fxcrtjcfsvF3fWrLc9GxsazsZSdkTE7RGxMyLuiCite1dE3H2D6Y/UxZe2f3KXOypYm9L239PZ2FZlytKtrDLcl8W2lco/kBw/WZjcn22TfTEwmMYPLPvrSZQGgeK3jxulP1LT/kunNP1KWzDLx+X+wcXfOZafyd90wTNX3o/Y3b9c+bMBvGwMa1dE7O4wjZOPfr1n8ZK+aqh1+ZtoPs7UluIXEY+U9/981JW/Imk+Pjn2vyhM7h+rHBVL/fLrxVcbpX9T5e+CdP9vXvb4r5Z/OKkdr51e8hObWqVx8c8PG/ZpRiKeiQ6O/03J64sSfzc/M3O9GLEpeWnJ8rM1N7gr8dL8QLn8+/YuX/93xH9b4p6ISA/ieyPivoi4P9t3D0TEgxGxt0n5f3r+obealL+n+z++KZ+h2tr/lf1QPhCqR0SrQN+pH79vlHx7579DpdC+bEk75792M9jhVgMAAIA1JRcRWyPJjVbDudzoaPl/+HfG5lxhanrmseNT75w5Vn5GYDgGcpU7XUNZPLL7n8PleKn3PV6aR5zP7pcezO4bf9r3/1J8dGKqcKzXhYcNbkuD+p/6q6/XuQNuuS6MowFrVLP6/+XhFcwIsOI6v/5rOcBa16IWe2EDrGOu4rBxLVf/z/cgH8DKa3z9n9Q0gHWuWsk/aWPlmse96h/eBNYeF3nYuFrX/1du1fuvgN5p/yn+1RJIkkVL4quI5t9Kep/nDgIfrY5sNA5ErtFHgzf6goieBPKrIxutApWKOnvuVH/bb7WYLZ7PFwq/f3czqff2vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAt/wYAAP//gN/guA==")
r3 = dup(r2)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

5.661027249s ago: executing program 8 (id=3371):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
pwritev(r0, &(0x7f0000000600)=[{&(0x7f0000000240)="02000000", 0x1b}, {&(0x7f0000000280)="f697079a161cfb7702311e629acda76933ddd0c24174eb4d4d28f9", 0x4}, {&(0x7f0000000340)="527302587e0a4e47ad", 0x9}], 0x3, 0x0, 0x0)

5.660854129s ago: executing program 0 (id=3372):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

5.409616669s ago: executing program 8 (id=3375):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)

5.208934585s ago: executing program 8 (id=3376):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
syz_open_procfs$userns(r0, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r3, 0xffff)
fcntl$addseals(r3, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r2, 0x40187542, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x3, 0x6, 0xfffa}, 0x1d, [0x8000, 0x8000, 0xf, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4b, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0x0, 0x6, 0x3, 0x0, 0x5, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x6, 0x9, 0x3, 0x15bb, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x80000000, 0xa72, 0x3, 0x7, 0x0, 0x71, 0x7, 0x1, 0x1, 0x5, 0x5, 0x3e, 0x7, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x9, 0x8, 0x7, 0x1, 0x40], [0x10000007, 0x3, 0x8000012f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x200c7, 0xf9, 0xd, 0x2bf, 0x6c9, 0x10000007, 0xfffffffc, 0x3, 0x0, 0xd14, 0x5, 0x2f, 0xe, 0x4312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x5, 0x5f31, 0x7f5, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0xd, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x7b, 0x9, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0xf5fd, 0x0, 0x5, 0x1, 0x100, 0x8d2, 0x9, 0x800003, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x5, 0x20000005, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x8, 0x6cfc, 0x5, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x7, 0x1000, 0xa2, 0x7, 0x5, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x11, 0x7ff, 0xfffffff9, 0x0, 0x1, 0xffff, 0x0, 0x6, 0xc4, 0x120000, 0xbe, 0x1, 0xa2ed, 0x2, 0x25], [0x9, 0xbb31, 0x7, 0xb, 0x5, 0x938, 0xa, 0x80000006, 0x0, 0x5, 0x81, 0x1fc, 0x2, 0x6, 0x8, 0x57b, 0x101, 0x10000, 0x6, 0x7fff, 0xfffd, 0x4, 0x20002, 0x5, 0x1, 0x2, 0x14c, 0x60a6, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xca, 0xee1, 0xfffff000, 0xffff, 0x3, 0x7e, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x40000006, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xc, 0x7, 0xfffffffe, 0x6, 0x0, 0x4, 0x5, 0xb1e, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

5.208764025s ago: executing program 0 (id=3377):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257035bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000073000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf528666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebdb638d91dbef661935839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dc7718a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5202db761014b1b999a12df6bee431a6681"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0xff12, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2800000002000000, 0xd, 0x0, &(0x7f0000000180)="a06ad876d56a0064d082778c39", 0x0, 0x2000000, 0x4000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.959680471s ago: executing program 8 (id=3378):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
close(r1)

3.947373255s ago: executing program 1 (id=3379):
syz_emit_ethernet(0x52, &(0x7f0000000680)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3}, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp_addr={0x44, 0x14, 0xa, 0x1, 0x0, [{@empty, 0x9}, {}]}, @cipso={0x86, 0x6}]}}, {{0x4e23, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}}}}}}, 0x0)

3.776222578s ago: executing program 0 (id=3380):
syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='shortad,partition=00000000000000000005,noadinicb,uid=', @ANYRESDEC=0x0, @ANYBLOB=',gid=', @ANYRESDEC=0x0, @ANYBLOB="2c766f6c756d653d303030303030303030303030008359638c720580"], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, 0x0, 0x0)

3.776048803s ago: executing program 5 (id=3381):
syz_emit_ethernet(0x2a, &(0x7f00000004c0)={@local, @remote, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x8, @multicast, @local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}, @empty}}}}, 0x0)

3.746303879s ago: executing program 1 (id=3382):
syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESDEC=0x0, @ANYBLOB=',discard,\x00', @ANYBLOB="3a8d75a267b001234a1e919d26dfdd0d8b316510e9c9cf606c6db6505304ee2649c88f03f9ef98bcebc5d721a7081b3509e543147eec5a0fa6d6eb57eed4197249efe6fa10323b6cf959897b3f1908c82c14974d31b0d080f8c86c196c0ee8eb707a73d201bbe15a02a37118aa1d4aaa4d2484b05dbb73e44387f620f46a3a2e06436e6296b05bd07717accf667e0331c0f323a7529f6b471ec30340347d3f405257c8bad57ddef290ea1d376a20", @ANYRESOCT, @ANYRES8, @ANYBLOB="0002001100000000303030303030303030303030303030303030303135322c796f636884c178f94be4ee34617273657439697300926f38", @ANYBLOB="51060c4f1adb6e795b70e7edcdc5cd30e197ceacee351e08a6e2ee4650101fb28229b16aecf828a55c8aa0efd840e40fef6612e7b389eb304c41e39360e1f5cb6f78bd7100bd30bbd42aa24b2dc9171d068e92ac848e65c9", @ANYRES64, @ANYRESDEC], 0x81, 0x151a, &(0x7f0000002a80)="$eJzs3AuYjtX6MPB1r7UexjTpbZLDsO51P7xpsEyS5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDTZ0iRJSEiyvku7/2fvr713//3V9/m+Pffvuhbrnue97/d+3nuueZ/nva6Zb3qOqteifu1mRCT+EPjrfylCiBghxDAhxDVCiEAIUSm+Uvyl4wUUpPyxJ2F/rgfTr3QH7Eri+edtPP+8jeeft/H88zaef97G88/beP55G8+fsbxs+5xi1/LKu+sKf/7v4Y89K/tD+P3/P0hu+clfbCx/fa9/I4Xnn7fx/PM2nn/exvPP23j+eRvP/z9frX9xjOeft/H8GcvLrvTnz/8frZhfX7Ir3cefuq7wtx9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsTzinL9MCyH+a3+l+2KMMcYYY4wxxtifx+e/0h0wxhhjjDHGGGPs/zwQUiihRSDyifwiRhQQseIqESeuFgXFNSIirhXx4jpRSFwvCosioqgoJhJEcVFCGIHCChKhKClKiai4QZQWN4pEUUaUFeWEE+VFkrhJVBA3i4riFlFJ3Coqi9tEFVFVVBPVxe2ihrhD1BS1RG1xp6gj6op6or64SzQQd4uG4h7RSNwrGov7RBNxv2gqHhDNxIOiuXhItBAPi5biEdFKtBZtRFvR7n8r/wXRV7wo+on+IkUMEAPFS2KQGCyGiKFimHhZDBeviBHiVZEqRopR4jUxWrwuxog3xFgxTowXb4oJYqKYJCaLKWKqSBNviWnibTFdvCNmiJlilpgt0sUcMVe8K+aJ+WKBeE8sFO+LRWKxWCKWigzxgcgUy0SW+FAsFx+JbLFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHbxsdghdopdYrfYI/aKfeITsV98Kg6Iz0SO+PzfzD/7v+T3AgECJEjQoCEf5IMYiIFYiIU4iIOCUBAiEIF4iIdCUAgKQ2EoCkUhARKgBJQABAQCgpJQEqIQhdJQGhIhEcpCWXDgIAmSoALcDBWhIlSCSlAZKkMVqApVoTpUhxpQA2pCTagNtaEO1IF6UA/ugrvgbmgIDaERNILG0BiaQBNoCk2hGTSD5tAcWkALaAktoRW0gjbQBtpBO2gP7aEDdIBO0Ak6Q2foAl0gGZKhK3SFbtANukN36AE9oCf0hF7QG3rDC/ACvAgvQn+oIwfAQBgIg2AQDIGhMBRehuHwCrwCr0IqjIRR8Bq8Bq/DGDgDY2EcjIfxUENOhEkwGUhOhTRIg2kwDabDdJgBM2EmzIZ0mANzYS7Mg/kwH96DhfD+ufdhMSyGpZABGZAJyyALsmA5nIVsWAErYRWshjWwGtbBelgHG2ETbIQtsAW2wTb4GD6GnbATdsNu2At74RP4BD6FTyEVciAHDsJBOASH4DAchlzIhSNwBI7CUTgGx+A4HIcTcBJOwUk4DafhDJyFc3AOzsN5uADPJXzVfG+ZDalCXqKllvlkPhkjY2SsjJVxMk4WlAVlREZkvIyXhWQhWVgWlkVlUZkgE2QJWUKiREkylCVlSRmVUVlalpaJMlGWlWWlk04mySRZQVaQFWVFWUneKivL22QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUTeb9sKgfAEHhQXppMCzkSWspR0Eq2lm1kW/k6PCrbyzHQQXaUneTjchyMhS6yvUuWT8muchJ0k8/IyfCs7CGnQk/5vOwle8s+8gXZV3Zw/WR/OQMGyIFyNgySg+UQOVTOg7ry0sTqyVdlqhwpR8nX5FJ4XY6Rb8ixcpwcL9+UE+REOUlOllPkVJkm35LT5NtyunxHzpAz5Sw5W6bLOXKufFfOk/PlAvmeXCjfl4vkYrlELpUZ8gOZKZfJLPmhXC4/ktlyhVwpV8nVco1cK9fJ9XKD3Cg3yc1yi9wqt8nt8mO5Q+6Uu+RuuUfulfvkJ3K//FQekJ/JHPm5PCj/Ig/JL+Rh+aXMlV/JI/JreVR+I4/Jb+Vx+Z08IU/KU/J7eVr+IM/Is/Kc/FGelz/JC/JneVF6KRQoqZTSKlD5VH4VowqoWHWVilNXq4LqGhVR16p4dZ0qpK5XhVURVVQVUwmquCqhjEJlFalQlVSlVFTdoEqrG1WiKqPKqnLKqfIqSd2kKqibVUV1i6qkblWV1W2qiqqqqqnq6nZVQ92haqpaqra6U9VRdVU9VV/dpRqou1VDdY9qpO5VjdV9qom6XzVVD6hm6kHVXD2kWqiHVUv1iGqlWqs2qq1qpx5V7dVjqoPqqDqpx1Vn9YTqop5Uyeop1VU9rbqpZ1R39azqoZ5TPdXzqpfqrfqon9VF5VU/1V+lqAFqoHpJDVKD1RA1VA1TL6vh6hU1Qr2qUtVINUq9pkar19UY9YYaq8ap8epNNUFNVJPUZDVFTVVp6i01Tb2tpqt31Aw1U81Ss1W6mqOG/FppwX8j/+1/kD/il2ffprarj9UOtVPtUrvVHrVX7VP71H61Xx1QB1SOylEH1UF1SB1Sh9Vhlaty1RF1RB1VR9UxdUwdV8fVCXVS/ai+V6fVD+qMOqvOqh/VeXVeXfj1NRAatNRKax3ofDq/jtEFdKy+Ssfpq3VBfY2O6Gt1vL5OF9LX68K6iC6qi+kEXVyX0Eajtpp0qEvqUjqqb9Cl9Y06UZfRZXU57XR5naRv+sP5v9dfO91Ot9ftdQfdQXfSnXRn3Vl30V10sk7WXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52iU/RA/ZIepAfrIXqoHqZf1sP1cD1Cj9CpOlWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+k0PU1P09P1dD1Dz9Cz9CydrtP1XD1Xz9Pz9AK9QC/UC/UivUgv0Ut0hs7QmTpTZ+ksvVwv19l6hV6hV+lVeo1eo9fpdXqD3qA36U16i96is/V2vV3v0Dv0Lr1L79F79D69T+/X+/UBfUDn6Bx9UB/Uh/QhfVgf1rk6Vx/RR/RRfVQf08f0cX1cn9An9Cl9Sp/Wp/UZfUaf0+f0eX1eX9AX9EV98dJlXyADGehAB/mCfEFMEBPEBrFBXBAXFAwKBpEgEsQH8UGh4PqgcFAkKBoUCxKC4kGJwAQY2ICCMCgZlAqiwQ1B6eDGIDEoE5QNygUuKB8kBTcFFYKbg4rBLUGl4NagcnBbUCWoGlQLqge3BzWCO4KaQa2gdnBnUCeoG9QL6gdVJ/71mvSeoFFwb9A4uC9oEtwfNA0eCJoFDwbNg4eCFsHDQcvgkaBV0DpoE7QN2v1b9e8KGgR3Bw2Df1bf+zNFHnP9TH+TYgaYgeYlM8gMNkPMUDPMvGyGm1fMCPOqSTUjzSjzmhltXjdjzBtmrBlnxps3zQQz0Uwyk80UM9WkmbfMNPO2mW7eMTPMTDPLzDbpZo6Za94188x8s8C8Zxaa980is9gsMUtNhvnAZJplJst8aJabj0y2WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mm1mu/nY7DA7zS6z2+wxe80+84nZbz41B8xnJsd8bg6av5hD5gtz2Hxpcs1X5oj52hw135hj5ltz3HxnTpiT5pT53pw2P5gz5qw5Z340581P5oL52Vw0/tLF/aW3d9SoMR/mwxiMwViMxTiMw4JYECMYwXiMx0JYCAtjYSyKRTEBE7AElsBLCAlLYkmMYhRLY2lMxEQsi2XRocMkTMIKWAErYkWshJWwMlbGKlgFq2E1vB1vxzvwDqyFtfBOvBPrYl2sj/WxATbAhtgQG2EjbIyNsQk2wabYFJthM2yOzbEFtsCW2BJbYStsg22wHbbD9tgeO2AH7ISdsDN2xi7YBZMxGbtiV+yG3bA7dsce2AN7Yk/shb2wD/bBvtgX+2E/TMEUHIgDcRAOwiE4BIfhMByOw3EEjsBUTMVROApH42gcg2NwLI7D8fgmTsCJOAkn4xScimmYhtNwGk7H6TgDZ+AsnIXpmI5zcS7Ow3m4ABfgQlyIi3ARLsElmIEZmImZmIVZuByXYzZm40pciatxNa7Ftbge1+NG3IibcTNuxa24HbfjDtyBu3AX7sE9uA/34X7cjwfwAOZgDh7Eg3gID+FhPIy5mItH8AgexaN4DI/hcTyOJ/AEnsJTeBpP4xk8g+fwHJ7Hn/AC/owX0WOMlSLWXmXj7NW2oL3GxtgC9m/joraYTbDFbQlrbGFb5O9itNYm2jK2rC1nnS1vk+xNv4mr2Kq2mq1ub7c17B225m/iBvZu29DeYxvZe219e9ffxY3tfbaJfdg2tY/YZra1bW7b2hb2YdvSPmJb2da2jW1rO9snbBf7pE22T9mu9unfxJl2mV1vN9iNdpPdbz+15+yP9qj9xp63P9l+tr8dZl+2w+0rdoR91abakb+Jx9s37QQ70U6yk+0UO/U38Sw726bbOXaufdfOs/N/E2fYD+xCm2UX2cV2iV36S3yppyz7oV1uP7LZdoVdaVfZ1XaNXWvX/c9eV9ktdqvdZvfZT+wOu9PusrvtHrv3l/jSeRywn9kc+7k9Yr+2h+wX9rA9ZnPtV7/El87vmP3WHrff2RP2pD1lv7en7Q/2jD37y/lfOvfv7c/2ovVWEJAkRZoCykf5KYYKUCxdRXF0NRWkayhC11I8XUeF6HoqTEWoKBWjBCpOJcgQkiWikEpSKYrSDVSabqREKkNlqRw5Kk9JdBNVoJupIt1ClehWqky3URWqStWoOt1ONegOqkm1qDbdSXWoLtWj+nQXNaC7qSHdQ43oXmpM91ETup+a0gPUjB6k5vQQtaCHqSU9Qq2oNbWhttSOHqX29Bh1oI7UiR6nzvQEdaEnKZmeoq70NHWjZ6g7PUs96DnqSc9TL+pNfegF6ksvUj/qTyk0gAbSSzSIBtMQGkrD6GUaTq/QCHqVUmkkjaLXaDS9TmPoDRpL42g8vUkTaCJNosk0haZSGr1F0+htmk7v0AyaSbNoNqXTHJpL79I8mk8L6D1aSO/TIlpMS2gpZdAHlEnLKIs+pOX0EWXTClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttPHtIN20i7aTXtoL+2jT2g/fUoH6DPKoc/pIP2FDtEXdJi+pFz6io7Q13SUvqFj9C0dp+/oBJ2kU/Q9naYf6AydpXP0I52nn+gC/UwXyZMIIZShCnUYhPnC/GFMWCCMDa8K48Krw4LhNWEkvDaMD68LC4XXh4XDImHRsFiYEBYPS4QmxNCGFIZhybBUGA1vCEuHN4aJYZmwbFgudGH5MCm8KawQ3hxWDG8JK4W3hpXD28IqYdXw4Xurh7eHNcI7wpphrbB2eGdYJ6wb1gvrh3eFDcK7w4bhPWGj8N6wYnhf2CS8P2waPhA2Cx8Mm4cPhS3Ch8OW4SNhq7B12CZsG7YLHw3bh4+FHcKOYafw8bBz+ETYJXwyTA6fCruGT//u8ZRwQDgwfCl8KfT+HrUkujSaEf0gmhldFs2KfhhdHv0omh1dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vn5+4cBJp5x2gcvn8rsYV8DFuqtcnLvaFXTXuIi71sW761whd70r7Iq4oq6YS3DFXQlnHDrryIWupCvlou4GV9rd6BJdGVfWlXPOlXdJrq1r59q59u4x18F1dJ3c4+5x94R7wj3pnnRPua7uadfNPeO6u2ddD/ece84973q53q6Pe8H1dS+6fq6/S3EpbqAb6Aa5QW6IG+KGuWFuuBvuRrgRLtWlulFulBvtRrsxbowb68a68W68m+AmuElukpviprg0l+amuWluupvuZrgZbpab5dJdupvr5rp5bp5b4Ba4hYkL3SK3yC1xS1yGy3CZLtNluSy33C132S7brXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9wut8vtcXvcPrfP7Xf73QF3wOW4HHfQHXSH3CF32H3pct1X7oj72h1137hj7lt33H3nTriT7pT73p12P7gz7qw75350591P7oL72V103qVF3opMi7wdmR55JzIjMjMyKzI7kh6ZE5kbeTcyLzI/siDyXmRh5P3IosjiyJLI0khG5INIZmRZJCvyYWR55KNIdmRFZGVkVWR1ZE3E++I7Ql/Sl/JRf4Mv7W/0ib6ML+vLeefL+yR/k6/gb/YV/S2+kr/VV/a3+Sq+qq/mH/GtfGvfxrf17fyjvr1/zHfwHX0n/7jv7J/wXfyTPtk/5bv6p303/4zv7p/1Pfxzvqd/3vfyvX0f/4Lv61/0/Xx/n+IH+IH+JT/ID/ZD/FA/zL/sh/tX/Aj/qk/1I/0o/5of7V/3Y/wbfqwf58f7N/0EP9FP8pP9FD/Vp/m3/DT/tp/u3/Ez/Ew/y8/26X6On+vf9fP8fL/Av+cX+vf9Ir/YL/FLfYb/wGf6ZT7Lf+iX+498tl/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrv/2O/wO/0uv9vv8Xv9Pv+J3+8/9Qf8Zz7Hf+4P+r/4Q/4Lf9h/6XP9V/6I/9of9d/4Y/5bf9x/50/4k/6U/96f9j/4M/6sP+d/9Of9T/6C/9lf5N9ZY4wxxhj7b9la+F8fH/APviZ/XZcMFEJcvbNY7t8eV0KIzb/WHSwTOkeEEE/17/ngf606dVJSUn59bLYSQanFQojI5fx84nK84pd/k0VHUeEf9jdY9j5Pv1M/eqsQsX+TEyMuxytEJ/HEL/Vv/if1H318fGbl8Fz8v6i/WIjEUpdzCojL8eX6Ff9J/SLtf6f/Al+kCdHhb3LixOX4cv0k8Zh4WiT/3SMZY4wxxhhjjLG/Giyrdf+9++dL9+cJ+nJOfnE5vnz/+Y/vzxljjDHGGGOMMXblPdu7z5OPJid37M6bP7wB+H+iDd7w5k/YXOmfTIwxxhhjjLE/2+WL/ivdCWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlnf93/hzYlf6HBljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLEr7X8EAAD//7MxObU=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
mount$nfs(&(0x7f0000000100)='\xd2\xa6.', 0x0, 0x0, 0x44, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x3)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
shmat(0x0, &(0x7f0000ff9000/0x4000)=nil, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r3, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r4}, 0x18)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r5, 0x0)
socket$unix(0x1, 0x2, 0x0)

3.302678369s ago: executing program 5 (id=3383):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x201, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xc3)

3.161124607s ago: executing program 0 (id=3384):
socket$nl_audit(0x10, 0x3, 0x9)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000002c0)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@orlov}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
open(&(0x7f00000000c0)='./bus\x00', 0x40004c141, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f00000000c0)=""/41, 0x29)

2.905586597s ago: executing program 5 (id=3385):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)

2.703894459s ago: executing program 5 (id=3386):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001480)=@mangle={'mangle\x00', 0x1f, 0x6, 0x530, 0x378, 0x250, 0x448, 0x138, 0x0, 0xd38, 0xd38, 0xd38, 0xd38, 0xd38, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@multicast1, @ipv6=@empty, 0x66, 0x34, 0x3850}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3, 'syz1\x00', {0x5}}}}, {{@ipv6={@private2={0xfc, 0x2, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x42}, [0x0, 0x0, 0xffffff00, 0xffffffff], [0xff000000, 0xff, 0xff000000, 0xffffff00], 'pimreg0\x00', 'gretap0\x00', {}, {0xff}, 0x0, 0x40, 0x7, 0x17}, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x23}}}, {{@ipv6={@empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xff, 0x0, 0xff000000, 0xffffffff], [0xffffffff, 0x0, 0xffffff00, 0xff], 'pimreg\x00', 'veth0\x00', {0xff}, {0xff}, 0x6f, 0xa, 0x8, 0xa}, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x12}}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x1, 0x3, 0x2}, {0x0, 0x5, 0x2}, {0x4, 0x3, 0x6}, 0x3, 0x9}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

2.605100668s ago: executing program 0 (id=3387):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
syz_open_procfs$userns(r0, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r3, 0xffff)
fcntl$addseals(r3, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r2, 0x40187542, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x3, 0x6, 0xfffa}, 0x1d, [0x8000, 0x8000, 0xf, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4b, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0x0, 0x6, 0x3, 0x0, 0x5, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x6, 0x9, 0x3, 0x15bb, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x80000000, 0xa72, 0x3, 0x7, 0x0, 0x71, 0x7, 0x1, 0x1, 0x5, 0x5, 0x3e, 0x7, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x9, 0x8, 0x7, 0x1, 0x40], [0x10000007, 0x3, 0x8000012f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x200c7, 0xf9, 0xd, 0x2bf, 0x6c9, 0x10000007, 0xfffffffc, 0x3, 0x0, 0xd14, 0x5, 0x2f, 0xe, 0x4312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x5, 0x5f31, 0x7f5, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0xd, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x7b, 0x9, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0xf5fd, 0x0, 0x5, 0x1, 0x100, 0x8d2, 0x9, 0x800003, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x5, 0x20000005, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x8, 0x6cfc, 0x5, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x7, 0x1000, 0xa2, 0x7, 0x5, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x11, 0x7ff, 0xfffffff9, 0x0, 0x1, 0xffff, 0x0, 0x6, 0xc4, 0x120000, 0xbe, 0x1, 0xa2ed, 0x2, 0x25], [0x9, 0xbb31, 0x7, 0xb, 0x5, 0x938, 0xa, 0x80000006, 0x0, 0x5, 0x81, 0x1fc, 0x2, 0x6, 0x8, 0x57b, 0x101, 0x10000, 0x6, 0x7fff, 0xfffd, 0x4, 0x20002, 0x5, 0x1, 0x2, 0x14c, 0x60a6, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xca, 0xee1, 0xfffff000, 0xffff, 0x3, 0x7e, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x40000006, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xc, 0x7, 0xfffffffe, 0x6, 0x0, 0x4, 0x5, 0xb1e, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

2.604904686s ago: executing program 5 (id=3388):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000400000000000000000085000000610000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

692.33029ms ago: executing program 0 (id=3389):
r0 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'veth1_vlan\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@bridge_getneigh={0x28, 0x1e, 0xd01, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r4}]}, 0x28}}, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)

692.084255ms ago: executing program 1 (id=3390):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1000000, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x80)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

619.021869ms ago: executing program 5 (id=3391):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001040)=ANY=[], 0x1, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r0 = open(&(0x7f0000000040)='./file1\x00', 0x100002, 0x0)
pwrite64(r0, &(0x7f0000000140)="9d", 0x1, 0x10000000005)
write$P9_RLCREATE(r0, &(0x7f0000001080)={0x18, 0xf, 0x1, {{0x80, 0x0, 0x1}, 0x7ff}}, 0x18)

253.110113ms ago: executing program 1 (id=3392):
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x30, 0x65, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@generic={0x86, 0x2}]}}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)

0s ago: executing program 1 (id=3393):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)

kernel console output (not intermixed with test programs):

tting 0
[  939.455781][T13616] usb 4-1: string descriptor 0 read error: -22
[  939.462183][T13616] usb 4-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.40
[  939.471699][T13616] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  941.245745][T13616] usbhid 4-1:1.0: can't add hid device: -71
[  941.251832][T13616] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  941.409490][T13616] usb 4-1: USB disconnect, device number 7
[  941.522826][T14117] loop6: detected capacity change from 0 to 2048
[  941.911679][T14117] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  943.412620][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  943.433202][ T5833] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  943.605409][ T5833] usb 6-1: Using ep0 maxpacket: 8
[  943.992700][ T5833] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  944.006764][ T5833] usb 6-1: config 1 interface 0 has no altsetting 0
[  944.076755][ T5833] usb 6-1: New USB device found, idVendor=05ac, idProduct=0253, bcdDevice= 0.40
[  944.202979][ T5833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  944.231027][ T5833] usb 6-1: Product: syz
[  944.248159][ T5833] usb 6-1: Manufacturer: syz
[  944.252907][ T5833] usb 6-1: SerialNumber: syz
[  944.378234][ T5833] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input10
[  944.537215][ T5189] bcm5974 6-1:1.0: could not read from device
[  944.616338][ T5833] usb 6-1: USB disconnect, device number 2
[  944.646647][ T5189] bcm5974 6-1:1.0: could not read from device
[  945.970592][T14187] loop1: detected capacity change from 0 to 2048
[  946.096125][T14187] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  946.118951][T14187] UDF-fs: Scanning with blocksize 512 failed
[  946.252290][T14187] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  946.679552][T14200] loop6: detected capacity change from 0 to 2048
[  948.133434][T13553] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  948.228333][T14200] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  948.310935][T13553] usb 1-1: Using ep0 maxpacket: 16
[  948.338783][T13553] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  948.655772][ T5830] UDF-fs: warning (device loop1): udf_evict_inode: Inode 851 (mode 100000) has inode size 1099511627782 different from extent length 1099511628800. Filesystem need not be standards compliant.
[  948.676982][T13553] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  948.721152][T13553] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  948.800891][T13553] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  948.842172][T13553] usb 1-1: config 0 descriptor??
[  951.850911][T13553] corsair 0003:1B1C:1B02.0001: unknown main item tag 0x0
[  951.858538][T13553] corsair 0003:1B1C:1B02.0001: unknown main item tag 0x0
[  951.866520][T13553] corsair 0003:1B1C:1B02.0001: unknown main item tag 0x0
[  951.874289][T13553] corsair 0003:1B1C:1B02.0001: unknown main item tag 0x0
[  951.881388][T13553] corsair 0003:1B1C:1B02.0001: unknown main item tag 0x0
[  951.898433][T13553] corsair 0003:1B1C:1B02.0001: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0
[  951.927428][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  953.438022][T13553] corsair 0003:1B1C:1B02.0001: Failed to get K90 initial state (error -71).
[  953.456301][T13553] usb 1-1: USB disconnect, device number 6
[  959.183333][ T5916] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  959.413315][ T5916] usb 1-1: Using ep0 maxpacket: 32
[  959.799461][ T5916] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  959.862683][ T5916] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  959.943626][ T5916] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  959.963195][ T5916] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  959.972184][ T5916] usb 1-1: config 1 has no interface number 0
[  959.993175][ T5916] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  960.002271][ T5916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  960.281584][T14288] loop5: detected capacity change from 0 to 1024
[  960.346989][ T5916] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  960.572219][ T5916] snd_usb_pod 1-1:1.1: set_interface failed
[  960.579269][ T5916] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  960.586767][ T5916] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -71
[  960.605442][ T5916] usb 1-1: USB disconnect, device number 7
[  960.768490][T14288] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  960.901423][T14306] loop1: detected capacity change from 0 to 2048
[  961.080510][T14306] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  962.028708][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  962.093143][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  966.734457][T14378] xt_nat: multiple ranges no longer supported
[  968.893659][T14411] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  970.543383][ T5834] Bluetooth: hci5: command 0x0406 tx timeout
[  971.063365][ T1162] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  974.439376][ T1162] usb 2-1: device not accepting address 8, error -71
[  977.273228][T13616] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  977.433192][T13616] usb 4-1: Using ep0 maxpacket: 8
[  977.440008][T13616] usb 4-1: config index 0 descriptor too short (expected 74, got 45)
[  977.449997][T13616] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  977.460442][T13616] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  977.651161][T13616] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  977.660333][T13616] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  977.674394][T13616] usbtmc 4-1:16.0: bulk endpoints not found
[  979.026017][T13616] usb 4-1: USB disconnect, device number 8
[  979.283732][T14483] loop1: detected capacity change from 0 to 2048
[  979.331422][T14483] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  980.547383][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  980.693205][ T5915] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  980.893295][ T5915] usb 6-1: Using ep0 maxpacket: 8
[  980.903939][ T5915] usb 6-1: unable to get BOS descriptor or descriptor too short
[  981.029194][ T5915] usb 6-1: config 8 has an invalid interface number: 254 but max is 0
[  981.037673][ T5915] usb 6-1: config 8 has no interface number 0
[  981.043956][ T5915] usb 6-1: config 8 interface 254 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  981.053883][ T5915] usb 6-1: config 8 interface 254 has no altsetting 0
[  981.114049][ T5915] usb 6-1: New USB device found, idVendor=10cf, idProduct=5500, bcdDevice=c9.c6
[  981.133993][ T5915] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  981.142083][ T5915] usb 6-1: Product: syz
[  981.173119][ T5915] usb 6-1: Manufacturer: syz
[  981.177790][ T5915] usb 6-1: SerialNumber: syz
[  983.142760][ T5915] vmk80xx 6-1:8.254: driver 'vmk80xx' failed to auto-configure device.
[  984.657861][ T5915] vmk80xx 6-1:8.254: probe with driver vmk80xx failed with error -22
[  984.676479][ T5915] usb 6-1: USB disconnect, device number 3
[  985.167063][T14574] loop3: detected capacity change from 0 to 2048
[  986.288818][T14574] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  986.941377][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  991.803010][T14651] netlink: 'syz.6.2526': attribute type 4 has an invalid length.
[  991.819653][T14651] netlink: 17 bytes leftover after parsing attributes in process `syz.6.2526'.
[  991.910179][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  991.996384][T14657] netlink: 'syz.6.2526': attribute type 2 has an invalid length.
[  992.027015][T14657] netlink: 132 bytes leftover after parsing attributes in process `syz.6.2526'.
[  992.036387][ T5917] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  992.214493][T14664] loop3: detected capacity change from 0 to 2048
[  992.223207][ T5917] usb 1-1: Using ep0 maxpacket: 8
[  992.242275][ T5917] usb 1-1: unable to get BOS descriptor or descriptor too short
[  992.262323][ T5917] usb 1-1: config 8 has an invalid interface number: 254 but max is 0
[  992.278281][ T5917] usb 1-1: config 8 has no interface number 0
[  992.303502][ T5917] usb 1-1: config 8 interface 254 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  992.314954][ T5917] usb 1-1: config 8 interface 254 has no altsetting 0
[  992.326085][T14664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  992.340791][ T5917] usb 1-1: New USB device found, idVendor=10cf, idProduct=5500, bcdDevice=c9.c6
[  992.352328][ T5917] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  992.360976][ T5917] usb 1-1: Product: syz
[  992.365721][ T5917] usb 1-1: Manufacturer: syz
[  992.370910][ T5917] usb 1-1: SerialNumber: syz
[  992.855954][ T5917] vmk80xx 1-1:8.254: driver 'vmk80xx' failed to auto-configure device.
[  992.878801][ T5917] vmk80xx 1-1:8.254: probe with driver vmk80xx failed with error -22
[  993.855284][ T5917] usb 1-1: USB disconnect, device number 8
[  993.857007][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  994.326184][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  996.727606][T14722] loop3: detected capacity change from 0 to 2048
[  996.734266][T13553] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  996.813549][T14722] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  996.918204][T13553] usb 6-1: Using ep0 maxpacket: 16
[  996.950848][T13553] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  998.488222][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  998.813251][T13553] usb 6-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice= 0.40
[  998.833786][T13553] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  998.841849][T13553] usb 6-1: Product: syz
[  998.863386][T13553] usb 6-1: Manufacturer: syz
[  998.868061][T13553] usb 6-1: SerialNumber: syz
[  999.201897][T13553] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input11
[  999.653509][T14765] loop0: detected capacity change from 0 to 1024
[  999.911633][T14765] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  999.963365][T13553] input: failed to attach handler mousedev to device input11, error: -2
[ 1000.035836][T13553] usb 6-1: USB disconnect, device number 4
[ 1000.362334][T14790] loop1: detected capacity change from 0 to 2048
[ 1000.438505][T14790] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1000.463818][T14790] UDF-fs: Scanning with blocksize 512 failed
[ 1000.590250][T14790] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1000.836045][T13553] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1002.931854][T13553] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1002.942528][T13553] usb 6-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[ 1002.957893][T13553] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.979265][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1002.998097][T13553] usb 6-1: config 0 descriptor??
[ 1003.588639][T13553] hid-steam 0003:28DE:1205.0002: : USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.5-1/input0
[ 1003.680918][T13553] hid-steam 0003:28DE:1205.0002: Steam Controller 'XXXXXXXXXX' connected
[ 1003.699909][T13553] input: Steam Deck as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:28DE:1205.0002/input/input12
[ 1003.887836][T13553] input: Steam Deck Motion Sensors as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:28DE:1205.0002/input/input13
[ 1004.386165][T13553] hid-steam 0003:28DE:1205.0003: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.5-1/input0
[ 1004.523479][T13553] usb 6-1: USB disconnect, device number 5
[ 1004.679881][T14850] capability: warning: `syz.5.2565' uses 32-bit capabilities (legacy support in use)
[ 1004.899914][T14854] loop1: detected capacity change from 0 to 1024
[ 1005.034229][T14854] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1005.050752][T14862] loop3: detected capacity change from 0 to 2048
[ 1005.071377][T14862] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1005.089907][T14862] UDF-fs: Scanning with blocksize 512 failed
[ 1005.157197][T14862] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1005.224481][T13553] hid-steam 0003:28DE:1205.0002: Steam Controller 'XXXXXXXXXX' disconnected
[ 1006.350924][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1009.025813][T14945] loop3: detected capacity change from 0 to 2048
[ 1009.499963][T14945] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1010.059129][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1011.274925][T15006] pim6reg1: entered allmulticast mode
[ 1011.298327][T15004] loop1: detected capacity change from 0 to 2048
[ 1011.457668][T15004] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1012.494444][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1012.678873][T15032] loop5: detected capacity change from 0 to 2048
[ 1012.802684][T15032] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 1012.863179][T15032] UDF-fs: Scanning with blocksize 512 failed
[ 1012.979435][T15032] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1014.849524][T15059] loop1: detected capacity change from 0 to 2048
[ 1014.942172][T15059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1015.843573][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1019.690147][T15135] tap0: tun_chr_ioctl cmd 1074025680
[ 1023.944178][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1023.958476][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1023.975514][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1023.986334][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1024.079434][ T5834] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1024.156845][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1026.243211][   T54] Bluetooth: hci2: command tx timeout
[ 1026.269786][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.025709][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.680571][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.165661][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.323387][   T54] Bluetooth: hci2: command tx timeout
[ 1028.381504][T15241] loop1: detected capacity change from 0 to 2048
[ 1028.481873][T15241] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1029.654892][T15241] UDF-fs: Scanning with blocksize 512 failed
[ 1029.750359][T15189] chnl_net:caif_netlink_parms(): no params data found
[ 1029.787892][T15241] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1030.568493][   T54] Bluetooth: hci2: command tx timeout
[ 1031.644240][T15189] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1031.651340][T15189] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1031.664976][T15189] bridge_slave_0: entered allmulticast mode
[ 1031.672159][T15189] bridge_slave_0: entered promiscuous mode
[ 1031.683778][T15189] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1031.691213][T15189] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1031.699049][T15189] bridge_slave_1: entered allmulticast mode
[ 1031.714436][T15189] bridge_slave_1: entered promiscuous mode
[ 1032.597164][T15189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1032.640169][T15189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1032.663096][   T54] Bluetooth: hci2: command tx timeout
[ 1033.351414][T15189] team0: Port device team_slave_0 added
[ 1033.371133][T15189] team0: Port device team_slave_1 added
[ 1034.231173][   T11] bridge_slave_1: left allmulticast mode
[ 1034.236950][   T11] bridge_slave_1: left promiscuous mode
[ 1034.242678][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1034.347895][   T11] bridge_slave_0: left allmulticast mode
[ 1034.356161][   T11] bridge_slave_0: left promiscuous mode
[ 1034.361932][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1039.069901][   T11] team0: Port device bridge0 removed
[ 1041.733793][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1041.784999][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1041.845768][   T11] bond0 (unregistering): Released all slaves
[ 1042.741301][T15189] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1042.769025][T15189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1042.835433][T15189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1043.849103][T15189] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1043.869105][T15189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1044.938447][T15189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1047.246581][T15189] hsr_slave_0: entered promiscuous mode
[ 1047.673404][T15189] hsr_slave_1: entered promiscuous mode
[ 1047.930984][T15189] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1047.946017][T15189] Cannot create hsr debugfs directory
[ 1054.807790][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1055.659288][   T11] hsr_slave_0: left promiscuous mode
[ 1055.803227][   T11] hsr_slave_1: left promiscuous mode
[ 1055.834327][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1055.841819][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1056.484459][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1056.491928][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1057.189096][   T11] veth1_macvtap: left promiscuous mode
[ 1057.209411][   T11] veth0_macvtap: left promiscuous mode
[ 1057.271727][   T11] veth1_vlan: left promiscuous mode
[ 1057.335378][   T11] veth0_vlan: left promiscuous mode
[ 1058.513609][   T11] pimreg (unregistering): left allmulticast mode
[ 1058.698584][T15521] loop5: detected capacity change from 0 to 8192
[ 1064.297640][T15549] loop5: detected capacity change from 0 to 512
[ 1064.338748][T15549] EXT4-fs: inline encryption not supported
[ 1064.474313][T15549] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1064.487778][   T11] team0 (unregistering): Port device team_slave_1 removed
[ 1064.628621][T15549] EXT4-fs error (device loop5): __ext4_iget:4984: inode #11: block 1: comm syz.5.2806: invalid block
[ 1064.830543][T15549] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.2806: couldn't read orphan inode 11 (err -117)
[ 1065.264342][T15549] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1065.428820][T15558] loop6: detected capacity change from 0 to 2048
[ 1065.450200][   T11] team0 (unregistering): Port device team_slave_0 removed
[ 1065.740732][T15558] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1066.394153][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1066.732513][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1066.976749][T15568] loop5: detected capacity change from 0 to 512
[ 1067.049659][T15568] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1067.105108][T15568] EXT4-fs (loop5): invalid journal inode
[ 1067.214974][T15568] EXT4-fs (loop5): can't get journal size
[ 1067.261386][T15568] EXT4-fs (loop5): 1 truncate cleaned up
[ 1067.380800][T15568] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1067.697363][T15581] loop6: detected capacity change from 0 to 16
[ 1067.711089][T15581] erofs (device loop6): mounted with root inode @ nid 36.
[ 1067.759690][T15581] syz.6.2816: attempt to access beyond end of device
[ 1067.759690][T15581] loop6: rw=0, sector=296, nr_sectors = 8 limit=16
[ 1067.793589][T15581] erofs (device loop6): read error -5 @ 72 of nid 36
[ 1067.811181][T15582] syz.6.2816: attempt to access beyond end of device
[ 1067.811181][T15582] loop6: rw=0, sector=296, nr_sectors = 8 limit=16
[ 1067.812707][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1067.825094][T15582] erofs (device loop6): read error -5 @ 72 of nid 36
[ 1068.990400][T15595] loop5: detected capacity change from 0 to 2048
[ 1069.098655][ T5833] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 1069.184686][T15595] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1069.589762][ T5833] usb 2-1: Using ep0 maxpacket: 8
[ 1069.617381][ T5833] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1069.626372][ T5833] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1069.680218][ T5833] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1069.711024][ T5833] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1069.768530][ T5833] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1069.798638][ T5833] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1069.828776][ T5833] usb 2-1: Product: syz
[ 1069.853478][ T5833] usb 2-1: Manufacturer: syz
[ 1069.879051][ T5833] usb 2-1: SerialNumber: syz
[ 1070.154378][ T5833] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[ 1070.194938][ T5833] cdc_ncm 2-1:1.0: bind() failure
[ 1070.238349][ T5833] usb 2-1: USB disconnect, device number 10
[ 1070.792487][T15636] loop6: detected capacity change from 0 to 128
[ 1070.914182][T15189] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1070.952234][T15189] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1071.002372][T15189] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1071.044185][T15636] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1071.116964][T15189] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1071.160295][T15636] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1071.321307][T15646] loop1: detected capacity change from 0 to 512
[ 1071.369014][T15646] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1071.383892][T15646] ext4 filesystem being mounted at /574/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1071.456346][T15189] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1071.473331][T15189] 8021q: adding VLAN 0 to HW filter on device team0
[ 1071.504438][T15189] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1071.514860][T15189] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1071.539154][T11124] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1071.546346][T11124] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1071.555275][T11124] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1071.562410][T11124] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1071.588345][T13177] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1071.858630][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1072.123963][T15189] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1072.200895][T15189] veth0_vlan: entered promiscuous mode
[ 1072.218533][T15189] veth1_vlan: entered promiscuous mode
[ 1072.245345][T15189] veth0_macvtap: entered promiscuous mode
[ 1072.254518][T15189] veth1_macvtap: entered promiscuous mode
[ 1072.270055][T15189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.281094][T15189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.291044][T15189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.301933][T15189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.312140][T15189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.322759][T15189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.332915][T15189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1072.343684][T15189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.357819][T15189] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1072.384576][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1072.398799][T15189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.409505][T15189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.420170][T15189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.431594][T15189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.457216][T15189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.468386][T15189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.484341][T15189] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1072.499366][T15189] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1072.513430][T15189] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1072.523791][T15189] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1072.532656][T15189] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1072.541420][T15189] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1072.558735][T15189] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1074.538512][ T6583] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1074.597348][ T6583] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1074.611166][T15703] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.2847' sets config #8388608
[ 1074.736967][T15708] bridge1: entered promiscuous mode
[ 1074.749684][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1074.774904][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1074.992568][T15719] loop0: detected capacity change from 0 to 2048
[ 1075.112789][T15719] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1078.261926][T15759] loop6: detected capacity change from 0 to 1764
[ 1078.807480][T15775] loop5: detected capacity change from 0 to 256
[ 1078.880189][T15775] FAT-fs (loop5): Directory bread(block 64) failed
[ 1078.903635][T15775] FAT-fs (loop5): Directory bread(block 65) failed
[ 1078.910346][T15775] FAT-fs (loop5): Directory bread(block 66) failed
[ 1078.939771][T15775] FAT-fs (loop5): Directory bread(block 67) failed
[ 1078.947181][T15775] FAT-fs (loop5): Directory bread(block 68) failed
[ 1078.961300][T15775] FAT-fs (loop5): Directory bread(block 69) failed
[ 1079.001697][T15775] FAT-fs (loop5): Directory bread(block 70) failed
[ 1079.072653][T15775] FAT-fs (loop5): Directory bread(block 71) failed
[ 1079.088008][T15775] FAT-fs (loop5): Directory bread(block 72) failed
[ 1079.094694][T15775] FAT-fs (loop5): Directory bread(block 73) failed
[ 1079.095743][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1081.014354][T15775] syz.5.2865: attempt to access beyond end of device
[ 1081.014354][T15775] loop5: rw=524288, sector=1768, nr_sectors = 4 limit=256
[ 1081.058565][T15775] syz.5.2865: attempt to access beyond end of device
[ 1081.058565][T15775] loop5: rw=0, sector=1768, nr_sectors = 4 limit=256
[ 1081.293116][   T30] audit: type=1800 audit(1736376006.965:86): pid=15775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2865" name="file1" dev="loop5" ino=1048686 res=0 errno=0
[ 1081.443346][T15794] syz.5.2865: attempt to access beyond end of device
[ 1081.443346][T15794] loop5: rw=0, sector=1768, nr_sectors = 4 limit=256
[ 1081.521071][   T30] audit: type=1800 audit(1736376007.215:87): pid=15794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2865" name="file1" dev="loop5" ino=1048686 res=0 errno=0
[ 1081.919802][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1081.931073][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1081.939467][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1081.948730][ T5834] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1081.956558][ T5834] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1081.964490][ T5834] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1083.206214][T15836] loop1: detected capacity change from 0 to 512
[ 1083.282529][T15836] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1083.354739][T15810] chnl_net:caif_netlink_parms(): no params data found
[ 1084.431007][   T54] Bluetooth: hci4: command tx timeout
[ 1084.513352][T15836] EXT4-fs (loop1): 1 orphan inode deleted
[ 1084.519160][T15836] EXT4-fs (loop1): 1 truncate cleaned up
[ 1084.554175][T15836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1084.586076][T15836] EXT4-fs (loop1): shut down requested (0)
[ 1085.064612][T15810] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1085.093095][T15810] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1085.100489][T15810] bridge_slave_0: entered allmulticast mode
[ 1085.109981][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1085.135077][T15810] bridge_slave_0: entered promiscuous mode
[ 1086.319726][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1086.399716][T15810] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1086.452806][T15879] loop1: detected capacity change from 0 to 1764
[ 1086.463320][T15810] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1086.470605][T15810] bridge_slave_1: entered allmulticast mode
[ 1086.484120][   T54] Bluetooth: hci4: command tx timeout
[ 1086.571407][T15810] bridge_slave_1: entered promiscuous mode
[ 1087.759553][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1087.903385][ T5917] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 1088.026128][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1088.075087][ T5917] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 62, changing to 9
[ 1088.099547][T15810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1088.113225][ T5917] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1088.162153][ T5917] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1088.175202][T15810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1088.193355][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1088.211790][ T5917] usb 2-1: Product: syz
[ 1088.217192][ T5917] usb 2-1: Manufacturer: syz
[ 1088.256139][ T5917] usb 2-1: SerialNumber: syz
[ 1088.334128][T15908] loop3: detected capacity change from 0 to 2048
[ 1088.366198][T15908] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1088.393721][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1088.564890][   T54] Bluetooth: hci4: command tx timeout
[ 1088.610306][T15810] team0: Port device team_slave_0 added
[ 1088.693723][T15810] team0: Port device team_slave_1 added
[ 1088.705425][T15901] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2897'.
[ 1089.892269][T15189] UDF-fs: error (device loop3): udf_read_inode: (ino 1317) failed !bh
[ 1089.931700][T15189] UDF-fs: error (device loop3): udf_read_inode: (ino 1317) failed !bh
[ 1090.291457][T15810] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1090.322224][T15810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1090.449103][T15810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1090.487212][   T12] bridge_slave_1: left allmulticast mode
[ 1090.528504][   T12] bridge_slave_1: left promiscuous mode
[ 1090.552806][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1090.587397][   T12] bridge_slave_0: left allmulticast mode
[ 1090.622835][   T12] bridge_slave_0: left promiscuous mode
[ 1090.647126][   T54] Bluetooth: hci4: command tx timeout
[ 1090.663820][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1090.664311][ T5917] cdc_ncm 2-1:1.0: bind() failure
[ 1090.680493][ T5917] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 1090.687458][ T5917] cdc_ncm 2-1:1.1: bind() failure
[ 1090.718122][ T5917] usb 2-1: USB disconnect, device number 11
[ 1092.439902][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1092.485529][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1092.509230][   T12] bond0 (unregistering): Released all slaves
[ 1092.633698][T15810] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1092.640698][T15810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1092.725392][T15810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1093.424336][T15810] hsr_slave_0: entered promiscuous mode
[ 1093.456107][T15810] hsr_slave_1: entered promiscuous mode
[ 1095.311894][   T12] hsr_slave_0: left promiscuous mode
[ 1095.324142][   T12] hsr_slave_1: left promiscuous mode
[ 1095.330268][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1095.406540][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1095.457535][T15974] loop6: detected capacity change from 0 to 2048
[ 1095.474448][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1095.526761][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1095.582323][T15974] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[ 1095.686612][T15818] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1095.697488][T15818] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1095.706326][T15818] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1095.715655][T15818] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1095.724829][T15818] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1095.734832][T15818] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1095.744431][   T12] veth1_macvtap: left promiscuous mode
[ 1095.750900][T15974] UDF-fs: Scanning with blocksize 512 failed
[ 1095.780057][T15974] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1095.795624][   T12] veth0_macvtap: left promiscuous mode
[ 1095.816518][   T12] veth1_vlan: left promiscuous mode
[ 1095.821796][   T12] veth0_vlan: left promiscuous mode
[ 1096.576454][   T12] pimreg (unregistering): left allmulticast mode
[ 1097.904052][ T5834] Bluetooth: hci2: command tx timeout
[ 1099.929050][ T5834] Bluetooth: hci2: command tx timeout
[ 1100.070241][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1100.312179][T16028] loop6: detected capacity change from 0 to 128
[ 1100.413931][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1102.136318][ T5834] Bluetooth: hci2: command tx timeout
[ 1102.566284][T16050] loop1: detected capacity change from 0 to 128
[ 1104.795055][   T54] Bluetooth: hci2: command tx timeout
[ 1106.466422][T16064] loop1: detected capacity change from 0 to 2048
[ 1106.650060][T16064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1107.263124][   T30] audit: type=1800 audit(1736376032.945:88): pid=16064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2945" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1107.435652][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1107.647345][T15983] chnl_net:caif_netlink_parms(): no params data found
[ 1108.597399][T16104] loop1: detected capacity change from 0 to 128
[ 1109.806201][T16104] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1110.073803][T16104] ext4 filesystem being mounted at /606/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1110.277818][T15983] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1110.302367][T15983] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1110.325194][T15983] bridge_slave_0: entered allmulticast mode
[ 1110.345458][T15983] bridge_slave_0: entered promiscuous mode
[ 1110.370656][ T5830] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1110.424366][T15983] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1110.431617][T15983] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1110.454793][T15983] bridge_slave_1: entered allmulticast mode
[ 1110.462148][T15983] bridge_slave_1: entered promiscuous mode
[ 1110.719495][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1110.747516][T16123] loop1: detected capacity change from 0 to 128
[ 1111.130224][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.229372][T15983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1111.274549][T15983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1111.677654][T15810] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1112.225819][T15810] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1112.681391][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.809355][T15810] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1112.849560][T16148] loop6: detected capacity change from 0 to 128
[ 1113.130402][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.213524][ T5833] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1113.246743][T16148] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1113.267072][T16148] ext4 filesystem being mounted at /146/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1113.308811][T15983] team0: Port device team_slave_0 added
[ 1113.376606][T15983] team0: Port device team_slave_1 added
[ 1113.415136][T15810] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1113.563437][T13177] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1113.649884][T15983] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1113.682832][T15983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1113.742706][T15983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1113.872566][T15983] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1113.879787][T15983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1113.906261][T15983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1113.942590][ T5833] usb 6-1: config 0 has an invalid interface number: 117 but max is 0
[ 1113.951016][ T5833] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1113.961266][ T5833] usb 6-1: config 0 has no interface number 0
[ 1113.968110][ T5833] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1113.978569][ T5833] usb 6-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1114.007392][ T5833] usb 6-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[ 1114.016702][ T5833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1114.026008][ T5833] usb 6-1: Product: syz
[ 1114.030225][ T5833] usb 6-1: Manufacturer: syz
[ 1114.035598][ T5833] usb 6-1: SerialNumber: syz
[ 1114.047416][T15983] hsr_slave_0: entered promiscuous mode
[ 1114.056913][ T5833] usb 6-1: config 0 descriptor??
[ 1114.080862][T16169] loop6: detected capacity change from 0 to 512
[ 1114.088604][T15983] hsr_slave_1: entered promiscuous mode
[ 1114.152224][T15983] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1114.178623][T15983] Cannot create hsr debugfs directory
[ 1114.339542][T16169] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.2978: invalid indirect mapped block 256 (level 2)
[ 1114.365223][T16169] EXT4-fs (loop6): Remounting filesystem read-only
[ 1114.377893][T16169] EXT4-fs (loop6): 2 truncates cleaned up
[ 1114.385499][T16169] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1114.480486][ T5833] usbtouchscreen 6-1:0.117: probe with driver usbtouchscreen failed with error -71
[ 1114.499639][ T5833] usb 6-1: USB disconnect, device number 6
[ 1114.527703][   T12] bridge_slave_1: left allmulticast mode
[ 1114.547987][   T12] bridge_slave_1: left promiscuous mode
[ 1114.568028][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1114.600626][   T12] bridge_slave_0: left allmulticast mode
[ 1114.611562][   T12] bridge_slave_0: left promiscuous mode
[ 1114.622776][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1115.153437][T16188] loop5: detected capacity change from 0 to 128
[ 1115.616872][T16195] loop1: detected capacity change from 0 to 256
[ 1115.631642][T16195] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1115.820207][T16195] FAT-fs (loop1): Directory bread(block 64) failed
[ 1115.827003][T16195] FAT-fs (loop1): Directory bread(block 65) failed
[ 1115.834040][T16195] FAT-fs (loop1): Directory bread(block 66) failed
[ 1115.840706][T16195] FAT-fs (loop1): Directory bread(block 67) failed
[ 1115.847730][T16195] FAT-fs (loop1): Directory bread(block 68) failed
[ 1115.854476][T16195] FAT-fs (loop1): Directory bread(block 69) failed
[ 1115.861557][T16195] FAT-fs (loop1): Directory bread(block 70) failed
[ 1115.868395][T16195] FAT-fs (loop1): Directory bread(block 71) failed
[ 1115.875560][T16195] FAT-fs (loop1): Directory bread(block 72) failed
[ 1115.882224][T16195] FAT-fs (loop1): Directory bread(block 73) failed
[ 1116.344445][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.721883][T16200] loop5: detected capacity change from 0 to 256
[ 1117.852096][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1117.983811][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1118.023569][   T12] bond0 (unregistering): Released all slaves
[ 1118.070972][T16223] loop1: detected capacity change from 0 to 512
[ 1118.139671][T15810] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1118.227458][T16223] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1118.234389][T16200] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x809ea061, utbl_chksum : 0x7319d30d)
[ 1118.277914][T16223] ext4 filesystem being mounted at /620/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1118.300602][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1118.511359][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1118.690283][T16236] loop6: detected capacity change from 0 to 2048
[ 1118.691545][T15810] 8021q: adding VLAN 0 to HW filter on device team0
[ 1118.763231][T16236] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[ 1118.781331][T16236] UDF-fs: Scanning with blocksize 512 failed
[ 1118.804654][T16236] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1118.908150][T15878] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.915360][T15878] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1119.100385][   T12] hsr_slave_0: left promiscuous mode
[ 1119.114462][   T12] hsr_slave_1: left promiscuous mode
[ 1119.125228][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1119.132859][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1119.154172][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1119.161997][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1119.198160][   T12] veth1_macvtap: left promiscuous mode
[ 1119.205066][   T12] veth0_macvtap: left promiscuous mode
[ 1119.210967][   T12] veth1_vlan: left promiscuous mode
[ 1119.218007][   T12] veth0_vlan: left promiscuous mode
[ 1119.919220][T16254] loop6: detected capacity change from 0 to 256
[ 1119.933109][T16254] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1120.440574][T16254] FAT-fs (loop6): Directory bread(block 64) failed
[ 1120.447391][T16254] FAT-fs (loop6): Directory bread(block 65) failed
[ 1120.454536][T16254] FAT-fs (loop6): Directory bread(block 66) failed
[ 1120.461212][T16254] FAT-fs (loop6): Directory bread(block 67) failed
[ 1120.468214][T16254] FAT-fs (loop6): Directory bread(block 68) failed
[ 1120.475063][T16254] FAT-fs (loop6): Directory bread(block 69) failed
[ 1120.482247][T16254] FAT-fs (loop6): Directory bread(block 70) failed
[ 1120.489191][T16254] FAT-fs (loop6): Directory bread(block 71) failed
[ 1120.496256][T16254] FAT-fs (loop6): Directory bread(block 72) failed
[ 1120.502955][T16254] FAT-fs (loop6): Directory bread(block 73) failed
[ 1121.015573][T16262] loop5: detected capacity change from 0 to 128
[ 1121.044956][T16262] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1121.095405][T16262] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1121.152562][   T30] audit: type=1800 audit(1736376046.845:89): pid=16262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2990" name="file1" dev="loop5" ino=104 res=0 errno=0
[ 1121.238439][T16266] loop1: detected capacity change from 0 to 4096
[ 1121.335836][T16266] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1121.445597][T16270] loop5: detected capacity change from 0 to 2048
[ 1121.452929][T16270] udf: Unknown parameter ''
[ 1121.686554][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1121.798687][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1122.063780][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1122.085204][T16278] loop6: detected capacity change from 0 to 512
[ 1122.092287][T16278] EXT4-fs: Ignoring removed oldalloc option
[ 1122.181508][T16278] EXT4-fs error (device loop6): ext4_xattr_inode_iget:436: comm syz.6.2996: Parent and EA inode have the same ino 15
[ 1122.202051][T16278] EXT4-fs error (device loop6): ext4_xattr_inode_iget:436: comm syz.6.2996: Parent and EA inode have the same ino 15
[ 1122.216858][T16278] EXT4-fs (loop6): 1 orphan inode deleted
[ 1122.224214][T16278] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1122.287046][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1122.730713][T16299] loop1: detected capacity change from 0 to 1024
[ 1122.829690][   T62] hfsplus: b-tree write err: -5, ino 4
[ 1122.958755][T16303] loop5: detected capacity change from 0 to 256
[ 1122.970099][T16303] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1123.200815][T16303] FAT-fs (loop5): Directory bread(block 64) failed
[ 1123.207721][T16303] FAT-fs (loop5): Directory bread(block 65) failed
[ 1123.214851][T16303] FAT-fs (loop5): Directory bread(block 66) failed
[ 1123.221528][T16303] FAT-fs (loop5): Directory bread(block 67) failed
[ 1123.228546][T16303] FAT-fs (loop5): Directory bread(block 68) failed
[ 1123.235405][T16303] FAT-fs (loop5): Directory bread(block 69) failed
[ 1123.242398][T16303] FAT-fs (loop5): Directory bread(block 70) failed
[ 1123.249387][T16303] FAT-fs (loop5): Directory bread(block 71) failed
[ 1123.256438][T16303] FAT-fs (loop5): Directory bread(block 72) failed
[ 1123.263078][T16303] FAT-fs (loop5): Directory bread(block 73) failed
[ 1123.918627][T16311] loop1: detected capacity change from 0 to 1024
[ 1123.945975][T16311] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1124.058428][T16311] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1124.173248][   T30] audit: type=1800 audit(1736376049.865:90): pid=16317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3006" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1124.337414][T16311] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[ 1124.526420][T16311] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 1124.526420][T16311] 
[ 1124.701654][T16311] EXT4-fs (loop1): Total free blocks count 0
[ 1124.766478][T16311] EXT4-fs (loop1): Free/Dirty block details
[ 1124.778811][T16311] EXT4-fs (loop1): free_blocks=68451041280
[ 1124.785091][T16311] EXT4-fs (loop1): dirty_blocks=16
[ 1124.790253][T16311] EXT4-fs (loop1): Block reservation details
[ 1124.793776][ T6583] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1124.796912][T16311] EXT4-fs (loop1): i_reserved_data_blocks=1
[ 1124.803445][ T6583] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1124.878064][T15983] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1124.916055][T15983] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1124.940378][T15983] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1124.962058][T15983] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1125.035636][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1125.351982][T15983] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1125.493748][T15983] 8021q: adding VLAN 0 to HW filter on device team0
[ 1125.544606][T15878] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1125.551780][T15878] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1125.656368][T15878] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1125.663567][T15878] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1125.985242][T15810] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1126.371235][T15810] veth0_vlan: entered promiscuous mode
[ 1127.191555][T15810] veth1_vlan: entered promiscuous mode
[ 1127.266462][T15810] veth0_macvtap: entered promiscuous mode
[ 1127.274964][T15810] veth1_macvtap: entered promiscuous mode
[ 1127.488530][T15810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1127.533237][T15810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1127.577076][T15810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1127.597418][T15810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1127.616910][T15810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1127.641880][T15810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1127.668692][T15810] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1127.732953][T15810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1127.744542][T15810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1127.758000][T15810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1127.777707][T15810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1127.789451][T15810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1127.801518][T15810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1127.819846][T15810] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1127.847081][T15983] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1127.870615][T15810] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1127.882917][T15810] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1127.911111][T15810] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1127.931399][T15810] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.118918][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1128.156503][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1128.198154][T15878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1128.208551][T15878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1128.656816][T15983] veth0_vlan: entered promiscuous mode
[ 1128.702344][T15983] veth1_vlan: entered promiscuous mode
[ 1128.831305][T15983] veth0_macvtap: entered promiscuous mode
[ 1128.879851][T15983] veth1_macvtap: entered promiscuous mode
[ 1129.134125][T15983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1129.147110][T15983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1129.172441][T15983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1129.188304][T15983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1129.200664][T15983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1129.301821][T16389] loop0: detected capacity change from 0 to 256
[ 1129.312766][T16389] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1129.484566][T16389] FAT-fs (loop0): Directory bread(block 64) failed
[ 1129.491561][T16389] FAT-fs (loop0): Directory bread(block 65) failed
[ 1129.498860][T16389] FAT-fs (loop0): Directory bread(block 66) failed
[ 1129.505602][T16389] FAT-fs (loop0): Directory bread(block 67) failed
[ 1129.512564][T16389] FAT-fs (loop0): Directory bread(block 68) failed
[ 1129.519346][T16389] FAT-fs (loop0): Directory bread(block 69) failed
[ 1129.526888][T16389] FAT-fs (loop0): Directory bread(block 70) failed
[ 1129.533602][T16389] FAT-fs (loop0): Directory bread(block 71) failed
[ 1129.540704][T16389] FAT-fs (loop0): Directory bread(block 72) failed
[ 1129.547700][T16389] FAT-fs (loop0): Directory bread(block 73) failed
[ 1129.991432][T15983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.095393][T15983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1130.143263][T15983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.168158][T15983] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1130.429969][T15983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1130.493442][T15983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.506058][T15983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1130.523326][T15983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.535337][T15983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1130.553511][T15983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.564225][T15983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1130.585548][T15983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1130.627964][T15983] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1130.670095][T15983] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.703498][T13553] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1130.732436][T15983] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.763733][T15983] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.802161][T15983] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.877484][T13553] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1130.896986][T13553] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1130.935788][T13553] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1130.958773][T13553] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1131.032229][T13553] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.069958][T13553] usb 1-1: config 0 descriptor??
[ 1131.129632][T11122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1131.159233][T11122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1131.263255][ T6583] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1131.277285][ T6583] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1131.429825][T16416] loop1: detected capacity change from 0 to 512
[ 1131.513422][T13553] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x2
[ 1131.522439][T16416] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1131.537635][T13553] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[ 1131.555281][T13553] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1131.673255][T16416] ext4 filesystem being mounted at /640/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1131.976091][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1132.948391][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1132.959358][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1132.969779][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1132.977996][ T5834] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1132.987341][ T5834] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1132.994711][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1133.048177][T16449] loop7: detected capacity change from 0 to 1024
[ 1133.090074][ T5833] usb 1-1: reset high-speed USB device number 9 using dummy_hcd
[ 1133.217936][T16449] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1133.280699][T16449] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1133.330134][T16449] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[ 1133.368850][   T30] audit: type=1800 audit(1736376059.065:91): pid=16459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3031" name="file2" dev="loop7" ino=16 res=0 errno=0
[ 1133.372186][T15878] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1133.414430][T16449] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1133.414430][T16449] 
[ 1133.424589][T16449] EXT4-fs (loop7): Total free blocks count 0
[ 1133.431379][T16449] EXT4-fs (loop7): Free/Dirty block details
[ 1133.439975][T16449] EXT4-fs (loop7): free_blocks=68451041280
[ 1133.452342][T16449] EXT4-fs (loop7): dirty_blocks=16
[ 1133.462321][T16449] EXT4-fs (loop7): Block reservation details
[ 1133.477924][T16449] EXT4-fs (loop7): i_reserved_data_blocks=1
[ 1133.547689][T15878] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1133.586568][T15983] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.594914][T15878] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.043249][ T5834] Bluetooth: hci0: command tx timeout
[ 1135.129720][T13553] usb 1-1: USB disconnect, device number 9
[ 1135.202244][T15878] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.451331][T16479] loop7: detected capacity change from 0 to 8192
[ 1135.646278][T16444] chnl_net:caif_netlink_parms(): no params data found
[ 1135.817183][T16479] process 'syz.7.3037' launched './file1' with NULL argv: empty string added
[ 1135.914579][T13553] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1136.093165][T13553] usb 1-1: Using ep0 maxpacket: 16
[ 1136.100007][T13553] usb 1-1: config 0 has an invalid interface number: 29 but max is 0
[ 1136.108813][T13553] usb 1-1: config 0 has no interface number 0
[ 1136.115470][T13553] usb 1-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16
[ 1136.125931][T13553] usb 1-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024
[ 1136.153166][T13553] usb 1-1: config 0 interface 29 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1136.165304][T13553] usb 1-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0
[ 1136.218548][T13553] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1136.275466][T13553] usb 1-1: Product: syz
[ 1136.321679][T13553] usb 1-1: Manufacturer: syz
[ 1136.336830][T13553] usb 1-1: SerialNumber: syz
[ 1136.421564][T13553] usb 1-1: config 0 descriptor??
[ 1136.445094][T16495] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1136.464351][T16495] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1136.468201][T16511] loop6: detected capacity change from 0 to 1024
[ 1136.483743][T16444] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1136.490887][T16444] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1136.507821][T16444] bridge_slave_0: entered allmulticast mode
[ 1136.517509][T16444] bridge_slave_0: entered promiscuous mode
[ 1136.532233][T16444] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1136.540032][T16444] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1136.554216][T16444] bridge_slave_1: entered allmulticast mode
[ 1136.561810][T16444] bridge_slave_1: entered promiscuous mode
[ 1136.617133][T16511] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1136.703794][T15878] bridge_slave_1: left allmulticast mode
[ 1136.715103][T15878] bridge_slave_1: left promiscuous mode
[ 1136.723318][T15878] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1136.738204][T16511] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1136.758723][T16511] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[ 1136.772728][   T30] audit: type=1800 audit(1736376062.475:92): pid=16519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3043" name="file2" dev="loop6" ino=16 res=0 errno=0
[ 1136.795577][T15878] bridge_slave_0: left allmulticast mode
[ 1136.801235][T15878] bridge_slave_0: left promiscuous mode
[ 1136.828320][T16511] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1136.828320][T16511] 
[ 1136.865931][T15878] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1136.952540][T16511] EXT4-fs (loop6): Total free blocks count 0
[ 1136.999986][T16511] EXT4-fs (loop6): Free/Dirty block details
[ 1137.123235][ T5834] Bluetooth: hci0: command tx timeout
[ 1138.227483][T16511] EXT4-fs (loop6): free_blocks=68451041280
[ 1138.633333][T16511] EXT4-fs (loop6): dirty_blocks=16
[ 1138.638530][T16511] EXT4-fs (loop6): Block reservation details
[ 1138.646245][T16511] EXT4-fs (loop6): i_reserved_data_blocks=1
[ 1138.869107][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1138.956786][ T5917] usb 1-1: USB disconnect, device number 10
[ 1139.213541][ T5834] Bluetooth: hci0: command tx timeout
[ 1139.396808][T16550] loop6: detected capacity change from 0 to 512
[ 1139.476088][T16550] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1139.554335][T16550] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1140.420870][T16561] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[ 1140.510811][T16563] loop7: detected capacity change from 0 to 736
[ 1140.586547][T16563] ISOFS: unable to read i-node block
[ 1140.741788][T16565] loop7: detected capacity change from 0 to 128
[ 1140.759857][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1140.984457][T16565] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1141.030275][T16565] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1141.283174][ T5834] Bluetooth: hci0: command tx timeout
[ 1141.303112][ T5916] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1141.400410][T15878] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1141.434722][T15878] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1141.479018][T15878] bond0 (unregistering): Released all slaves
[ 1141.496020][ T5916] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1141.508701][ T5916] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[ 1141.519724][ T5916] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1141.528585][ T5916] usb 1-1: Product: syz
[ 1141.553430][ T5916] usb 1-1: Manufacturer: syz
[ 1141.557739][T16444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1141.590194][ T5916] usb 1-1: SerialNumber: syz
[ 1141.603644][ T5916] usb 1-1: config 0 descriptor??
[ 1141.613666][ T5916] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1141.731352][T16578] syz_tun: entered allmulticast mode
[ 1141.748827][T16444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1141.846496][ T5916] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 1141.864065][T15983] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1141.875811][T16579] syz_tun: left allmulticast mode
[ 1142.024047][T15591] udevd[15591]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1142.054217][T13616] usb 1-1: USB disconnect, device number 11
[ 1142.124191][T16444] team0: Port device team_slave_0 added
[ 1142.205835][T16444] team0: Port device team_slave_1 added
[ 1142.247880][T16444] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1142.258168][T16444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1142.296366][T16444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1142.333401][T15878] hsr_slave_0: left promiscuous mode
[ 1142.339645][T15878] hsr_slave_1: left promiscuous mode
[ 1142.350046][T15878] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1142.411974][T15878] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1142.437296][T15878] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1142.500404][T15878] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1142.584289][T15878] veth1_macvtap: left promiscuous mode
[ 1142.590346][T15878] veth0_macvtap: left promiscuous mode
[ 1142.609218][T15878] veth1_vlan: left promiscuous mode
[ 1142.620258][T15878] veth0_vlan: left promiscuous mode
[ 1142.820428][T16593] loop7: detected capacity change from 0 to 512
[ 1142.899756][T16593] ext4: Bad value for 'debug_want_extra_isize'
[ 1142.988521][T16595] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1143.117011][T15878] pimreg (unregistering): left allmulticast mode
[ 1143.412248][T16602] loop6: detected capacity change from 0 to 512
[ 1143.449542][T16602] EXT4-fs: Ignoring removed bh option
[ 1143.479306][T16602] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[ 1143.524809][T16602] EXT4-fs (loop6): 1 truncate cleaned up
[ 1143.575139][T16602] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1143.866602][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1144.893731][T15878] team0 (unregistering): Port device team_slave_1 removed
[ 1144.985859][T15878] team0 (unregistering): Port device team_slave_0 removed
[ 1146.263610][T16444] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1146.293226][T16444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1146.370058][T16444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1146.794288][T16636] loop6: detected capacity change from 0 to 1024
[ 1146.839197][T16444] hsr_slave_0: entered promiscuous mode
[ 1146.892763][T16636] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1146.984942][T16444] hsr_slave_1: entered promiscuous mode
[ 1146.994740][T16444] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1147.013278][T16444] Cannot create hsr debugfs directory
[ 1147.281175][T16649] EXT4-fs (loop6): shut down requested (0)
[ 1147.621764][T11124] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1147.714991][T11124] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1608 with error 28
[ 1147.785635][T11124] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1147.785635][T11124] 
[ 1147.831838][T11124] EXT4-fs (loop6): Total free blocks count 0
[ 1147.866060][T11124] EXT4-fs (loop6): Free/Dirty block details
[ 1147.922817][T11124] EXT4-fs (loop6): free_blocks=68451041280
[ 1147.937384][T11124] EXT4-fs (loop6): dirty_blocks=1616
[ 1147.980077][T11124] EXT4-fs (loop6): Block reservation details
[ 1148.003298][T11124] EXT4-fs (loop6): i_reserved_data_blocks=101
[ 1148.187843][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1148.209672][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1148.221702][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1148.240190][T15878] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1148.273327][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1148.339058][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1148.464984][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1148.606477][T16662] loop0: detected capacity change from 0 to 1024
[ 1148.618618][T15878] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1148.920628][T15878] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1149.213605][T15878] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1150.167076][T15878] bridge_slave_1: left allmulticast mode
[ 1150.176908][T15878] bridge_slave_1: left promiscuous mode
[ 1150.190934][T15878] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1150.219414][T15878] bridge_slave_0: left allmulticast mode
[ 1150.230776][T15878] bridge_slave_0: left promiscuous mode
[ 1150.239367][T15878] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1150.279592][T16694] loop0: detected capacity change from 0 to 512
[ 1150.356274][T16694] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1150.442140][T16694] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1150.567462][T16698] loop5: detected capacity change from 0 to 128
[ 1150.574539][   T54] Bluetooth: hci2: command tx timeout
[ 1150.680961][T16694] EXT4-fs error (device loop0): ext4_empty_dir:3094: inode #12: comm syz.0.3088: invalid size
[ 1150.711520][T16694] EXT4-fs (loop0): Remounting filesystem read-only
[ 1150.964541][T15810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1150.975992][ T6583] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1150.993694][ T6583] Quota error (device loop0): write_blk: dquota write failed
[ 1151.040762][ T6583] Quota error (device loop0): free_dqentry: Can't write quota data block 5
[ 1151.050540][ T6583] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1151.061440][ T6583] Quota error (device loop0): write_blk: dquota write failed
[ 1151.091722][ T6583] Quota error (device loop0): free_dqentry: Can't write quota data block 5
[ 1151.252242][T16702] loop5: detected capacity change from 0 to 128
[ 1151.265163][T16702] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1151.323478][T16702] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1151.418656][T16702] UDF-fs: error (device loop5): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[ 1151.869235][T15878] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1151.881711][T15878] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1151.893183][T15878] bond0 (unregistering): Released all slaves
[ 1151.911633][T16657] chnl_net:caif_netlink_parms(): no params data found
[ 1152.047922][T16444] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1152.084776][T16444] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1152.686438][   T54] Bluetooth: hci2: command tx timeout
[ 1153.000904][T16444] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1153.220313][T16444] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1153.282026][T16657] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1153.315966][T16657] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1153.334254][T16657] bridge_slave_0: entered allmulticast mode
[ 1153.341613][T16657] bridge_slave_0: entered promiscuous mode
[ 1153.368716][T16657] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1153.393262][T16657] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1153.420381][T16657] bridge_slave_1: entered allmulticast mode
[ 1153.430787][T16657] bridge_slave_1: entered promiscuous mode
[ 1153.953273][T14109] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1154.046051][T16657] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1154.123271][T14109] usb 7-1: Using ep0 maxpacket: 32
[ 1154.136643][T16657] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1154.180860][T14109] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 26232, setting to 64
[ 1154.231037][T14109] usb 7-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb
[ 1154.241325][T15878] hsr_slave_0: left promiscuous mode
[ 1154.250286][T14109] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1154.267958][T15878] hsr_slave_1: left promiscuous mode
[ 1154.283163][T14109] usb 7-1: Product: syz
[ 1154.293106][T15878] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1154.310836][T14109] usb 7-1: Manufacturer: syz
[ 1154.315910][T15878] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1154.333022][T14109] usb 7-1: SerialNumber: syz
[ 1154.345742][T14109] usb 7-1: config 0 descriptor??
[ 1154.361114][T15878] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1154.378940][T15878] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1154.435362][T15878] veth1_macvtap: left promiscuous mode
[ 1154.460556][T15878] veth0_macvtap: left promiscuous mode
[ 1154.510578][T15878] veth1_vlan: left promiscuous mode
[ 1154.540937][T15878] veth0_vlan: left promiscuous mode
[ 1154.604700][T14109] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input16
[ 1154.733202][   T54] Bluetooth: hci2: command tx timeout
[ 1154.787343][T14109] usb 7-1: USB disconnect, device number 4
[ 1155.928070][T15878] team0 (unregistering): Port device team_slave_1 removed
[ 1156.021661][T15878] team0 (unregistering): Port device team_slave_0 removed
[ 1156.803306][   T54] Bluetooth: hci2: command tx timeout
[ 1156.945271][T16657] team0: Port device team_slave_0 added
[ 1157.083262][T16657] team0: Port device team_slave_1 added
[ 1157.117708][T16444] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1157.346638][T16657] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1157.372763][T16657] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1157.423513][T16657] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1157.437259][T16657] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1157.456349][T16657] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1157.517845][T16769] loop6: detected capacity change from 0 to 2048
[ 1157.535910][T16657] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1157.566699][T16769] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[ 1157.629483][T16769] UDF-fs: Scanning with blocksize 512 failed
[ 1157.667184][T16769] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1157.681953][T16657] hsr_slave_0: entered promiscuous mode
[ 1157.690579][T16657] hsr_slave_1: entered promiscuous mode
[ 1157.715523][T16657] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1157.727500][T16657] Cannot create hsr debugfs directory
[ 1157.860548][T16444] 8021q: adding VLAN 0 to HW filter on device team0
[ 1158.026587][T11122] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.033791][T11122] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1158.057010][T13177] UDF-fs: warning (device loop6): udf_evict_inode: Inode 830 (mode 100000) has inode size 134745186 different from extent length 134746112. Filesystem need not be standards compliant.
[ 1158.118167][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.125386][  T287] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1158.510657][T16657] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1158.544226][T16657] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1158.651265][T16657] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1158.719681][T16657] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1159.019291][T16444] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1159.082099][T16657] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1159.176265][T16657] 8021q: adding VLAN 0 to HW filter on device team0
[ 1159.344240][  T287] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1159.351365][  T287] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1159.391168][T16814] loop5: detected capacity change from 0 to 1024
[ 1159.399655][  T287] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1159.406843][  T287] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1159.432569][T16814] EXT4-fs: Ignoring removed orlov option
[ 1159.439339][T16814] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1159.546294][T16814] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002]
[ 1159.586064][T16814] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1159.586240][T16444] veth0_vlan: entered promiscuous mode
[ 1159.610147][T16444] veth1_vlan: entered promiscuous mode
[ 1159.682895][T16657] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1159.709937][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1159.713247][T16657] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1159.836809][T16444] veth0_macvtap: entered promiscuous mode
[ 1159.938568][T16444] veth1_macvtap: entered promiscuous mode
[ 1160.163660][T16833] loop0: detected capacity change from 0 to 256
[ 1160.174265][T16833] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1160.218507][T16444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1160.461158][T16833] FAT-fs (loop0): Directory bread(block 64) failed
[ 1160.468119][T16833] FAT-fs (loop0): Directory bread(block 65) failed
[ 1160.475188][T16833] FAT-fs (loop0): Directory bread(block 66) failed
[ 1160.481856][T16833] FAT-fs (loop0): Directory bread(block 67) failed
[ 1160.488905][T16833] FAT-fs (loop0): Directory bread(block 68) failed
[ 1160.495602][T16833] FAT-fs (loop0): Directory bread(block 69) failed
[ 1160.502598][T16833] FAT-fs (loop0): Directory bread(block 70) failed
[ 1160.509349][T16833] FAT-fs (loop0): Directory bread(block 71) failed
[ 1160.516372][T16833] FAT-fs (loop0): Directory bread(block 72) failed
[ 1160.523031][T16833] FAT-fs (loop0): Directory bread(block 73) failed
[ 1160.716844][T16444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1160.839818][T16444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1160.959449][T16444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.004685][T16444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1161.036109][T16444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.061442][T16444] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1162.235142][T16444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1162.283043][T16444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.293883][T16444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1162.305168][T16444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.316413][T16444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1162.327211][T16444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1162.357867][T16444] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1162.495403][T16444] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1162.506167][T16444] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1162.515370][T16444] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1162.524693][T16444] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1162.615317][T16861] loop5: detected capacity change from 0 to 256
[ 1162.702447][T16657] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1162.796659][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1162.804125][T16861] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[ 1162.841153][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1162.919316][T16861] FAT-fs (loop5): Filesystem has been set read-only
[ 1162.948596][T16861] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[ 1162.962051][T16861] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[ 1162.983150][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1162.991504][   T30] audit: type=1800 audit(1736376088.675:93): pid=16861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3130" name="file1" dev="loop5" ino=1048702 res=0 errno=0
[ 1163.011914][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1164.538534][T16657] veth0_vlan: entered promiscuous mode
[ 1164.544249][ T1162] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1164.567849][T16657] veth1_vlan: entered promiscuous mode
[ 1164.705634][ T1162] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1164.803311][ T1162] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1164.805780][T16657] veth0_macvtap: entered promiscuous mode
[ 1164.824289][ T1162] usb 2-1: config 0 descriptor??
[ 1164.848099][ T1162] cp210x 2-1:0.0: cp210x converter detected
[ 1164.890682][T16896] loop0: detected capacity change from 0 to 128
[ 1164.917316][T16657] veth1_macvtap: entered promiscuous mode
[ 1164.931405][T16896] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1164.970997][T16896] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1165.069716][T16657] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1165.082810][T16896] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[ 1165.110371][T16657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1165.124413][T16657] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1165.150719][T16657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1165.178702][T16657] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1165.238564][T16657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1165.253919][ T1162] usb 2-1: cp210x converter now attached to ttyUSB0
[ 1165.272261][T16657] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1165.283434][ T5833] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1165.307533][T16657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1165.360492][T16657] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1165.434332][T16657] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1165.445149][ T5916] usb 2-1: USB disconnect, device number 12
[ 1165.445148][ T5833] usb 6-1: Using ep0 maxpacket: 8
[ 1165.454090][ T5916] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1165.468885][T16657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1165.482283][ T5833] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1165.501606][T16657] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1165.513441][ T5833] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1165.558731][ T5833] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1165.569935][T16657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1165.590813][T16657] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1165.612660][T16657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1165.624064][ T5833] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1165.643274][ T5833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1165.656627][T16657] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1165.676843][ T5833] usb 6-1: Product: syz
[ 1165.682033][ T5833] usb 6-1: Manufacturer: syz
[ 1165.686832][T16657] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1165.702907][ T5833] usb 6-1: SerialNumber: syz
[ 1165.712006][T16657] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1165.752786][ T5916] cp210x 2-1:0.0: device disconnected
[ 1165.793752][T16657] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.808286][T16657] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.818075][T16657] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1165.831525][T16657] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1166.146473][ T5833] usb 6-1: 0:2 : does not exist
[ 1166.169086][ T6583] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1166.253268][ T6583] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1166.403920][T16913] loop0: detected capacity change from 0 to 2048
[ 1166.430992][ T5833] usb 6-1: USB disconnect, device number 7
[ 1166.471317][T15878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1166.507338][T15878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1166.610348][T16913] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1166.668477][T15591] udevd[15591]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1167.483151][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1167.651403][T16935] loop1: detected capacity change from 0 to 512
[ 1167.673909][    T9] usb 6-1: config 0 has an invalid interface number: 255 but max is 0
[ 1167.687397][    T9] usb 6-1: config 0 has no interface number 0
[ 1167.743441][    T9] usb 6-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[ 1167.773663][    T9] usb 6-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1167.797658][    T9] usb 6-1: config 0 interface 255 has no altsetting 0
[ 1167.804882][    T9] usb 6-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[ 1167.814003][T16935] EXT4-fs (loop1): 1 truncate cleaned up
[ 1167.814998][T16935] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1167.819954][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1167.844007][    T9] usb 6-1: config 0 descriptor??
[ 1168.192570][    T9] usb 6-1: string descriptor 0 read error: -71
[ 1168.306047][    T9] ums-realtek 6-1:0.255: USB Mass Storage device detected
[ 1168.586510][    T9] usb 6-1: USB disconnect, device number 8
[ 1168.948112][T16444] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1169.120475][T16968] loop8: detected capacity change from 0 to 2048
[ 1169.233928][T16968] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1169.271109][T16968] UDF-fs: Scanning with blocksize 512 failed
[ 1169.327176][T16968] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1171.170578][T17014] loop1: detected capacity change from 0 to 512
[ 1171.293047][T17014] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1171.493926][T17025] loop8: detected capacity change from 0 to 1024
[ 1171.501091][T17025] EXT4-fs: inline encryption not supported
[ 1171.516188][T17025] EXT4-fs: Ignoring removed i_version option
[ 1171.524190][T17025] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1171.566675][T17014] EXT4-fs (loop1): 1 truncate cleaned up
[ 1171.623143][ T5916] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1171.630002][T17014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1171.648580][T17025] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1171.688148][T17031] loop6: detected capacity change from 0 to 2048
[ 1171.873630][T17031] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[ 1171.882939][ T5916] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1171.898180][ T5916] usb 6-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[ 1171.907985][ T5916] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1171.930716][T16657] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1171.936821][ T5916] usb 6-1: Product: syz
[ 1171.953639][T17031] UDF-fs: Scanning with blocksize 512 failed
[ 1171.973849][ T5916] usb 6-1: Manufacturer: syz
[ 1171.978526][ T5916] usb 6-1: SerialNumber: syz
[ 1172.014377][ T5916] usb 6-1: config 0 descriptor??
[ 1172.040643][T17031] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1172.059643][ T5916] usb 6-1: Found UVC 0.00 device syz (18ec:3288)
[ 1172.103891][ T5916] usb 6-1: No valid video chain found.
[ 1172.225829][ T5916] usb 6-1: USB disconnect, device number 9
[ 1172.601879][T16444] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1174.665550][T17086] loop5: detected capacity change from 0 to 2048
[ 1174.891836][T17086] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1175.677121][T17102] loop6: detected capacity change from 0 to 2048
[ 1175.774156][T17105] loop1: detected capacity change from 0 to 1024
[ 1175.810243][T17102] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[ 1175.815996][   T30] audit: type=1800 audit(1736376101.505:94): pid=17107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3180" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1175.818437][T17102] UDF-fs: Scanning with blocksize 512 failed
[ 1175.881980][T17102] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1175.999405][T17105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1176.192157][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1176.633443][T16444] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1176.673102][ T1162] usb 6-1: new low-speed USB device number 10 using dummy_hcd
[ 1176.838937][ T1162] usb 6-1: config 1 interface 0 altsetting 7 endpoint 0x81 has invalid maxpacket 32, setting to 8
[ 1176.869170][ T1162] usb 6-1: config 1 interface 0 altsetting 7 endpoint 0x82 is Bulk; changing to Interrupt
[ 1176.943181][ T1162] usb 6-1: config 1 interface 0 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1176.989078][ T1162] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1177.022396][ T1162] usb 6-1: string descriptor 0 read error: -22
[ 1177.031105][ T1162] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1177.075916][ T1162] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1177.198250][T17115] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1177.243290][T17115] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1177.323235][T17115] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1177.689391][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.843452][ T1162] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[ 1177.878844][ T1162] usb 6-1: USB disconnect, device number 10
[ 1178.349608][T17145] loop5: detected capacity change from 0 to 256
[ 1178.715313][T17156] __vm_enough_memory: pid: 17156, comm: syz.6.3196, bytes: 21200632422400 not enough memory for the allocation
[ 1179.420621][T17163] loop6: detected capacity change from 0 to 2048
[ 1179.523387][T17163] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[ 1179.577336][T17163] UDF-fs: Scanning with blocksize 512 failed
[ 1179.773138][T17163] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1181.689441][T17199] loop8: detected capacity change from 0 to 2048
[ 1183.556612][T17199] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1183.593560][T17199] UDF-fs: Scanning with blocksize 512 failed
[ 1183.634948][T17199] UDF-fs: error (device loop8): udf_process_sequence: Primary Volume Descriptor not found!
[ 1183.678403][T17199] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1184.546021][T17221] loop1: detected capacity change from 0 to 2048
[ 1184.767293][T17221] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1184.780854][T17221] UDF-fs: Scanning with blocksize 512 failed
[ 1184.883229][ T5917] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1185.050976][T17221] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1185.069323][ T5917] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1185.132800][ T5917] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[ 1185.175812][ T5917] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1185.209322][ T5917] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1185.250491][ T5917] usb 6-1: Product: syz
[ 1185.260828][ T5917] usb 6-1: Manufacturer: syz
[ 1185.297779][ T5917] usb 6-1: SerialNumber: syz
[ 1185.306490][T17244] batadv_slave_1: entered promiscuous mode
[ 1185.318375][T17243] batadv_slave_1: left promiscuous mode
[ 1185.346661][ T5917] cdc_ncm 6-1:1.0: skipping garbage
[ 1185.551266][T17231] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1185.999442][T17260] loop0: detected capacity change from 0 to 1024
[ 1186.109149][T17260] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1186.297345][T17231] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1186.555996][T15810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1186.613186][ T5917] cdc_ncm 6-1:1.0: bind() failure
[ 1186.637645][ T5917] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1186.663120][ T5917] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1186.716051][ T5917] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1186.729337][ T5917] usb 6-1: USB disconnect, device number 11
[ 1188.513149][T17281] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[ 1188.520300][T17281] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1188.684211][T17281] vhci_hcd vhci_hcd.0: Device attached
[ 1188.794122][T17285] vhci_hcd: connection closed
[ 1188.811038][ T6049] vhci_hcd: stop threads
[ 1188.850697][ T6049] vhci_hcd: release socket
[ 1188.893240][ T5917] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[ 1188.909666][ T6049] vhci_hcd: disconnect device
[ 1189.478897][T17309] batadv_slave_1: entered promiscuous mode
[ 1189.491872][T17308] batadv_slave_1: left promiscuous mode
[ 1189.498583][T14109] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1189.673394][T14109] usb 7-1: Using ep0 maxpacket: 32
[ 1189.683032][T14109] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1189.731110][T14109] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1189.735182][T17317] loop1: detected capacity change from 0 to 8
[ 1189.763088][T14109] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1189.820375][T14109] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1190.027306][T14109] usb 7-1: config 0 descriptor??
[ 1190.065672][T17322] loop0: detected capacity change from 0 to 2048
[ 1190.144938][T17322] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[ 1190.206112][T17322] UDF-fs: Scanning with blocksize 512 failed
[ 1190.309395][T17322] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1191.255078][T14109] savu 0003:1E7D:2D5A.0005: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0
[ 1191.341690][ T5915] usb 7-1: USB disconnect, device number 5
[ 1191.694106][T17347] loop0: detected capacity change from 0 to 1024
[ 1191.720640][T17347] EXT4-fs: Ignoring removed orlov option
[ 1191.739504][T17347] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1191.759548][T17347] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[ 1191.943592][T17347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1191.973227][ T5915] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1192.126582][ T5915] usb 9-1: Using ep0 maxpacket: 32
[ 1192.175099][T17364] loop6: detected capacity change from 0 to 2048
[ 1192.179342][ T5915] usb 9-1: config 0 has an invalid interface number: 183 but max is 0
[ 1192.256542][ T5915] usb 9-1: config 0 has no interface number 0
[ 1192.296932][T17364] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1192.356992][ T5915] usb 9-1: config 0 interface 183 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 528
[ 1192.381485][T17347] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[ 1192.447077][T17364] syz.6.3243 (pid 17364) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[ 1192.572436][ T5915] usb 9-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=70.f8
[ 1192.582567][ T5915] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1192.590711][ T5915] usb 9-1: Product: syz
[ 1192.602852][ T5915] usb 9-1: Manufacturer: syz
[ 1192.613075][ T5915] usb 9-1: SerialNumber: syz
[ 1192.633825][ T5915] usb 9-1: config 0 descriptor??
[ 1192.668202][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1192.683479][T17351] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1192.862438][T15810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1193.292360][T17383] loop5: detected capacity change from 0 to 256
[ 1195.513413][T17351] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1196.042080][ T5915] net1080 9-1:0.183 usb0: register 'net1080' at usb-dummy_hcd.8-1, NetChip TurboCONNECT, 0e:0c:88:7a:1d:36
[ 1196.156813][T17383] exFAT-fs (loop5): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[ 1196.543691][T17386] loop6: detected capacity change from 0 to 2048
[ 1196.544103][ T5917] vhci_hcd: vhci_device speed not set
[ 1196.773115][ T1162] usb 9-1: USB disconnect, device number 2
[ 1196.780311][ T1162] net1080 9-1:0.183 usb0: unregister 'net1080' usb-dummy_hcd.8-1, NetChip TurboCONNECT
[ 1196.784616][T17386] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[ 1196.963215][T17386] UDF-fs: Scanning with blocksize 512 failed
[ 1196.986173][T17386] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1197.973936][T17407] loop6: detected capacity change from 0 to 8
[ 1198.049597][T17407] SQUASHFS error: Failed to read block 0x62b: -5
[ 1198.125105][T17407] SQUASHFS error: Unable to read metadata cache entry [629]
[ 1198.352189][T17407] SQUASHFS error: Unable to read inode 0x11f

syzkaller
syzkaller login: [ 1199.047902][T17424] xt_CT: No such helper "snmp"
[ 1199.747384][T17436] loop6: detected capacity change from 0 to 8192
[ 1199.768336][T17432] loop0: detected capacity change from 0 to 2048
[ 1199.798580][T17439] loop5: detected capacity change from 0 to 2048
[ 1199.833373][T14109] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1199.888043][T17442] loop8: detected capacity change from 0 to 256
[ 1199.925844][T17439] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[ 1199.953106][T17439] UDF-fs: Scanning with blocksize 512 failed
[ 1199.987856][T17442] exFAT-fs (loop8): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1200.018440][T17439] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1200.038844][T14109] usb 2-1: Using ep0 maxpacket: 32
[ 1200.077454][T14109] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1200.109275][T14109] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1200.200263][T14109] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1200.244015][T14109] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1200.301782][T14109] usb 2-1: config 0 descriptor??
[ 1200.482063][T17453] loop6: detected capacity change from 0 to 512
[ 1200.560585][T17453] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[ 1200.621954][T17453] EXT4-fs (loop6): invalid journal inode
[ 1200.673197][T17453] EXT4-fs (loop6): can't get journal size
[ 1200.755451][T17453] EXT4-fs (loop6): 1 truncate cleaned up
[ 1200.776185][T14109] savu 0003:1E7D:2D5A.0006: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[ 1200.808295][T17453] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1201.061644][T14109] usb 2-1: USB disconnect, device number 13
[ 1201.076552][   T30] audit: type=1800 audit(1736376126.765:95): pid=17453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3265" name="bus" dev="loop6" ino=18 res=0 errno=0
[ 1201.220174][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1201.768466][ T5204]  loop0: unable to read partition table
[ 1201.785800][ T5204] loop0: partition table beyond EOD, truncated
[ 1204.532201][T17502] loop1: detected capacity change from 0 to 256
[ 1204.550416][T17502] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1204.574313][T17501] loop6: detected capacity change from 0 to 512
[ 1204.647584][T17501] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1204.725134][T17508] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3277'.
[ 1204.759829][T17501] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1205.520054][T17523] loop5: detected capacity change from 0 to 512
[ 1205.564865][T13177] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1205.606712][T17523] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1205.687891][T17523] ext4 filesystem being mounted at /249/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1205.748211][T17535] loop0: detected capacity change from 0 to 1024
[ 1206.012848][T17535] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8842c018, mo2=0002]
[ 1206.024533][T17535] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1206.181456][   T54] Bluetooth: hci4: command 0x0406 tx timeout
[ 1206.272363][T17523] EXT4-fs (loop5): shut down requested (1)
[ 1206.286799][   T30] audit: type=1800 audit(1736376131.975:96): pid=17535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3285" name="bus" dev="loop0" ino=18 res=0 errno=0
[ 1206.294276][T17535] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1207.009534][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1207.022023][   T62] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1207.063020][   T62] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1207.063020][   T62] 
[ 1207.076900][   T62] EXT4-fs (loop0): Total free blocks count 0
[ 1207.248538][T17556] loop1: detected capacity change from 0 to 128
[ 1207.269948][T17556] FAT-fs (loop1): error, corrupted directory (invalid entries)
[ 1207.302520][T17556] FAT-fs (loop1): Filesystem has been set read-only
[ 1207.423192][   T62] EXT4-fs (loop0): Free/Dirty block details
[ 1207.433753][   T62] EXT4-fs (loop0): free_blocks=68451041280
[ 1207.439636][   T62] EXT4-fs (loop0): dirty_blocks=16
[ 1207.444877][   T62] EXT4-fs (loop0): Block reservation details
[ 1207.450936][   T62] EXT4-fs (loop0): i_reserved_data_blocks=1
[ 1207.739592][T15810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1208.260435][T17579] loop1: detected capacity change from 0 to 512
[ 1208.271684][T17579] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[ 1208.373518][T17579] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.3297: iget: bad i_size value: -67835469387268086
[ 1208.495970][T17579] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.3297: couldn't read orphan inode 15 (err -117)
[ 1208.668456][T17579] EXT4-fs (loop1): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1208.769681][T17579] ext2 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1208.789644][T17588] loop0: detected capacity change from 0 to 256
[ 1208.948466][T17579] EXT4-fs error (device loop1): ext4_add_entry:2444: inode #2: comm syz.1.3297: Directory hole found for htree leaf block 0
[ 1208.983429][T17588] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1209.124329][T17592] loop5: detected capacity change from 0 to 1024
[ 1209.253177][T17592] hfsplus: Bad value for 'session'
[ 1209.255218][T16444] EXT4-fs (loop1): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[ 1209.541914][T17600] loop8: detected capacity change from 0 to 256
[ 1209.639194][T17602] loop6: detected capacity change from 0 to 1024
[ 1209.930463][T17600] exFAT-fs (loop8): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1210.189357][   T62] hfsplus: b-tree write err: -5, ino 4
[ 1212.733774][T17642] loop1: detected capacity change from 0 to 2048
[ 1212.842744][T17651] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3314'.
[ 1212.852488][T17648] loop5: detected capacity change from 0 to 512
[ 1212.916814][T17642] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1212.953745][T17642] UDF-fs: Scanning with blocksize 512 failed
[ 1213.026116][T17648] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1213.028279][T17642] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1213.161877][T17648] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1213.483697][T17666] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #2: block 3: comm syz.5.3312: lblock 8 mapped to illegal pblock 3 (length 26)
[ 1213.513315][T17667] loop8: detected capacity change from 0 to 732
[ 1215.607472][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1215.811476][T17688] pimreg: entered allmulticast mode
[ 1215.846294][T17688] pimreg: left allmulticast mode
[ 1215.891978][T17692] loop1: detected capacity change from 0 to 512
[ 1215.941263][T17692] EXT4-fs error (device loop1): ext4_orphan_get:1415: comm syz.1.3325: bad orphan inode 15
[ 1215.979788][T17692] ext4_test_bit(bit=14, block=5) = 0
[ 1216.143961][T17692] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1216.373159][ T5915] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[ 1216.499901][   T30] audit: type=1800 audit(1736376142.195:97): pid=17692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3325" name="file2" dev="loop1" ino=16 res=0 errno=0
[ 1216.521329][T17692] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters
[ 1216.576072][ T5915] usb 6-1: not running at top speed; connect to a high speed hub
[ 1216.591536][ T5915] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1216.600916][ T5915] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1216.611511][ T5915] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1216.620971][ T5915] usb 6-1: config 1 has no interface number 1
[ 1216.627683][ T5915] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1216.641479][ T5915] usb 6-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1216.685248][ T5915] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1216.717707][ T5915] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1216.761119][ T5915] usb 6-1: Product: syz
[ 1216.776419][ T5915] usb 6-1: Manufacturer: syz
[ 1216.788500][ T5915] usb 6-1: SerialNumber: syz
[ 1217.052704][T16444] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1217.200799][T17717] loop8: detected capacity change from 0 to 512
[ 1217.338827][T17717] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1217.413965][ T5915] usb 6-1: USB disconnect, device number 12
[ 1217.486416][T17717] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1217.721046][T17723] loop1: detected capacity change from 0 to 2048
[ 1218.048712][T15591] udevd[15591]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1218.214625][T16657] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1218.479142][T17723] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[ 1218.502887][T17723] UDF-fs: Scanning with blocksize 512 failed
[ 1218.978782][T17723] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1219.033772][T14109] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 1220.116985][T14109] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[ 1220.126288][T14109] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1220.216156][T14109] usb 1-1: config 0 descriptor??
[ 1221.053464][T14109] playstation 0003:054C:0DF2.0007: item fetching failed at offset 3/5
[ 1221.064052][T14109] playstation 0003:054C:0DF2.0007: Parse failed
[ 1221.070399][T14109] playstation 0003:054C:0DF2.0007: probe with driver playstation failed with error -22
[ 1221.312554][ T5917] usb 1-1: USB disconnect, device number 12
[ 1221.397566][T17759] loop8: detected capacity change from 0 to 256
[ 1221.479122][T17765] loop1: detected capacity change from 0 to 1024
[ 1221.486937][T17759] loop8: detected capacity change from 0 to 512
[ 1221.496355][T17765] EXT4-fs: Ignoring removed orlov option
[ 1221.509062][T17765] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1221.557149][T17759] Quota error (device loop8): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[ 1221.594354][T17765] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1221.601742][T17759] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[ 1221.617105][T17759] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.3338: Failed to acquire dquot type 1
[ 1221.654356][T17759] EXT4-fs (loop8): 1 truncate cleaned up
[ 1221.802091][T17759] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1221.822528][T17759] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1222.023625][T17759] Quota error (device loop8): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[ 1222.096243][T17759] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[ 1222.210099][T17759] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.3338: Failed to acquire dquot type 1
[ 1222.495651][T17784] loop5: detected capacity change from 0 to 1024
[ 1222.614512][T16657] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1222.630674][T16444] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1222.692653][T17784] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1226.114760][T17805] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[ 1226.299661][T17805] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1226.308960][T17805] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1226.370042][T12555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1226.388683][T17808] loop8: detected capacity change from 0 to 512
[ 1226.400488][T17805] bridge0: entered allmulticast mode
[ 1226.458266][T17808] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1226.511643][T17808] EXT4-fs (loop8): blocks per group (255) and clusters per group (8192) inconsistent
[ 1227.136470][T17821] loop6: detected capacity change from 0 to 2048
[ 1227.210161][T17821] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1227.428908][T17836] loop5: detected capacity change from 0 to 256
[ 1227.658604][   T51] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1227.867237][   T51] usb 9-1: Using ep0 maxpacket: 16
[ 1227.898958][   T51] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1227.919555][   T51] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1227.943357][   T51] usb 9-1: Product: syz
[ 1227.947608][   T51] usb 9-1: Manufacturer: syz
[ 1228.018306][   T51] usb 9-1: SerialNumber: syz
[ 1228.050806][   T51] usb 9-1: config 0 descriptor??
[ 1228.098549][   T51] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[ 1228.107299][   T51] usb 9-1: Detected FT232H
[ 1230.280212][   T51] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1230.301946][T17857] loop0: detected capacity change from 0 to 512
[ 1230.669426][ T6049] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1230.747571][T17861] loop1: detected capacity change from 0 to 256
[ 1230.837099][T17857] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.3362: casefold flag without casefold feature
[ 1230.853574][   T51] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1230.889524][T17857] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.3362: couldn't read orphan inode 15 (err -117)
[ 1230.956673][ T6049] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.022470][T17857] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1231.059536][T13616] usb 9-1: USB disconnect, device number 3
[ 1231.074426][T13616] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1231.114339][T13616] ftdi_sio 9-1:0.0: device disconnected
[ 1231.124114][ T6049] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.310943][ T6049] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.615000][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1231.626287][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1231.635076][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1231.644529][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1231.652277][   T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1231.660333][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1231.717819][T17889] loop1: detected capacity change from 0 to 512
[ 1231.727430][T17889] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1231.740228][T17889] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1231.804091][T15810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1231.809579][T17889] EXT4-fs (loop1): 1 truncate cleaned up
[ 1231.868395][T17889] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1231.900089][ T6049] bridge_slave_1: left allmulticast mode
[ 1231.921106][ T6049] bridge_slave_1: left promiscuous mode
[ 1231.948485][ T6049] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1232.007422][T17901] loop5: detected capacity change from 0 to 256
[ 1232.022198][ T6049] bridge_slave_0: left allmulticast mode
[ 1232.065346][ T6049] bridge_slave_0: left promiscuous mode
[ 1232.081514][ T6049] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1232.140301][T17901] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x2cb3b5e5, utbl_chksum : 0xe619d30d)
[ 1233.550667][T16444] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1233.720360][T12555] exFAT-fs (loop5): start_clu is invalid cluster(0x0)
[ 1233.775816][   T54] Bluetooth: hci3: command tx timeout
[ 1233.795451][T17920] loop1: detected capacity change from 0 to 256
[ 1233.866005][T17920] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[ 1233.885849][T17922] loop0: detected capacity change from 0 to 128
[ 1233.967272][T17922] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1233.982906][T17922] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1234.600640][T17930] loop0: detected capacity change from 0 to 1024
[ 1234.610266][T17930] EXT4-fs: Ignoring removed orlov option
[ 1234.676702][T17930] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1234.827221][T15810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1235.995694][   T54] Bluetooth: hci3: command tx timeout
[ 1236.941881][T17947] loop5: detected capacity change from 0 to 2048
[ 1237.024929][T17950] loop1: detected capacity change from 0 to 256
[ 1237.055801][T17950] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1237.097977][T17947] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1237.340581][ T6049] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1237.381732][ T6049] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1237.418864][ T6049] bond0 (unregistering): Released all slaves
[ 1237.490466][ T6049] bond1 (unregistering): Released all slaves
[ 1237.504929][T17955] ------------[ cut here ]------------
[ 1237.510995][T17955] WARNING: CPU: 0 PID: 17955 at fs/udf/inode.c:2080 __udf_add_aext+0x555/0x700
[ 1237.520809][T17955] Modules linked in:
[ 1237.525433][T17955] CPU: 0 UID: 0 PID: 17955 Comm: syz.5.3391 Not tainted 6.13.0-rc6-next-20250107-syzkaller #0
[ 1237.535826][T17955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1237.545989][T17955] RIP: 0010:__udf_add_aext+0x555/0x700
[ 1237.551507][T17955] Code: 87 dd fe 49 8b 3c 24 4c 89 fe e8 16 68 01 ff 31 c0 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 7c 37 77 fe 90 <0f> 0b 90 e9 e7 fb ff ff e8 6e 37 77 fe 90 0f 0b 90 e9 54 fc ff ff
[ 1237.571745][T17955] RSP: 0018:ffffc9000d30f278 EFLAGS: 00010283
[ 1237.578166][T17955] RAX: ffffffff834801e4 RBX: 1ffff92001a61e9b RCX: 0000000000080000
[ 1237.586224][T17955] RDX: ffffc90016759000 RSI: 0000000000005850 RDI: 0000000000005851
[ 1237.594270][T17955] RBP: 0000000000000000 R08: ffffffff8347fdc6 R09: ffffffff8347fcf6
[ 1237.602282][T17955] R10: 0000000000000002 R11: ffff888031208000 R12: ffffc9000d30f4d0
[ 1237.610482][T17955] R13: 0000000000000004 R14: dffffc0000000000 R15: ffffc9000d30f4d8
[ 1237.618730][T17955] FS:  00007fb2088ce6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1237.628454][T17955] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1237.635584][T17955] CR2: 00007fb2088cdf98 CR3: 00000000616e8000 CR4: 00000000003526f0
[ 1237.643655][T17955] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1237.651661][T17955] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1237.659741][T17955] Call Trace:
[ 1237.663130][T17955]  <TASK>
[ 1237.666092][T17955]  ? __warn+0x165/0x4d0
[ 1237.670451][T17955]  ? __udf_add_aext+0x555/0x700
[ 1237.675567][T17955]  ? report_bug+0x2b3/0x500
[ 1237.680110][T17955]  ? __udf_add_aext+0x555/0x700
[ 1237.685077][T17955]  ? handle_bug+0x60/0x90
[ 1237.689446][T17955]  ? exc_invalid_op+0x1a/0x50
[ 1237.694213][T17955]  ? asm_exc_invalid_op+0x1a/0x20
[ 1237.699293][T17955]  ? __udf_add_aext+0x66/0x700
[ 1237.704160][T17955]  ? __udf_add_aext+0x136/0x700
[ 1237.709053][T17955]  ? __udf_add_aext+0x554/0x700
[ 1237.713990][T17955]  ? __udf_add_aext+0x555/0x700
[ 1237.719077][T17955]  ? __udf_add_aext+0x554/0x700
[ 1237.724822][T17955]  udf_map_block+0x3e16/0x5340
[ 1237.729647][T17955]  ? folio_prealloc+0x2e/0x170
[ 1237.735160][T17955]  ? __pfx_udf_map_block+0x10/0x10
[ 1237.740315][T17955]  ? check_noncircular+0x259/0x4a0
[ 1237.745528][T17955]  ? check_path+0x21/0x40
[ 1237.749900][T17955]  ? check_noncircular+0x259/0x4a0
[ 1237.755223][T17955]  ? validate_chain+0x11e/0x5920
[ 1237.760248][T17955]  ? validate_chain+0x15c0/0x5920
[ 1237.765676][T17955]  ? __pfx_validate_chain+0x10/0x10
[ 1237.771265][T17955]  ? mark_lock+0x9a/0x360
[ 1237.775832][T17955]  ? __lock_acquire+0x1397/0x2100
[ 1237.781022][T17955]  __udf_get_block+0x126/0x410
[ 1237.785898][T17955]  ? __pfx___udf_get_block+0x10/0x10
[ 1237.791252][T17955]  __block_write_begin_int+0x692/0x19a0
[ 1237.796917][T17955]  ? __pfx___might_resched+0x10/0x10
[ 1237.802287][T17955]  ? __pfx_udf_get_block+0x10/0x10
[ 1237.807748][T17955]  ? __pfx___block_write_begin_int+0x10/0x10
[ 1237.814091][T17955]  ? __pfx_fault_in_readable+0x10/0x10
[ 1237.820819][T17955]  ? __pfx_udf_get_block+0x10/0x10
[ 1237.826922][T17955]  block_write_begin+0x8f/0x120
[ 1237.831854][T17955]  udf_write_begin+0xfc/0x250
[ 1237.837760][T17955]  generic_perform_write+0x346/0x990
[ 1237.843659][T17955]  ? __pfx_generic_perform_write+0x10/0x10
[ 1237.849525][T17955]  ? __generic_file_write_iter+0x102/0x230
[ 1237.855723][T17955]  ? udf_file_write_iter+0x1bf/0x660
[ 1237.861066][T17955]  udf_file_write_iter+0x2fc/0x660
[ 1237.866489][T17955]  vfs_write+0xacf/0xd10
[ 1237.870787][T17955]  ? __pfx_udf_file_write_iter+0x10/0x10
[ 1237.876906][T17955]  ? __pfx_vfs_write+0x10/0x10
[ 1237.881736][T17955]  ? __fget_files+0x2a/0x410
[ 1237.886806][T17955]  ? __fget_files+0x2a/0x410
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1237.891451][T17955]  ksys_write+0x18f/0x2b0
[ 1237.896097][T17955]  ? __pfx_ksys_write+0x10/0x10
[ 1237.901170][T17955]  ? exc_page_fault+0x590/0x8b0
[ 1237.906436][T17955]  ? do_syscall_64+0xb6/0x230
[ 1237.911155][T17955]  do_syscall_64+0xf3/0x230
[ 1237.916118][T17955]  ? clear_bhb_loop+0x35/0x90
[ 1237.920860][T17955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1237.927484][T17955] RIP: 0033:0x7fb207b85d29
[ 1237.932764][T17955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1237.954071][T17955] RSP: 002b:00007fb2088ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1237.962557][T17955] RAX: ffffffffffffffda RBX: 00007fb207d76080 RCX: 00007fb207b85d29
[ 1237.970889][T17955] RDX: 0000000000000018 RSI: 0000000020001080 RDI: 0000000000000004
[ 1237.979194][T17955] RBP: 00007fb207c01b08 R08: 0000000000000000 R09: 0000000000000000
[ 1237.987627][T17955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1237.995903][T17955] R13: 0000000000000001 R14: 00007fb207d76080 R15: 00007fff910367e8
[ 1238.004163][T17955]  </TASK>
[ 1238.004508][ T5834] Bluetooth: hci3: command tx timeout
[ 1238.007215][T17955] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1238.007238][T17955] CPU: 0 UID: 0 PID: 17955 Comm: syz.5.3391 Not tainted 6.13.0-rc6-next-20250107-syzkaller #0
[ 1238.007273][T17955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1238.007289][T17955] Call Trace:
[ 1238.007299][T17955]  <TASK>
[ 1238.007310][T17955]  dump_stack_lvl+0x241/0x360
[ 1238.007353][T17955]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1238.007379][T17955]  ? __pfx__printk+0x10/0x10
[ 1238.007426][T17955]  ? vscnprintf+0x5d/0x90
[ 1238.007485][T17955]  panic+0x349/0x880
[ 1238.007523][T17955]  ? __warn+0x174/0x4d0
[ 1238.007567][T17955]  ? __pfx_panic+0x10/0x10
[ 1238.007632][T17955]  __warn+0x344/0x4d0
[ 1238.007687][T17955]  ? __udf_add_aext+0x555/0x700
[ 1238.007722][T17955]  report_bug+0x2b3/0x500
[ 1238.007752][T17955]  ? __udf_add_aext+0x555/0x700
[ 1238.007787][T17955]  handle_bug+0x60/0x90
[ 1238.007815][T17955]  exc_invalid_op+0x1a/0x50
[ 1238.007845][T17955]  asm_exc_invalid_op+0x1a/0x20
[ 1238.007876][T17955] RIP: 0010:__udf_add_aext+0x555/0x700
[ 1238.007908][T17955] Code: 87 dd fe 49 8b 3c 24 4c 89 fe e8 16 68 01 ff 31 c0 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 7c 37 77 fe 90 <0f> 0b 90 e9 e7 fb ff ff e8 6e 37 77 fe 90 0f 0b 90 e9 54 fc ff ff
[ 1238.007929][T17955] RSP: 0018:ffffc9000d30f278 EFLAGS: 00010283
[ 1238.007952][T17955] RAX: ffffffff834801e4 RBX: 1ffff92001a61e9b RCX: 0000000000080000
[ 1238.007970][T17955] RDX: ffffc90016759000 RSI: 0000000000005850 RDI: 0000000000005851
[ 1238.007987][T17955] RBP: 0000000000000000 R08: ffffffff8347fdc6 R09: ffffffff8347fcf6
[ 1238.008004][T17955] R10: 0000000000000002 R11: ffff888031208000 R12: ffffc9000d30f4d0
[ 1238.008022][T17955] R13: 0000000000000004 R14: dffffc0000000000 R15: ffffc9000d30f4d8
[ 1238.008046][T17955]  ? __udf_add_aext+0x66/0x700
[ 1238.008085][T17955]  ? __udf_add_aext+0x136/0x700
[ 1238.008112][T17955]  ? __udf_add_aext+0x554/0x700
[ 1238.008148][T17955]  ? __udf_add_aext+0x554/0x700
[ 1238.008186][T17955]  udf_map_block+0x3e16/0x5340
[ 1238.008213][T17955]  ? folio_prealloc+0x2e/0x170
[ 1238.008288][T17955]  ? __pfx_udf_map_block+0x10/0x10
[ 1238.008315][T17955]  ? check_noncircular+0x259/0x4a0
[ 1238.008359][T17955]  ? check_path+0x21/0x40
[ 1238.008380][T17955]  ? check_noncircular+0x259/0x4a0
[ 1238.008421][T17955]  ? validate_chain+0x11e/0x5920
[ 1238.008483][T17955]  ? validate_chain+0x15c0/0x5920
[ 1238.008520][T17955]  ? __pfx_validate_chain+0x10/0x10
[ 1238.008559][T17955]  ? mark_lock+0x9a/0x360
[ 1238.008598][T17955]  ? __lock_acquire+0x1397/0x2100
[ 1238.008676][T17955]  __udf_get_block+0x126/0x410
[ 1238.008709][T17955]  ? __pfx___udf_get_block+0x10/0x10
[ 1238.008756][T17955]  __block_write_begin_int+0x692/0x19a0
[ 1238.008787][T17955]  ? __pfx___might_resched+0x10/0x10
[ 1238.008830][T17955]  ? __pfx_udf_get_block+0x10/0x10
[ 1238.008859][T17955]  ? __pfx___block_write_begin_int+0x10/0x10
[ 1238.008890][T17955]  ? __pfx_fault_in_readable+0x10/0x10
[ 1238.008922][T17955]  ? __pfx_udf_get_block+0x10/0x10
[ 1238.008950][T17955]  block_write_begin+0x8f/0x120
[ 1238.008980][T17955]  udf_write_begin+0xfc/0x250
[ 1238.009012][T17955]  generic_perform_write+0x346/0x990
[ 1238.009058][T17955]  ? __pfx_generic_perform_write+0x10/0x10
[ 1238.009097][T17955]  ? __generic_file_write_iter+0x102/0x230
[ 1238.009128][T17955]  ? udf_file_write_iter+0x1bf/0x660
[ 1238.009158][T17955]  udf_file_write_iter+0x2fc/0x660
[ 1238.009193][T17955]  vfs_write+0xacf/0xd10
[ 1238.009229][T17955]  ? __pfx_udf_file_write_iter+0x10/0x10
[ 1238.009265][T17955]  ? __pfx_vfs_write+0x10/0x10
[ 1238.009301][T17955]  ? __fget_files+0x2a/0x410
[ 1238.009330][T17955]  ? __fget_files+0x2a/0x410
[ 1238.009366][T17955]  ksys_write+0x18f/0x2b0
[ 1238.009399][T17955]  ? __pfx_ksys_write+0x10/0x10
[ 1238.009432][T17955]  ? exc_page_fault+0x590/0x8b0
[ 1238.009460][T17955]  ? do_syscall_64+0xb6/0x230
[ 1238.009490][T17955]  do_syscall_64+0xf3/0x230
[ 1238.009518][T17955]  ? clear_bhb_loop+0x35/0x90
[ 1238.009555][T17955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.009587][T17955] RIP: 0033:0x7fb207b85d29
[ 1238.009609][T17955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1238.009630][T17955] RSP: 002b:00007fb2088ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1238.009654][T17955] RAX: ffffffffffffffda RBX: 00007fb207d76080 RCX: 00007fb207b85d29
[ 1238.009673][T17955] RDX: 0000000000000018 RSI: 0000000020001080 RDI: 0000000000000004
[ 1238.009689][T17955] RBP: 00007fb207c01b08 R08: 0000000000000000 R09: 0000000000000000
[ 1238.009704][T17955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1238.009719][T17955] R13: 0000000000000001 R14: 00007fb207d76080 R15: 00007fff910367e8
[ 1238.009755][T17955]  </TASK>
[ 1238.012868][T17955] Kernel Offset: disabled