program: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x400, &(0x7f0000000140)=ANY=[], 0x1, 0x694, &(0x7f0000001100)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXr9l1Yq8tPp9odp5nnpd5nt/M7OzOKnKA/1nXzqXxOLVcO/fmcpFfeTTTWXk0c6efTjKRpJ40eqvU7ia1j5Kr6S35TLGx6q623X4+WJh9++NPVz7p5RrVUtav79Rukyv1LTY+rJacSXKkWj+Ddf1d39Bfa+TuaqszLAJ2th84GLdmku463z21VvJUw1+3wIFVK++bm6/5qeRoksnqc0Dvrti7Zx9qD8c9AAAAANgHL/yy/Ap/bNzjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMOk9/f/i1W51PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3jO0dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5TK6ntEInk83/83Xdude7enrh579zBmdIIJgaeoG2MxMxAJF7e+ZxIM1Ukbh3WSAyaLiNxcjV/Ld/It3MuZ/JWFrOQ72UuS5nPmXw9czmSuep8Ll6ndo7U1XW5t542klZ5XJrVu+jwY1rKXF4t2x7LQr6Vd3Mj87lS/ruUi3m96jGrR/jkEFd9fbR32rNfGHiY/Isk7eHa7YNiYMdX706DZ/10eR0cX7dl7Tp48fnfjxqfrRLFPn4ycETGb2MkLg5E4qWdI/Gb8m3lXufu7cVbc+8Nub/XqnVxHf3sQN0livPlxeJglbn1Z0dR9tLGsslevFrVLy69svV33KLs5GrZ9lfq5VzObFn71JY9XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94TZFe5hoJ+lvSZ7Wqpmn19mbRCtJmWj0E6P1MzFU5dba0Xnj988y5uaorZLnEqhGdZLdf3D7n91ud98P0xaJ5g7n/FqiW9lU1B2q+dgS/+o+vw7H/MYE7LkLS3feu3Dv/oMvLdyZe2f+nfm7s5cvz07PXr7ytws3Fzrz073XcY8S2AtrN/1xjwQAAAAAAAAAAAAY1n78t4Rtdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9p2+/lgYfbtjz9d+aSXa1RLWb++rl1zN7N4WC05k+RItR40+Qz9Xa/WuxpZqbY6wyJgZ/uBg3H7bwAAAP//2wMQAg==") r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0, 0x0) open_by_handle_at(r3, &(0x7f0000000000)=ANY=[], 0x0) unshare(0x2000680) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRES64=r1], 0x7c}, 0x1, 0x0, 0x0, 0x200000c5}, 0x0) syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1014494, &(0x7f00000002c0)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d342c706172746974696f6e3d30303030303030303030303030303030303030b0790946643d666f726765742c73657373696f6e3d30303030090000000000000030303030343037322c6e6f6164696e6963622c616e63686f723d30303030303030303030303030303030303030302c7569643d666f726765742c00"], 0xfe, 0xc24, &(0x7f0000001480)="$eJzs3UFsHNd9B+D/Gy5Fym4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIRtrQvfTQQ4Ci6CEnAq1RIEUDoymCHtnWBZKLD0VOPREtbARFD2wRIKeAxcy+lZY0ZcmmSFH299nUbznz3ux7b5YzkqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN976cKpZ9ODbgUAcJAuTX311Gn3fwD4RLnsz/8AAAAAAAAAAAAAAHDYpSjisUixeGkzzVTfdw1fbHdu3Jwen9i92tFU1Ryoypdfw8+ePnP2S8+NnevlB9e/356IV6YuX6i/uHB9cam1vNyaq0932rMLc617PsJe6+80Wg1A/fqrN+auXl2un37mzLbdN0feG3r0+Mj5sadOPtkrOz0+MTHVV6Y2+JHf/X3uNMPjSBRxMlI8/b2fpGZEFLH3sbjLZ2e/Ha06MVp1Ynp8ourIfLvZWSl3TvYGooio91Vq9MboAM7FnjQiVsvmlw0eLbs3tdhcal6Zb9Unm0sr7ZX2QmcydVtb9qceRZxLEWsRsTH0/sMNRhG1SPGdY5vpSkQM9Mbhi9XE4Du3o9jHPt6Dsp31wYi14iE4Z4fYUBTxcqT46dtFzJZjlr/iCxEvl/mDiDfLfCEilR+MsxHv7vI54uFUiyL+vDz/5zfTXHU96F1XLn6t/pXO1YW+sr3rykN/fzhIh/zaNBxFNKsr/mb66L/ZAQAAAAAAAAAAAAAAAOB+OxpFPBEpXvr3P6rmFUc1L/3Y+bHfH/nF/jnjj9/lOGXZZyJitbi3OblH8hTiyTSZ0gOeS/xJNhxF/HGe//fGg24MAAAAAAAAAAAAAAAAAADAJ9yPI8Xz75xIa9G/pni7c61+uXllvrsqbG/t396a6VtbW1v11M1GzpmcqznXcq7n3MgZRa6fs5FzJudqzrWc6zk3csZArp+zkXMm52rOtZzrOTdyRi3Xz9nIOZNzNedazvWcGznjkKzdCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwcVJEET+PFN/+xmaKFBGNiJno5vpQrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CANpSK+Hynqf9C4ta0WEan6v+tE+cvZaBwp89PRGCvzhWhcyNmsstZ44wG0n70ZTEX8KFIMDb9164Tn8z/Y/e7WxyDe/Obt736l1s2B3s6R94YePX7s/NjErz1+p9dptwaMXmx3btysT49PTEz1ba7ld/9037aR/L7F/ek6EbH82uuvNufnW0ufmBdFHIpmPKgXte6LWhyS9hzUi3y9il12FYfhp6BxWAaq9+IBX5g4EOX9/91I8dvv/Efvht+7//9C97tbd/j42Z/cvv8/v/NA+3T/f6xv2/P5dyODtYjhleuLg8cjhpdfe/1k+3rzWutaq3P21Kkvj419+cypwSMRw1fb862+V3seKgAAAAAAAAAAAAAAAICDlYr43UjR/NFmqkfEzWq+1sj5sadOPjkQA9V8q23ztl6Zunyh/uLC9cWl1vJya64+3WnPLsy17vXthqvpXtPjE/vSmbs6us/tPzr84sLia0vta3+4suv+R4YvXFleWWrO7r47jkYR0ejfMlo1eHp8omr0fLvZqapO7jqZ7sMbTEX8Z6SYPVs/0tuW5//tnOG/bf7/6s4D7dP8v0/1bSvfM6UifhYpfusvHo/PV+18JN43Zrnc30SK0XOfy+XiSFmu14bucwW6MwPLsv8bKf7h59vL9uZDPna77LP3Oq4Pi/L8H4sU3/+z78av523bn/+w+/l/ZOeB9un8f6Zv2yPbnlew566Tz//JSPHCY2/Fb+RtH/T8jyK2tra+FXEiF771fI59Ov+f7ds2Et33/c37130AAAAAAAAAAICH1mAq4m8jxZMTtfRc3nYv//5vbueB9unff/1y37a5A1qvaM+DCgAAAACHxGAq4seR4trKW7fmUG+f/903//N3bq+9Pp527K3+nu+XqucG3M+//+s3kt93Zu/dBgAAAAAAAAAAAAAAAAAAgEMlpSKey+upz9xlPfX1SPHSfz+dy6XjZbneOvAj1a/DlxY6Jy/Mzy/MNleaV+Zb9anF5myrrPuZSLH515/LdYtqffXP57rdNd6Ht3prsS9Fiom/65XtrsXeW5u8ux54dy32suynIsV//f32sr11rD97u+zpsuxfRYqv/9PuZY/fLnumLPvdSPHDr9d7ZR8py/aej9p9JulwLeZbz8wuzL/vUagAAAAAAAAAAAAAAAAAAADwYQ2mIv40UvzP9bVYrab9v3FrV85ab8Ob3+xb73+Hm9U6/yPV+v93ev1R1v8fuS+9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh0uKIl6PFIuXNtP6UPl91/DFdufGzenxid2rHU1VzYGqfPk1/OzpM2e/9NzYuV5+cP377Yl4ZeryhfqLC9cXl1rLy625+nSnPbsw17rnI+y1/u2h6xqtBqB+/dUbc1evLtdPP3Nm2+6bI+8NPXp85PzYUyef7JWdHp+YmOorUxv8EO/+oRp325Eo4i8jxdPf+0n656GIIvY+Fnf57Oy3o1UnRqtOTI9PVB2Zbzc7K+XOyd5AFBH1vkqN3hgdwLnYk0bEatn8ssGjZfemFptLzSvzrfpkc2mlvdJe6EymbmvL/tSjiHMpYi0iNob6D3QkZxGvRorvHNtM/zIUMdAbhy9emvrqqdN3bkexr728i29V7awPRqwVD8E5O8SGooh/jBQ/fftE/OtQRC26X/GFiJfL/EHEm2W+EJHKD8bZiHeHHnSruV9qUcT/lef//GZ6eyii+pGprisXv1b/SufqQl/Z3nVl5/1hKyIeqvvDQTrk16bhKOKH1RV/M/2bn2sAAAAAAAAAAAAAAACAQ6SIX40Uz79zIlXzg2/NKW53rtUvN6/Md6f19eb+9eZMb21tbdVTNxs5Z3Ku5lzLuZ5zI2cUuX7ORs6ZnKs513Ku59zIGQO5fs5GzpmcqznXcq7n3MgZtVw/ZyPnTM7VnGs513Nu5IxDMncPAAAAAAAAAAAAAAAAAAD4eCmq/1J8+xubaWuou770THRz3XqgH3v/HwAA//9wn/vk") r5 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r5, 0x2007ffc) sendfile(r5, r5, 0x0, 0x800000009) r6 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r7 = open(&(0x7f0000000080)='./bus\x00', 0x107382, 0x1d0) ftruncate(r7, 0x2007ffb) sendfile(r6, r7, 0x0, 0x1000000201005) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="1201500200000040"], 0x0) truncate(&(0x7f00000013c0)='./file1\x00', 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) sendmsg$NFT_BATCH(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c00e500060a0b04000000000000000002000000300004802c0001800b000100736f636b657400001c000280080002400000000b080001400000000308000300000000890900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x84}}, 0x0) io_submit(r2, 0x2, &(0x7f0000000480)=[&(0x7f00000000c0)={0x25, 0xe7030000, 0x0, 0x3, 0x0, r1, &(0x7f0000000640)="e8df1433937e443cc9a6830e10f9a816bfb699b300db35ab500b552c349ee43ada6a916286472888a8af72a055d2e53304007f31ab6f039a98b50aacbb79e8117f3e0e9dbe3d02cfc5ac4fed7c06ba44b414688cafd33d9adfffff15abf4fa2b60992500", 0x64, 0x0, 0x0, 0x1}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x6, 0x2, r3, &(0x7f00000001c0)="338a5a5dce7717b2420175044efa3df5e426aba7", 0x14, 0x0, 0x0, 0x1, r3}]) ioctl$KVM_SET_USER_MEMORY_REGION2(r3, 0x40a0ae49, &(0x7f0000000100)={0x10002, 0x6, 0x3000, 0x1000, &(0x7f0000ffc000/0x1000)=nil, 0x300, r3}) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@private0, 0x1000, 0x2, 0x1, 0x4, 0x2}, 0x20) r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r8, 0xc0045627, &(0x7f00000000c0)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r8, 0xc0845657, &(0x7f00000003c0)={0x0, @bt={0x8a5, 0x93, 0x1, 0x3, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x2800, 0x6, 0x8000, 0xbb6, 0x9, 0x10, {0x8}, 0xd0, 0x9}}) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) [ 76.095572][ T5299] Bluetooth: hci0: command tx timeout [ 76.179253][ T5321] loop0: detected capacity change from 0 to 1024 [ 76.236673][ T1314] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.239591][ T1314] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.353904][ T25] audit: type=1800 audit(1762329962.238:2): pid=5321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 76.419641][ T5322] [ 76.420688][ T5322] ====================================================== [ 76.423280][ T5322] WARNING: possible circular locking dependency detected [ 76.425841][ T5322] syzkaller #0 Not tainted [ 76.427480][ T5322] ------------------------------------------------------ [ 76.430348][ T5322] syz.0.0/5322 is trying to acquire lock: [ 76.432730][ T5322] ffff8880515dc108 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1f8/0x1ba0 [ 76.438543][ T5322] [ 76.438543][ T5322] but task is already holding lock: [ 76.441774][ T5322] ffff88805b29e0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x290 [ 76.445896][ T5322] [ 76.445896][ T5322] which lock already depends on the new lock. [ 76.445896][ T5322] [ 76.450619][ T5322] [ 76.450619][ T5322] the existing dependency chain (in reverse order) is: [ 76.454586][ T5322] [ 76.454586][ T5322] -> #1 (&tree->tree_lock/1){+.+.}-{4:4}: [ 76.457794][ T5322] lock_acquire+0x120/0x360 [ 76.459857][ T5322] __mutex_lock+0x187/0x1350 [ 76.462071][ T5322] hfsplus_find_init+0x168/0x290 [ 76.464520][ T5322] hfsplus_file_truncate+0x388/0xc70 [ 76.467326][ T5322] hfsplus_setattr+0x1c4/0x270 [ 76.469589][ T5322] notify_change+0xc1a/0xf40 [ 76.471520][ T5322] do_truncate+0x1a4/0x220 [ 76.473473][ T5322] do_ftruncate+0x489/0x540 [ 76.475451][ T5322] __x64_sys_ftruncate+0x92/0xf0 [ 76.477777][ T5322] do_syscall_64+0xfa/0xfa0 [ 76.480051][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.482884][ T5322] [ 76.482884][ T5322] -> #0 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{4:4}: [ 76.486810][ T5322] validate_chain+0xb9b/0x2140 [ 76.489175][ T5322] __lock_acquire+0xab9/0xd20 [ 76.491506][ T5322] lock_acquire+0x120/0x360 [ 76.493868][ T5322] __mutex_lock+0x187/0x1350 [ 76.496140][ T5322] hfsplus_file_extend+0x1f8/0x1ba0 [ 76.498736][ T5322] hfsplus_bmap_reserve+0x122/0x500 [ 76.501391][ T5322] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 76.504177][ T5322] __hfsplus_ext_cache_extent+0x89/0xe30 [ 76.506891][ T5322] hfsplus_file_extend+0x437/0x1ba0 [ 76.509453][ T5322] hfsplus_get_block+0x40a/0x15d0 [ 76.511882][ T5322] __block_write_begin_int+0x6b5/0x1900 [ 76.514390][ T5322] cont_write_begin+0x789/0xb50 [ 76.516426][ T5322] hfsplus_write_begin+0x66/0xb0 [ 76.518394][ T5322] cont_write_begin+0x2fd/0xb50 [ 76.520414][ T5322] hfsplus_write_begin+0x66/0xb0 [ 76.522521][ T5322] generic_cont_expand_simple+0x13f/0x210 [ 76.525441][ T5322] hfsplus_setattr+0x169/0x270 [ 76.527914][ T5322] notify_change+0xc1a/0xf40 [ 76.530114][ T5322] do_truncate+0x1a4/0x220 [ 76.532213][ T5322] do_ftruncate+0x489/0x540 [ 76.534295][ T5322] __x64_sys_ftruncate+0x92/0xf0 [ 76.536382][ T5322] do_syscall_64+0xfa/0xfa0 [ 76.538544][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.541366][ T5322] [ 76.541366][ T5322] other info that might help us debug this: [ 76.541366][ T5322] [ 76.545241][ T5322] Possible unsafe locking scenario: [ 76.545241][ T5322] [ 76.548507][ T5322] CPU0 CPU1 [ 76.550884][ T5322] ---- ---- [ 76.553227][ T5322] lock(&tree->tree_lock/1); [ 76.555343][ T5322] lock(&HFSPLUS_I(inode)->extents_lock); [ 76.558986][ T5322] lock(&tree->tree_lock/1); [ 76.562165][ T5322] lock(&HFSPLUS_I(inode)->extents_lock); [ 76.564915][ T5322] [ 76.564915][ T5322] *** DEADLOCK *** [ 76.564915][ T5322] [ 76.568794][ T5322] 4 locks held by syz.0.0/5322: [ 76.571221][ T5322] #0: ffff88801155c420 (sb_writers#12){.+.+}-{0:0}, at: do_ftruncate+0x42a/0x540 [ 76.575880][ T5322] #1: ffff8880515deb78 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: do_truncate+0x171/0x220 [ 76.580352][ T5322] #2: ffff8880515de988 (&hip->extents_lock){+.+.}-{4:4}, at: hfsplus_file_extend+0x1f8/0x1ba0 [ 76.585261][ T5322] #3: ffff88805b29e0b0 (&tree->tree_lock/1){+.+.}-{4:4}, at: hfsplus_find_init+0x168/0x290 [ 76.589276][ T5322] [ 76.589276][ T5322] stack backtrace: [ 76.591730][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 76.591769][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.591778][ T5322] Call Trace: [ 76.591785][ T5322] [ 76.591792][ T5322] dump_stack_lvl+0x189/0x250 [ 76.591815][ T5322] ? __pfx_dump_stack_lvl+0x10/0x10 [ 76.591831][ T5322] ? __pfx__printk+0x10/0x10 [ 76.591846][ T5322] ? print_lock_name+0xde/0x100 [ 76.591857][ T5322] print_circular_bug+0x2ee/0x310 [ 76.591870][ T5322] check_noncircular+0x134/0x160 [ 76.591882][ T5322] validate_chain+0xb9b/0x2140 [ 76.591891][ T5322] ? rcu_is_watching+0x15/0xb0 [ 76.591903][ T5322] ? __kasan_check_byte+0x12/0x40 [ 76.591917][ T5322] ? rcu_is_watching+0x15/0xb0 [ 76.591930][ T5322] ? look_up_lock_class+0x74/0x170 [ 76.591945][ T5322] ? register_lock_class+0x51/0x320 [ 76.591956][ T5322] __lock_acquire+0xab9/0xd20 [ 76.591968][ T5322] ? hfsplus_file_extend+0x1f8/0x1ba0 [ 76.591981][ T5322] lock_acquire+0x120/0x360 [ 76.591991][ T5322] ? hfsplus_file_extend+0x1f8/0x1ba0 [ 76.592008][ T5322] __mutex_lock+0x187/0x1350 [ 76.592021][ T5322] ? hfsplus_file_extend+0x1f8/0x1ba0 [ 76.592030][ T5322] ? check_path+0x21/0x40 [ 76.592037][ T5322] ? check_noncircular+0xe0/0x160 [ 76.592045][ T5322] ? hfsplus_file_extend+0x1f8/0x1ba0 [ 76.592052][ T5322] ? lockdep_unlock+0x89/0x120 [ 76.592062][ T5322] ? __pfx___mutex_lock+0x10/0x10 [ 76.592073][ T5322] hfsplus_file_extend+0x1f8/0x1ba0 [ 76.592081][ T5322] ? __lock_acquire+0xab9/0xd20 [ 76.592089][ T5322] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 76.592099][ T5322] ? __pfx___mutex_trylock_common+0x10/0x10 [ 76.592110][ T5322] ? do_ftruncate+0x489/0x540 [ 76.592123][ T5322] ? do_syscall_64+0xfa/0xfa0 [ 76.592137][ T5322] ? rcu_is_watching+0x15/0xb0 [ 76.592149][ T5322] ? trace_contention_end+0x39/0x120 [ 76.592163][ T5322] ? __asan_memset+0x22/0x50 [ 76.592175][ T5322] ? hfsplus_brec_find+0x1a9/0x510 [ 76.592186][ T5322] hfsplus_bmap_reserve+0x122/0x500 [ 76.592198][ T5322] __hfsplus_ext_write_extent+0x28d/0x5b0 [ 76.592209][ T5322] __hfsplus_ext_cache_extent+0x89/0xe30 [ 76.592223][ T5322] hfsplus_file_extend+0x437/0x1ba0 [ 76.592238][ T5322] ? __pfx_hfsplus_file_extend+0x10/0x10 [ 76.592253][ T5322] ? clean_bdev_aliases+0x5c9/0x6b0 [ 76.592267][ T5322] ? __pfx_clean_bdev_aliases+0x10/0x10 [ 76.592279][ T5322] hfsplus_get_block+0x40a/0x15d0 [ 76.592295][ T5322] ? __pfx_hfsplus_get_block+0x10/0x10 [ 76.592304][ T5322] ? do_raw_spin_unlock+0x4d/0x240 [ 76.592313][ T5322] ? _raw_spin_unlock+0x28/0x50 [ 76.592322][ T5322] __block_write_begin_int+0x6b5/0x1900 [ 76.592330][ T5322] ? __pfx_workingset_update_node+0x10/0x10 [ 76.592342][ T5322] ? __pfx_hfsplus_get_block+0x10/0x10 [ 76.592357][ T5322] ? __pfx___block_write_begin_int+0x10/0x10 [ 76.592372][ T5322] cont_write_begin+0x789/0xb50 [ 76.592387][ T5322] ? __pfx_cont_write_begin+0x10/0x10 [ 76.592399][ T5322] ? rcu_is_watching+0x15/0xb0 [ 76.592411][ T5322] ? __mark_inode_dirty+0x3d2/0xe10 [ 76.592421][ T5322] ? folio_unlock+0x101/0x160 [ 76.592436][ T5322] hfsplus_write_begin+0x66/0xb0 [ 76.592447][ T5322] ? __pfx_hfsplus_get_block+0x10/0x10 [ 76.592460][ T5322] cont_write_begin+0x2fd/0xb50 [ 76.592469][ T5322] ? __pfx_cont_write_begin+0x10/0x10 [ 76.592477][ T5322] ? seqcount_lockdep_reader_access+0x122/0x1c0 [ 76.592486][ T5322] ? lockdep_hardirqs_on+0x9c/0x150 [ 76.592495][ T5322] ? ktime_get_coarse_real_ts64_mg+0x59/0x1e0 [ 76.592504][ T5322] ? seqcount_lockdep_reader_access+0x174/0x1c0 [ 76.592513][ T5322] hfsplus_write_begin+0x66/0xb0 [ 76.592520][ T5322] ? __pfx_hfsplus_get_block+0x10/0x10 [ 76.592528][ T5322] generic_cont_expand_simple+0x13f/0x210 [ 76.592535][ T5322] ? __pfx_inode_dio_wait+0x10/0x10 [ 76.592543][ T5322] ? __pfx_generic_cont_expand_simple+0x10/0x10 [ 76.592551][ T5322] ? setattr_prepare+0x1e7/0xac0 [ 76.592558][ T5322] ? __pfx_current_time+0x10/0x10 [ 76.592565][ T5322] hfsplus_setattr+0x169/0x270 [ 76.592579][ T5322] ? __pfx_hfsplus_setattr+0x10/0x10 [ 76.592587][ T5322] notify_change+0xc1a/0xf40 [ 76.592596][ T5322] do_truncate+0x1a4/0x220 [ 76.592605][ T5322] ? __pfx_do_truncate+0x10/0x10 [ 76.592617][ T5322] do_ftruncate+0x489/0x540 [ 76.592626][ T5322] ? __fget_files+0x2a/0x420 [ 76.592636][ T5322] ? __pfx_do_ftruncate+0x10/0x10 [ 76.592647][ T5322] __x64_sys_ftruncate+0x92/0xf0 [ 76.592656][ T5322] do_syscall_64+0xfa/0xfa0 [ 76.592667][ T5322] ? lockdep_hardirqs_on+0x9c/0x150 [ 76.592676][ T5322] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.592683][ T5322] ? clear_bhb_loop+0x60/0xb0 [ 76.592690][ T5322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.592697][ T5322] RIP: 0033:0x7f4a0978f6c9 [ 76.592706][ T5322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.592716][ T5322] RSP: 002b:00007f4a0a677038 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 76.592729][ T5322] RAX: ffffffffffffffda RBX: 00007f4a099e6090 RCX: 00007f4a0978f6c9 [ 76.592737][ T5322] RDX: 0000000000000000 RSI: 0000000002007ffb RDI: 0000000000000007 [ 76.592744][ T5322] RBP: 00007f4a09811f91 R08: 0000000000000000 R09: 0000000000000000 [ 76.592749][ T5322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.592754][ T5322] R13: 00007f4a099e6128 R14: 00007f4a099e6090 R15: 00007ffc7b832f48 [ 76.592762][ T5322] [ 77.151552][ T4821] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 77.321936][ T4821] usb 5-1: unable to get BOS descriptor or descriptor too short [ 77.326889][ T4821] usb 5-1: no configurations [ 77.329017][ T4821] usb 5-1: can't read configurations, error -22