last executing test programs:

3m15.094769039s ago: executing program 0 (id=2133):
socket$inet_tcp(0x2, 0x1, 0x0)
setgroups(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r0 = epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0xffffffffffffff1a, &(0x7f0000000580)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_wait(r0, &(0x7f00000001c0), 0x0, 0x7)
recvfrom$inet6(0xffffffffffffffff, &(0x7f0000003700)=""/4111, 0xffffffffffffffb1, 0x102, 0x0, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r5, 0x112, 0xb, &(0x7f0000000000), 0x2)

3m13.484114861s ago: executing program 0 (id=2134):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_procfs(0x0, 0x0)
syz_open_dev$sndpcmc(0x0, 0xb, 0x0)
r5 = io_uring_setup(0x3eae, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)=""/4104, 0x440000}], 0x1f77)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c80, 0x7000000)

3m10.878370899s ago: executing program 0 (id=2139):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0xd, 0x0, 0x4}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x44084)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b24, &(0x7f0000000000)={'wlan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2$9p(&(0x7f0000000000), 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r2, 0x107, 0xe, 0x0, &(0x7f0000000040))

3m10.039865203s ago: executing program 0 (id=2142):
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x708e8866d617f1cf}, 0xc, &(0x7f0000000340)={&(0x7f0000000680)={0x178, 0x1, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_TABLE_USERDATA={0x55, 0x6, "27f9011c8136b51399ce40585e575f22375f3a390dac9996b327d8a740323a18484a51cfb08d04b86ca08917dbb638d840c7a6daefe2dff52bbabced7e0da9fc93ff20939277eb077995e24331f88feda5"}, @NFTA_TABLE_USERDATA={0x85, 0x6, "5c8dc3febbbf30ddaa4940e4d581ee45f90e23d8770a37c4a9e89db1449ff39bd1fd7fcd5b22b7fc41f91ce5ece5239f638e5f0da771ec239cdd7a9ea0098814137c6000b99e3796b2de212f4828c4a7149e290a736a968dac61f6ee535ffedb62d9fb61ac69b6614dd8f51ff01daa7425de2ad11e16a2c1459d2d22c5525dc780"}, @NFTA_TABLE_USERDATA={0x75, 0x6, "b7144ea6c498569f833dbdb9cbd3a725437a458de416fb3a266387561425207d8f3d23eba8e4dbb30c26fadf57fe619d432f54b6ae4c680b7e60dd4989438e7e1b2617f1d1e4747639e776e2fade7e5e46d128212c0b0a1990e2496393d54fd4502ab53cb940c85e58a313c9f2054b3d30"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x178}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000500)="ba", 0x1)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6", 0x3)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

3m9.867576688s ago: executing program 0 (id=2144):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001240)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@grpquota}], [{@fowner_eq}, {@hash}, {@permit_directio}, {@hash}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0xcdc91, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000058c0)={0x2020}, 0x2020)

3m9.374445772s ago: executing program 0 (id=2147):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r2 = socket$tipc(0x1e, 0x5, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$tipc(r2, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r2, 0x0, 0x0)

2m54.225975041s ago: executing program 32 (id=2147):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r2 = socket$tipc(0x1e, 0x5, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$tipc(r2, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r2, 0x0, 0x0)

2m52.879437219s ago: executing program 1 (id=2203):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
recvmsg(r3, &(0x7f0000001a40)={0x0, 0x0, 0x0}, 0x2)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
sendto$inet6(r4, 0x0, 0x0, 0x200cc0c5, &(0x7f0000000080)={0xa, 0x4c20, 0x0, @mcast2}, 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e21, 0x7, @ipv4={'\x00', '\xff\xff', @multicast2}, 0xf357}, 0x1c)
sendto$inet6(r4, &(0x7f0000001cc0)="2501d77b330b7e73d6b1d1b8a473ff7420b4b43ce0861f000000714fa228ee1f5b48", 0xfffffffffffffe57, 0x8000, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000002480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002003, 0x0)

2m50.180525976s ago: executing program 1 (id=2205):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xa6c3, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000340)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r3, &(0x7f0000001840)=[{&(0x7f0000001640)=""/16, 0x10}], 0x1, 0x2, 0x5)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x448000, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)

2m45.323937992s ago: executing program 4 (id=2213):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1200000007"], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, 0x0, 0x40081)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2m44.314767301s ago: executing program 4 (id=2215):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1b000000", @ANYRES32=0x0, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r1 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
syz_emit_vhci(0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, 0x0)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)

2m43.543496359s ago: executing program 4 (id=2216):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000700000004000000800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00 \x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
lstat(0x0, 0x0)
lstat(0x0, 0x0)
prlimit64(r2, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
fchdir(r7)
creat(&(0x7f00000000c0)='./file0\x00', 0xdafbe5d6891b6e4)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r8, 0x541c, &(0x7f0000000300))

2m43.542896418s ago: executing program 1 (id=2217):
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="6d616e642c0042742d8d5700ad775f9ee1ae34b796b23373b3e00423b045d36ecccd4c1eaec2f355610ffff6fefb6c2c10025111e6b245d3564424ccdd6aa0a2d64ff8205926329ad3a32794c60c193afe8024cab7e5f4353fab45117b6700"/109], 0xff, 0x18b, &(0x7f0000000600)="$eJzsVb1OKkEU/oZdfu4tbqhvbnILiUIhLIsaO60MD+ADSGBF4uIPS6IQirXiPWx4C2PhO1hobLAwJhbYmzUzc3YcHgBdkvmS5TvnzJyfAfabo+A8yAL4mI2a2IWAhT94YAw2gP9Mxvaykl8zksvkv9iSSxS/Jn4kDgbD44bve70FGt/RI2nGTTLG+CkD+USMsQAjJ98bJGWepTa+3J2rFN6Elt3PRk1uHACIoijisZZ8GO0h7QLutD1/bfEwC5Gqw8WPO2sAKv3uWSUYDNc73Ubba3snrlvbcjYcZ9OtHHZ8z5GfTBsjRW04lwBwTf2lracBPJHA/pYUxqMxbTRaZ3puRhPn4grmkNJyY2a4Vbmk7bAA7GMV/D95ETItWhBVbIgj1cFgkVO1tflkr5xYKDdP/dYYDCxOm8BWNapTpJXj6k5tWx15TFwgrhNPiKfE8Z0V30W2qPBMXjHkP/Blo9/vVXlIWirmqpibD/UvjHd9z8wf7l8WBgYGBgYGBgZLhs8AAAD//wgCXCQ=")
openat(0xffffffffffffff9c, 0x0, 0x80, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000900)='./file1\x00', 0x101042, 0x0)

2m43.222631566s ago: executing program 1 (id=2219):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000002080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x2000c7fd, &(0x7f0000002340)={0x2, 0x4e23, @empty}, 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/profiling', 0x2, 0x184)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='scalable', 0x8)
sendto$inet(r0, &(0x7f0000000f00)="8995b3c271bab84f6e841cd28301f2e02519276836b2ab14ba300f39a71758d74d011771db342aa6df71dc54faabe6ccc2dae1fdf17d4c74618af0933c8c800ec3ce49bd4af9b8cf0b15e8ad756f12238f6649d204a1065dad7cffef082a59ee2b21eb73656d3d", 0x67, 0x4c840, 0x0, 0x0)

2m41.680472692s ago: executing program 4 (id=2220):
r0 = socket(0x2, 0x80000, 0xfffffffc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x123e00, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x7, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
socket$netlink(0x10, 0x3, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/unix\x00')
syz_open_pts(r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r6, 0x0, 0x4000804)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x800)
recvmmsg(r5, &(0x7f0000007700), 0x318, 0xfc0, 0x0)
read$FUSE(r4, &(0x7f00000025c0)={0x2020}, 0x2020)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10, &(0x7f0000000100)}, 0x40010)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x40}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xe0004000}}, @IPSET_ATTR_IP_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast=0xffff0011}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

2m41.266078638s ago: executing program 1 (id=2221):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001240)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@grpquota}], [{@fowner_eq}, {@hash}, {@permit_directio}, {@hash}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0xcdc91, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000058c0)={0x2020}, 0x2020)

2m40.691953539s ago: executing program 1 (id=2222):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000200)=0x2, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_128={{0x303}, "9913d4ab2de66f9c", "dd79ff97261d7098a0723ec49ab4cfdc", 'i}oz', "ffca69dbc7b44302"}, 0x28)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r1)
readv(r1, &(0x7f0000000600)=[{&(0x7f0000000280)=""/15, 0xf}], 0x1)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)

2m39.314110599s ago: executing program 2 (id=2225):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000b40), 0x1, 0x0)

2m37.172169977s ago: executing program 2 (id=2227):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xa6c3, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000340)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r3, &(0x7f0000001840)=[{&(0x7f0000001640)=""/16, 0x10}], 0x1, 0x2, 0x5)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x448000, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)

2m33.675311394s ago: executing program 4 (id=2231):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001240)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@grpquota}], [{@fowner_eq}, {@hash}, {@permit_directio}, {@hash}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0xcdc91, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000058c0)={0x2020}, 0x2020)

2m33.095920135s ago: executing program 4 (id=2232):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f00000000c0)={[{@lazytime}, {@errors_remount}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file7\x00', 0x0, 0x0, 0x3e, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r0, 0x0)
syz_mount_image$squashfs(&(0x7f00000000c0), &(0x7f0000000340)='./file0\x00', 0x248480, &(0x7f00000007c0)=ANY=[], 0x10, 0x1d0, &(0x7f0000000440)="$eJzsVb2uEkEU/s4ysKAmYGsrESqBtfEFjDyADyBZ1p+4/rGbKIRitaGxML4EiU9hodHewhgTGyw00QJLEqOZmTPrAFvovZB7bzJfQs453/nZc4bdM7eSh4kP4NdyGqIBBcIZfCKCANAiza0qWv5k+ZvxVWi7x/xLll9YJuPJ+2dandwZxHE0SsYFCgZxqKMQEwFFMazUt5jCigdX3j1dZwibyu6edTglLfGRbbmerzF+UQzn4sin2J1S2hzHM+/Ut10/q3xl3+MAOUP/kPXxhR71uPwXe1K8/8pKwOsrufrEww9lfFhOQ6lc5y0muaH+mU9CxUjjtRVzTgAZ4NkxQm1LoAWgk9590HnDay+6Gd0LAmTdt6f5DYy6nRu346hLVhuqlkAO+Z3WLH8ZwOe//gwWyGpN4hRAdq5sxCzn9nkrsaZnMLl2DV33VV7DZ04exTVcQBXAo0y6A2abkNUE1Gh9EM7WoYyesPoEVvBQVY6L4f14OAOBTNocIq/RW6AsDcqAKGBDeS5drpoWZyybLPss5ywXLM3dZe4koQ7wO1vtDKjg8SBNR+ry0lrOBTkXNPKD9/ip5jYk04kPBwcHBwcHB4cTgj8BAAD//0IJSNA=")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file7\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x4)

2m28.908936523s ago: executing program 2 (id=2237):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000a40)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x80800)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x2000000000000225, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0xfffb, r1, &(0x7f0000000340), 0x2d}])

2m27.055870205s ago: executing program 2 (id=2239):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000700000004000000800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00 \x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
lstat(0x0, 0x0)
lstat(0x0, 0x0)
prlimit64(r2, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
fchdir(r7)
creat(&(0x7f00000000c0)='./file0\x00', 0xdafbe5d6891b6e4)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r8, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0xa00, 0x0, 0x101, 0x100}})

2m25.330540356s ago: executing program 33 (id=2222):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000200)=0x2, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_128={{0x303}, "9913d4ab2de66f9c", "dd79ff97261d7098a0723ec49ab4cfdc", 'i}oz', "ffca69dbc7b44302"}, 0x28)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r1)
readv(r1, &(0x7f0000000600)=[{&(0x7f0000000280)=""/15, 0xf}], 0x1)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)

2m25.307493829s ago: executing program 2 (id=2241):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001240)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@noquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@grpquota}], [{@fowner_eq}, {@hash}, {@permit_directio}, {@hash}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0xcdc91, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000058c0)={0x2020}, 0x2020)

2m22.013146298s ago: executing program 2 (id=2246):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
io_uring_setup(0x1440, &(0x7f0000000280)={0x0, 0xbaeb, 0x400, 0x2, 0x145})
socket$l2tp6(0xa, 0x2, 0x73)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_io_uring_setup(0xed1, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40)
socket$can_j1939(0x1d, 0x2, 0x7)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="580000000206030000000000000000000300000705000100070000000900020073797a31000000000c00078008001240000000050500050002000000050004000100000011000300686173683a69702c706f727400"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892", 0xc)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004e00)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="401608eff8", 0x5}], 0x1, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x4}], 0x30}], 0x1, 0x0)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

2m17.924366037s ago: executing program 34 (id=2232):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f00000000c0)={[{@lazytime}, {@errors_remount}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file7\x00', 0x0, 0x0, 0x3e, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r0, 0x0)
syz_mount_image$squashfs(&(0x7f00000000c0), &(0x7f0000000340)='./file0\x00', 0x248480, &(0x7f00000007c0)=ANY=[], 0x10, 0x1d0, &(0x7f0000000440)="$eJzsVb2uEkEU/s4ysKAmYGsrESqBtfEFjDyADyBZ1p+4/rGbKIRitaGxML4EiU9hodHewhgTGyw00QJLEqOZmTPrAFvovZB7bzJfQs453/nZc4bdM7eSh4kP4NdyGqIBBcIZfCKCANAiza0qWv5k+ZvxVWi7x/xLll9YJuPJ+2dandwZxHE0SsYFCgZxqKMQEwFFMazUt5jCigdX3j1dZwibyu6edTglLfGRbbmerzF+UQzn4sin2J1S2hzHM+/Ut10/q3xl3+MAOUP/kPXxhR71uPwXe1K8/8pKwOsrufrEww9lfFhOQ6lc5y0muaH+mU9CxUjjtRVzTgAZ4NkxQm1LoAWgk9590HnDay+6Gd0LAmTdt6f5DYy6nRu346hLVhuqlkAO+Z3WLH8ZwOe//gwWyGpN4hRAdq5sxCzn9nkrsaZnMLl2DV33VV7DZ04exTVcQBXAo0y6A2abkNUE1Gh9EM7WoYyesPoEVvBQVY6L4f14OAOBTNocIq/RW6AsDcqAKGBDeS5drpoWZyybLPss5ywXLM3dZe4koQ7wO1vtDKjg8SBNR+ry0lrOBTkXNPKD9/ip5jYk04kPBwcHBwcHB4cTgj8BAAD//0IJSNA=")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file7\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x4)

2m5.660193733s ago: executing program 35 (id=2246):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
io_uring_setup(0x1440, &(0x7f0000000280)={0x0, 0xbaeb, 0x400, 0x2, 0x145})
socket$l2tp6(0xa, 0x2, 0x73)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_io_uring_setup(0xed1, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40)
socket$can_j1939(0x1d, 0x2, 0x7)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB="580000000206030000000000000000000300000705000100070000000900020073797a31000000000c00078008001240000000050500050002000000050004000100000011000300686173683a69702c706f727400"], 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892", 0xc)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004e00)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="401608eff8", 0x5}], 0x1, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x4}], 0x30}], 0x1, 0x0)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

1m24.011794738s ago: executing program 5 (id=2331):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000b40), 0x1, 0x0)

1m23.024279544s ago: executing program 5 (id=2332):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000140)={'virt_wifi0\x00', 0x1})
sendmsg(r0, 0x0, 0x200040c0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x3, 0x4, 0xe0, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000480)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2f}}, @in6={0xa, 0x4e20, 0x0, @empty, 0xfff}, @in={0x2, 0x4e23, @rand_addr=0x64010102}], 0x3c)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000003c0)={&(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x7, 0x5, 0x7})
r7 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
write$binfmt_script(r7, &(0x7f0000000040)={'#! ', './control/file0'}, 0x13)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r8, 0x6, 0x5, 0xffffffffffffffff, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000400)={0x9, 0x7, 0x2})
r9 = fsopen(&(0x7f0000000140)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
lsetxattr$security_capability(&(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
lgetxattr(0x0, 0x0, &(0x7f00000002c0)=""/203, 0xcb)

1m16.974997925s ago: executing program 5 (id=2339):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0xc, 0xfe, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, &(0x7f0000000100)={0x0, 0x3, 0x26, {0x55, 0x0, "93122c7119a79a57f00fdf3ebabe61ba5394362108000000882a6408f61e153a7ec3c25b"}}, 0x0, 0x0, 0x0}, 0x0)

1m13.487848831s ago: executing program 5 (id=2343):
unlinkat(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000040)='./file0\x00', 0x1008408, &(0x7f0000000ac0)=ANY=[@ANYBLOB='nojoliet,dmode=0x000000007fffffff,dmode=0x0000000000000009,check=relaxed,overriderockperm,utf8,mode=0x0000000000000000,nojoliet,hide,nocompress,utf8,norock,overriderockperm,mode=0xffffffffffffffff,cruft,map=off,iocharset=macinuit,fund=BPRM_CHECK,\x00', @ANYRESDEC], 0xff, 0x5ac, &(0x7f0000002940)="$eJzs3N9u29YZAPBDx441FwsGFGvSNEDZNBfZRRxJXhwY3UU0mrLZSqJA0kVyNRSL0wWzu2HZgDV3udlWYMOudj30dk+wJ9jTrM+QgfqT2JZjLU0XZcDvB8Q81Pl4zncY4hyIEBkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBAl281mKwq9bLAXluIXSraLvP/i6nja3j+PbY5Zef73X/+OQojqf6HRCJfG9Zfefh77w/rP1XBxvHcxNOpNIzx+650ffPT28lJ94EoUhTMSei0effn4l58dHOz/ZtGJLMhOOsjKPOt3vhdCKPN4a3OzeXO3W8bdrJeW98oq7cdJkXaqvIivJ3dCCFsbcbp+L98b7Gx3eml8PflR3Nraun2j3Wxuxh+vD9NOUeaDmx+vl8lu1utlg51RTF19o/1+uF1fiJ9kVVylnX4cP3h4sL8xL8k6qPXfBLXnBbWb7Xar1W63Nm9t3brdbDYmV+uzD5abJ4SThywv/qLltTs/uVBGO9M57vx3OY/Dt/E0+euiUwAAAAD+x6LRPfZodF/+0qjUzXpp81jM02hh6QEAAADfgdFX+4uTGwAhXArR7Pd/AAAA4P/bn858xi5EUSiHq9H0UZXh3WvRYacudQ7PjT86d7LFqns5ujBpZLTZXJ7sJemV6N1x0LvT6G8mmwfz8oiKYiV68moJhD+Hy+OYy/fH2/vTmnEva92sl64n+c3lEDqdC0tVerf63RcPfx9CUTw999WgfyEKDx4e7K///FcH90e5PKlbeXI4+YXE2tm5rIYjufz22XOPkxHfOT7ildGNmHrUXw36a+N+m0fHvzQ+fOklxv+H8N445r1JpmvHx9+o+2ytf9SaGf3RLFrDu9dWJ51NRz7zE5Ezs7gyjrly/cN68+H1Sc3KkSza87JoHz3/3+pcnJJF48S52JiXxcYrZgGwKA9OrkIz6//Mujua3q6tzDR1xiw3Z3Wvl/C5q/svXtDL+fB8Rv9gHPPB5eXnK9KJGb05b0ZvnrKun7a6hXD6WP8Rrv79byHshavT4BetsXW/fzm2qkaHX9cHfD3T7/RJ87LXjuqdc6uHvw7vPPry8Y2Hh599vv/5/hft9sZm88fN5q12WBkNY7Kx9gBwirT4Jlqr/hgVRTb8WWtrq9WpdtO4yJNP4iLb3knjbFClRbLbGeyk8bDIqzzJe3Xh02w7LeNybzjMiyru5kU8zMvs7ujNL/Hk1S9l2u8Mqiwph720U6Zxkg+qTlLF21mZxMO9n/aycjctRgeXwzTJulnSqbJ8EJf5XpGk63FcpumRwGw7HVRZN6uLg3hYZP1OcS/+NO/t9dN4Oy2TIhtW+bjBaV/ZoJsX/VGz64s+2QDwhngUJm+we/Yqu5cuhMacmEWPEQA47uQqvbrohAAAAAAAAAAAAAAAgBlHH9f7yeTFZa/8ROBiC3feOq3q/cUndrQQQlh+iaOm/13Hq4aLHsWCz+Fr7KvxZgx5+tats4PrqNOrohDC/L6+X8csaEICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDP8JwAA///H8oyP")
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file1\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x1, 0x14fe, &(0x7f00000020c0)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0xcdc91, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000058c0)={0x2020}, 0x2020)

1m12.763999315s ago: executing program 5 (id=2345):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c03000000000000000000000000230000000000", @ANYRES32=0x0, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000140)={'virt_wifi0\x00', 0x1})
sendmsg(r0, 0x0, 0x200040c0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x3, 0x4, 0xe0, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000480)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2f}}, @in6={0xa, 0x4e20, 0x0, @empty, 0xfff}, @in={0x2, 0x4e23, @rand_addr=0x64010102}], 0x3c)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000003c0)={&(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x7, 0x5, 0x7})
r7 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
write$binfmt_script(r7, &(0x7f0000000040)={'#! ', './control/file0'}, 0x13)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r8, 0x6, 0x5, 0xffffffffffffffff, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000400)={0x9, 0x7, 0x2})
r9 = fsopen(&(0x7f0000000140)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
lsetxattr$security_capability(&(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
lgetxattr(0x0, 0x0, &(0x7f00000002c0)=""/203, 0xcb)

1m11.857308494s ago: executing program 5 (id=2347):
ioperm(0x4, 0x8, 0x5)
futimesat(0xffffffffffffffff, 0x0, 0x0)

1m9.841067421s ago: executing program 36 (id=2347):
ioperm(0x4, 0x8, 0x5)
futimesat(0xffffffffffffffff, 0x0, 0x0)

28.581252032s ago: executing program 8 (id=2403):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x801, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$alg(0x26, 0x5, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400), 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5000000}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x0, &(0x7f0000000000))
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, 0x0)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc1}, &(0x7f00000002c0)={0x0, "cb888d55b4b9f2c2210289323f5d6402a85c627b23a8a0cffbbe71fa0710e86388ff4b67039aeb51663d594a2842fc80922c430ecbc75ec0de99d981f74feb52", 0x3e}, 0x48, 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r5)
r6 = bpf$ITER_CREATE(0x21, &(0x7f00000000c0), 0x8)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000100)={@empty, 0x77bf, 0x1, 0x1, 0xe, 0x4, 0x4}, 0x20)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000440)={'wlan0\x00'})

26.795888898s ago: executing program 8 (id=2405):
socket$inet_tcp(0x2, 0x1, 0x0)
setgroups(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0xffffffffffffff1a, &(0x7f0000000580)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
recvfrom$inet6(0xffffffffffffffff, &(0x7f0000003700)=""/4111, 0xffffffffffffffb1, 0x102, 0x0, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000000), 0x2)

19.301449166s ago: executing program 8 (id=2412):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$int_in(r3, 0x5421, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
setrlimit(0x9, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
io_uring_setup(0x1562, &(0x7f0000000040)={0x0, 0x2448, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xf, 0x7)

18.947031217s ago: executing program 9 (id=2349):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c03000000000000000000000000230000000000", @ANYRES32=0x0], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000140)={'virt_wifi0\x00', 0x1})
sendmsg(r0, 0x0, 0x200040c0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x3, 0x4, 0xe0, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000480)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2f}}, @in6={0xa, 0x4e20, 0x0, @empty, 0xfff}, @in={0x2, 0x4e23, @rand_addr=0x64010102}], 0x3c)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000003c0)={&(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x7, 0x5, 0x7})
r7 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
write$binfmt_script(r7, &(0x7f0000000040)={'#! ', './control/file0'}, 0x13)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r8, 0x6, 0x5, 0xffffffffffffffff, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000400)={0x9, 0x7, 0x2})
r9 = fsopen(&(0x7f0000000140)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
lsetxattr$security_capability(&(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
lgetxattr(0x0, 0x0, &(0x7f00000002c0)=""/203, 0xcb)

17.579056347s ago: executing program 3 (id=2415):
r0 = syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000180)='./file1\x00', 0x1004081, &(0x7f0000000040)=ANY=[], 0x3, 0x7e0, &(0x7f0000000300)="$eJzs3U9oHOfZAPBnFMl2FD5/Id9HPmMcZ2znA5s6yu4qUSpySDerkTzJalfsropNKYmJ5WAsJyEhpDGlqS9JW1pKTz2muYZccmsptNBD21OhOfTSQyGQU0lLC6WlFFR2dtf6L9myZKfJ77d439mZZ95539nxPDurnZkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACKpTZVK5STqeWP+bLq52lSrObvF9EF9P19VbLHciKT7Lw4ciEO9UYf+d3ny/d2n43Gk9+pIHOgWB+LqPfff+8T/DA8N5t+iQTt1bPNJIytfJBHf7Dbq8vnFxYVX9qAht9F3ftofOHDDs/xjqfs8kzXydjOfrc5kad5uppMTE6VHzky30+m8nrXPtTvZbFprZdVOs5WerJ1Ky5OT42k2dq4535iZqtazwcjHH66UShPp02NzWbXVbjYeeXqsXTuT1+t5Y6aIqZRej27M490N8Zm8k3ay6myaXry0uDC+XVO7QeVVY/av2nCOPHTvx6999NdLC90NcrNKkv6GWSmXK5XyxGOTjz1eKg1XSpXVI0prxPWIGIroRuzJRsuddc8G44b7W8y6CRFL/707O2+4RUP9/B/1yKMR83E20khjqHhefoxELaaiFc2Y7b7+3cia6evy//8/8qffbLXclfl/kOUPLU8+HEX+P9p7dXSz/L+uFXv5aLzfa83Kca/GG3E1Lsf5WIzFWIhXdlLzvrW17uFjaHfrm4ksGpFHO5qRx2xUizFpf0wakzERE1GKZ+NMTEc70piOPOqRRTvORTs6kRVbVC1akUU1OtGMVqRxMmpxKtIox2RMxnikkcVYnItmzEcjZmIqqkUtF+NSsd7H17Tr/m8895MXfvvxO93h60HlLTqSdD/MdYP+skXQunR/E/l/ECH/f9Yc6O+zbjR+F/fecGuWivw/fKebAQAAAOyhpPj2PYmIkXigGJrO69lX7nSzAAAAgF1U/K75SLcY6Q49EEn3+L+0QeSHt71tAAAAwO5IinPskogYjQd7Q4PTpTb6EgAAAAD4D1T8/f9otxiNeLMY4fgfAAAAPmO+tdk19j/a17/Gbntuf/KzP0erNZJcmzv7UHKl2o2rXrmrN1+/+PL1GjvTh5OD/UqKYmL46j1JRAzXsiPJ4OqX/9rfKz8png8vX4Bws2v9J9s0ILZuQPEqvhvHejHHLvTKC4MpvaWMTuf1bKzWrD9RTvpfjnRee/HS16Lo/rcbsweTuHhpcWHs+ZcWLxRtudat5dqV/uXhk8FcEb0TKrZoy1J/DcQDG/d4pDgRo7/c0d5ySyv7P9SbfWjr/icrl/lWHO/FHB/tlaOr+3+gu8zy2BPlqFYPDnWys53Xllb0vt+K8kY9v4l34a040Ys5cfJEr9igFZVVrXhxfSsqK1txY+vihlvxzrE3z/7tl80kG9+uFeO32AqAO+VicdWf5Sx0d5GF/rnU001oa/Lu3YM5b2Yvd3H5U8Zg/hW5bjjWZfd0J9n9rTjZiznZ+zwxfHiDvFLaYI/+8qWXf9Xfoz/63g9/9NWjv/5g59ntvTjVi+kXcd8vNsmx3T5/b01Wfbc7x7ubLrddryQxEnclvZsPxdWHL105/8LCCwsvVirjE6VHS6XHKjFSfFToF5u0VOYB+Hzb7h47H3z9euhmd+FJHt3mqPq+6z8pGIvn46VYjAtxujjbICIe3LjW0RU/Qzi9zVHr6Io7vJze5thyObayNnb/iSQ2iR1fscb+7wdF8fc9ekMA4DY4vk0eTgafEF7/r/4cayLuSpLT2xx3r87lp3o3zh0cHcfmuXwjX9zj9QEAnwdZ65NktPN20mrlc8+WJyfL1c6ZLG01a8+krXxqJkvzRidr1c5UGzNZOtdqdpq1wVfHU1k7bc/PzTVbnXS62Urnmu38bHHn97R/6/d2NlttdPJae66eVdtZWms2OtVaJ53K27V0bv6pet4+k7WKmdtzWS2fzmvVTt5spO3mfKuWjaVpO8tWBOZTWaOTT+fZSJo30rlWPlttXYuI+vxslk5l7Vorn+s0exUOlpU3pput2aLasfXd/+PtXt8A8Gnw6htXL59fXFx4ZWcDv7+R4DvdRwBgNVkaAAAAAAAAAAAAAAA+/dafrtcde1MnAo7Ejk8ffHV/3MrZh5+9gS+833tbdqPCW6nn7lXv6b7+xnLn189NDzz35JOXl8ckwytX71NvHjrzhywGvduino3/p2x0quvbByP2/fj7vTFf2iQ4Gd7lnn4YETuYfSnZIub274sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv/DgAA//9CP1Gw")
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_LEAVE_IBSS(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000d40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="01002abd7000fbfddf252c00000008000300", @ANYRES32=r3, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x40000)

15.097049965s ago: executing program 3 (id=2418):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1b000000", @ANYRES32=0x0, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
syz_emit_vhci(0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, 0x0)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)

14.807490111s ago: executing program 7 (id=2420):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0xfffffffd, @empty, 0x2}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3c}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "fd46ee", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0xff6f}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)

14.097587863s ago: executing program 3 (id=2421):
socket$inet_tcp(0x2, 0x1, 0x0)
setgroups(0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0xffffffffffffff1a, &(0x7f0000000580)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
recvfrom$inet6(0xffffffffffffffff, &(0x7f0000003700)=""/4111, 0xffffffffffffffb1, 0x102, 0x0, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000000), 0x2)

14.097284033s ago: executing program 9 (id=2422):
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
setgroups(0x0, &(0x7f0000000000))

13.723840815s ago: executing program 7 (id=2423):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000280)=[{0x6, 0x4, 0x40, 0x7fff0003}]})
sync()
dup(r3)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f00007ad000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000ed000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000367000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000014000/0x1000)=nil, &(0x7f0000582000/0x3000)=nil, &(0x7f00000d5000/0x3000)=nil, &(0x7f0000903000/0x4000)=nil, &(0x7f0000000240)="78ebd2ee09fbdb77e336c0ba873f47764a037591143a04b248caeb0466fcd063f8c6ae19e11675ccfecdbf5a75d20098ff2f31fa6299f16c13734458aa1d4c75606b3a718ec298f3381f7e02de2de0f50d229a1362dd92e6fc856924032ae390824b0a57a1d56775373993690b7d5e094b3bebb4", 0x74, r2}, 0x68)
prlimit64(r0, 0x6, &(0x7f0000000380)={0x4, 0x1}, &(0x7f00000003c0))
fstat(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getresuid(&(0x7f0000000040), &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0))
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000500)={[{}, {@noadinicb}, {@session={'session', 0x3d, 0x6dc}}, {@gid_ignore}, {@dmode={'dmode', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@mode={'mode', 0x3d, 0x3}}, {@nostrict}, {@umask={'umask', 0x3d, 0x1}}, {@rootdir={'rootdir', 0x3d, 0x8}}, {@anchor={'anchor', 0x3d, 0xce}}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'gid=ignore'}}, {@fowner_lt}, {@fowner_eq={'fowner', 0x3d, r4}}, {@uid_gt={'uid>', r5}}, {@subj_type={'subj_type', 0x3d, 'umask'}}, {@subj_type={'subj_type', 0x3d, 'nostrict'}}, {@obj_user={'obj_user', 0x3d, '$&\''}}, {@smackfsfloor}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}]}, 0x1, 0xc39, &(0x7f0000000f80)="$eJzs3U9sHNd9B/DfGy5F0m4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIbtowvfTQQ4Ci6CEnAq1RIEUDoymKHtnWBZKLD4VPPREtbARFD2wRIKeAxcy+FVf/LNkkJcr6fGzqOzv73sx7M+MZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+8cvb48+lBtwIAuJ/OT3/1+AnPfwB4pFzw//8AAAAAAAAAAAAAAHDQpSjiiUixdH4rzVafu4bPtTtXr81MTN6+2kiqag5U5cuf4edPnDz1pRfGT/fyw+vvtafitekLZ+svL15ZWm6trLTm6zOd9tzifOuet7Db+jcbqw5A/crrV+cvXVqpn3ju5A1fXxv9YOjxI6Nnxp859nSv7MzE5OR0X5na4Mfe+y3uNMLjUBRxLFI8+/0fp2ZEFLH7Y3GXa2e/jVSdGKs6MTMxWXVkod3srJZfTvUORBFR76vU6B2j+3AudqURsVY2v2zwWNm96aXmcvPiQqs+1Vxeba+2FztTqdvasj/1KOJ0iliPiM2hWzc3GEXUIsV3D2+lixEx0DsOX6wGBt+5HcU+9vEelO2sD0asFw/BOTvAhqKIVyPFT94pYq48ZvknvhDxapn/GPFWmS9FpPLCOBXxfnUdjTzglrMXalHEn5Xn/8xWmq/uB737yrmv1b/SubTYV7Z3X3nonw/30wG/Nw1HEc3qjr+VPv5vdgAAAAAAAAAAAAAAAADYayNRxFOR4pV//4NqXHFU49IPnxn/3dGf7x8z/uRdtlOWfS4i1op7G5N7KA8hnkpTKT3gscSPsuEo4o/y+L9vP+jGAAAAAAAAAAAAAAAAAAAAPNKKeC9SvPju0bQe/XOKtzuX6xeaFxe60+X25v7tzZm+vb29XU/dbOSczbmWcz3nRs7NnFHk+jkbOWdzruVcz7mRczNnDOT6ORs5Z3Ou5VzPuZFzM2fUcv2cjZyzOddyrufcyLmZMw7I3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8kRRTxs0jxnW9spUgR0YiYjW5uDPXKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0lAq4geRov57jevrahGRqn+7jpa/nIrGoTI/HY3xMl+KxtmczSprjW8/gPazO4OpiB9FiqHht6+f8Hz+B7ufrl8G8dY3dz79Uq2bA70vRz8YevzI4TPjk7/y5J2W0+0aMHau3bl6rT4zMTk53be6lvf+6b51o3m/xd50nYhYeePN15sLC61lC4/GQq27UIs93fJIxN5ucO8Wat2FfL+KB96eOyw0DkYzdhaiuvff9p7NJ0b5/H8/Uvzmu//Re+D3nv8/1/10/QkfP/3jnef/izdvaJ+e/0/0rXsx/25ksBYxvHplafBIxPDKG28ea19pXm5dbnVOHT/+5fHxL588PngoYvhSe6HVt7TrQwUAAAAAAAAAAAAAAABwf6UifjtSNH+0leoRca0arzV6ZvyZY08PxEA13uqGcVuvTV84W3958crScmtlpTVfn+m05xbnW/e6u+FquNfMxOS+dOauRva5/SPDLy8uvbHcvvz7q7f9/rHhsxdXVpebc7f/OkaiiGj0rxmrGjwzMVk1eqHd7FRVp/ZoYOZgKuI/I8XcqXr6fF6Xx/+V8d5gX9n+8f9rfeur5X0a//epm/aTUhE/jRS/8edPxuerdj4WtxyzXO6vI8XY6c/lcnGoLNdrQ/e9At2RgWXZ/40Uf/+zG8v2+v7ETtnnP9rRPfjK8384UvzgT78Xv5rX3fj+h53xn/3n/7GbN7RP5/8zfeseu+F9BbvuOvn8H4sULz3xdvxaXvdh7/8oYnt7+1sRR3Ph6+/n2Kfz/9m+daPR3e+v7133AQAAAAAAAAAAHlqDqYi/iRRPT9bSC3ndvfz9v/mbN7RPf//rF/vWzd+n+Yp2fVABAAAA4IAYTEW8Fykur759fQx13/jvG8d//tbO3OsT6aZvqz/n+4XqvQF7+ed//Ubzfmd3320AAAAAAAAAAAAAAAAAAAA4UFIq4oU8n/rsXeZT34gUr/z3s7lcOlKW680DP1r9Onx+sXPs7MLC4lxztXlxoVWfXmrOtcq6n4kUW3/1uVy3qOZX7803353jfXi7Nxf7cqSY/Nte2e5c7L25ybvzgXfnYi/LfipS/Nff3Vi2N4/1Z3fKnijL/mWk+Po/3b7skZ2yJ8uy34sUP/x6vVf2sbJs7/2o3XeSDtdiofXc3OLCLa9CrRS7PjUAAAAAAAAAAAAAAAAAAAA8QgZTEX8SKf7nynqs5WH/ef7/3gz8tV7Zt77ZN9//Ta5V8/yPVvP/32n548z/P7pnPQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIdHiiLejBRL57fSxlD5uWv4XLtz9drMxOTtq42kquZAVb78GX7+xMlTX3ph/HQvP7z+XnsqXpu+cLb+8uKVpeXWykprvj7Tac8tzrfueQu7rb9z6LrGqgNQv/L61flLl1bqJ547ecPX10Y/GHr8yOiZ8WeOPd0rOzMxOTndV6Y2+BH2/pEat+NQFPEXkeLZ7/84/fNQRBG7PxZ3uXb220jVibGqEzMTk1VHFtrNzmr55VTvQBQR9b5Kjd4xug/nYlcaEWtl88sGj5Xdm15qLjcvLrTqU83l1fZqe7EzlbqtLftTjyJOp4j1iNgcunVzg1HE65Hiu4e30r8MRQz0jsMXz09/9fiJO7ej2Mc+3oOynfXBiPXiIThnB9hQFPEPkeIn7xyNfx2KqEX3J74Q8Wp/wZciUnlhnIp4/zbXEQ+nWhTxf+X5P7OV3hkq7we9+8q5r9W/0rm02Fe2d185SM+H7Y9+LY7swW7v3QG/Nw1HET+s7vhb6d/8dw0AAAAAAAAAAAAAAABwgBTxy5HixXePpmp88PUxxe3O5fqF5sWF7rC+3ti/esQflrm9vb1dT91s5JzNuZZzPedGzs2cUeT6ORs5Z3Ou5VzPuZFzM2cM5Po5Gzlnc67lXM+5kXMzZ9Sq2N7e/la3fi3Xz7mWc70WUZT18+fNnHFAxu4BAAAAAAAAAAAAAAAAAACfLEX1T4rvfGMrVXOpNiJmo5sb5gP9xPv/AAAA//+ZYP5q")

13.594351107s ago: executing program 9 (id=2424):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_CT_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0xffffffff, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000140)=0x8, 0x4)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r6 = dup(r5)
sendfile(0xffffffffffffffff, r6, &(0x7f0000000180)=0x8, 0x0)
sendmmsg$inet(r3, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, 0x0, 0x0)

12.883901369s ago: executing program 3 (id=2425):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000200)=0x2, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_128={{0x303}, "9913d4ab2de66f9c", "dd79ff97261d7098a0723ec49ab4cfdc", 'i}oz', "ffca69dbc7b44302"}, 0x28)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r1)
readv(r1, &(0x7f0000000600)=[{&(0x7f0000000280)=""/15, 0xf}], 0x1)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)

11.386702311s ago: executing program 6 (id=2426):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
fcntl$setsig(r0, 0xa, 0x31)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setxattr$security_ima(0x0, &(0x7f0000000080), &(0x7f0000000100)=@sha1={0x1, "135e05ce8ce63c18f826a69c16e06c678ba7da37"}, 0x15, 0x1)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev={0xfe, 0x80, '\x00', 0xfe}, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x281, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x5453, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(0xffffffffffffffff, 0x800448d2, &(0x7f00000000c0)={0xb, &(0x7f0000001dc0)})

11.094172226s ago: executing program 7 (id=2427):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), r0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file0\x00', 0x1000000, 0x0, 0x0, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="d8000000180081054e81f782db4cb90402200800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370401a8001600290001401c00010003580461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad956", 0x94}], 0x1}, 0x0)
io_uring_setup(0xfc4, &(0x7f00000001c0)={0x0, 0x0, 0x2, 0xfffffffc})
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000140)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r5, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0x1000, 0x101c, 0x10, 0x4, 0x401, 0x100, 0xa, 0x0, 0x52, 0x43, 0x7e9, 0x401, 0x9aa5, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r6=>0xffffffffffffffff})
r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r7, 0x40045010, &(0x7f00000002c0)=0x9)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000000380))
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, 0x0, &(0x7f00000000c0), 0x80, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x23, &(0x7f0000000040)=0x6, 0x4)

9.883922042s ago: executing program 6 (id=2428):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
ppoll(0x0, 0x0, 0x0, &(0x7f0000000440)={[0x2]}, 0x8)

9.555064961s ago: executing program 6 (id=2429):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000b40), 0x1, 0x0)

8.88945914s ago: executing program 8 (id=2430):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
read$FUSE(r1, 0x0, 0x0)
write$FUSE_INIT(r1, 0x0, 0x0)
write$FUSE_NOTIFY_INVAL_INODE(r1, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x15, 0x5, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000040))
pselect6(0x40, &(0x7f00000001c0)={0x7, 0x300, 0x3, 0xfffffffffffffffd, 0x0, 0x1000085, 0x10000008}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0xc1, 0x0, 0x3db4, 0x7fffffff, 0x400}, 0x0, 0x0)
epoll_pwait(r4, &(0x7f0000000140)=[{}], 0x1, 0x80000001, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe)

8.810958327s ago: executing program 3 (id=2431):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5c5d000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x1a0)
r4 = memfd_create(&(0x7f0000000480)='\xecO\xdd\xbd\xfc\xfa\xe1\xea\xea\x00\xb0\xd8Y\x03\x00\x00\x00\x00\x00\x00\x7f.\x14\x89|cW\x11\x0e$]7\x99\x11\xfd\xbe/6&\xe6\x97\x1e\xfbon\'\x0f<;\xbe\xa5`\"E]\xda]\xb9\xeb>\xe9\xf2\x99\xa8\xbeOA\xf8\\\xeb[\xd7:{\r\x91.\xdbxn\x1b\x17\xccMz\x1dc\x1d5\x9fe/\xb7k}\xd7\xa6\xd1\xcf\x1f\xf3\xae\x9e\xd6\x040\x19\x88\xa7:OYw\xfe\xaf\xdf\x16\x88\xfe\xd3\x13\x9f!\xd7\xcf\x86\x9f\xe8)\x01\x01\x00\x00\x06^\xb4', 0x0)
ftruncate(r4, 0x8800000)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha1\x00'}, 0x58)
r6 = accept$alg(r5, 0x0, 0x0)
r7 = dup3(r6, r5, 0x0)
sendfile(r7, r4, 0x0, 0x1000009)
timer_create(0x0, 0x0, &(0x7f0000000300)=<r8=>0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r8, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
io_submit(0x0, 0x0, 0x0)
fanotify_init(0x8, 0x1)

6.136363781s ago: executing program 3 (id=2432):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1b000000", @ANYRES32=0x0, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
syz_emit_vhci(0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, 0x0)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)

5.451843531s ago: executing program 8 (id=2433):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000700000004000000800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00 \x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
lstat(0x0, 0x0)
lstat(0x0, 0x0)
prlimit64(r2, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r7, 0x541c, &(0x7f0000000300))
ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0xa00, 0x0, 0x101, 0x100}})

5.316977903s ago: executing program 6 (id=2434):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x2, 0x400000000000003, 0x20, 0x6, 0x2}, 0x10}}, 0x0)

3.41575544s ago: executing program 8 (id=2435):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$tun(0xffffffffffffff9c, 0x0, 0xa2f01, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000c80)=[{{&(0x7f0000000580)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}], 0x40000cc, 0xc000)

3.203822089s ago: executing program 6 (id=2436):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x24000000)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000300)={0x2c, &(0x7f00000000c0)={0x20, 0x8, 0x3a, {0x3a, 0x28, "610d000000ee2c64a872188913cebae93f78a0f4468ff9e86d0164692c56043d53111e370935bd5c4379db8ed828ad0d7dd4871f5790ffe6"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="050000000000000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffffffff070001000406f0027f0006a7000c"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
r0 = add_key$user(&(0x7f00000002c0), 0x0, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.829010021s ago: executing program 9 (id=2437):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)

2.455647204s ago: executing program 7 (id=2438):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
fcntl$setsig(r0, 0xa, 0x31)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setxattr$security_ima(0x0, &(0x7f0000000080), &(0x7f0000000100)=@sha1={0x1, "135e05ce8ce63c18f826a69c16e06c678ba7da37"}, 0x15, 0x1)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev={0xfe, 0x80, '\x00', 0xfe}, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x281, 0x0)
ioctl$TIOCSSOFTCAR(r7, 0x5453, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(0xffffffffffffffff, 0x800448d2, &(0x7f00000000c0)={0xb, &(0x7f0000001dc0)})

1.127866391s ago: executing program 9 (id=2439):
syz_mount_image$hfsplus(&(0x7f0000000a40), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2010410, &(0x7f0000000000)=ANY=[], 0x1, 0x694, &(0x7f0000000a80)="$eJzs3UtsHGcdAPD/rNdrbwip2zptQJVqNRIgLBI7lgvmQkCALNFDVQ6crcRprGzSYm+RWyG6vK899IpUDj4gcULiHqlcuMCth158rITEpRcMl0UzO7PvTXbz2nX7+0Wz3zfzzXyP/7z2EWsC+NzaXo3y3Uhie/WVw3T++Gijdny0cbvIR8RCRDQiyhFRiojkP81m88OIqxFJu5qkL42Y723n/b2t1z769PiT1lw5n7L1Sz3bPZBGPsVKRMzl6aOq79pD15e0R3g1Ii7mKUxdepo2e/z072dbJZWeFavDtl58Mp0EHqukdd8csBRxJj/R0/cBrbti6559qjWm3QEAAAB4Ap46iZM4TM5Nux8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwWjQ6z/9P8qlU5FciKZ7/X8mXRZ6fLS/ef5VSV/7u4+wLAAAAAAAAADyIhck3efEkTuIwzhXzzST7efylbGY5e/1CvBUHsRv7cSkOYyfqUY/9WI+Ipa6KKoc79fr++hhbXhm65ZUxx1YdKBlcAgAAAAAAAACfP7+K7c7v/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAuSiLlWkk3LUW4tXopSmluMiEq6oBHxzyJ/mt2ddgcAAADg4VWHLVzoyj91EidxGOeK+WYSyxHxXPb5fzHeijtRj72oRy1243r2nUDrU3/p+Gijdny0cTudBtv47r8n6mdWY7S+exje8oVsjWrciL1syaW4Fm9ELa5HKdsydSHvT1FrX79+mfYp+U5uzJ5dz9N05O/l6YB3JxrsKPf+MuXWYp6Zy9OlLCLz7Yis5X1Lo/F0sWfae6ini8XemR+vY/0trUep3dnlvpb6BtGJ+eJ4baXO5Gk6nt+NivlU9EQiG1Hn6HtuIOZ9vvrXP//kZu3OrZs3DlZnZ0jjKQ66ZvZaHTwmNroi8fxnORID1rJInG/Pb8cP48exGivxauzHXvwsdqIeu7ES389yO/nxnHSd8iMidbVn7tURHWhfvCv5EdraWZP16aVs23Ox174ovJz9uxLr8c3YjM3Y6trD5++9h7OzvjTiStv84tBRXPxanknvWb8fde+aijSuTxdxTaLnmruUlXUv6UTpmTGiNOH9qPzl/BxM2/h1ns6G/kisd0Xi2XtH4o/ZkA5qd27t39x5c7zmnnkvz6Tn0W9n6i5Ryc+h1m8nvUdHeiw9O7RsPStbbpeVBsrOt8taZ2oj3ojrsTvkTK3k7+EGa7qSlT0/tGwjK7vQVTbs/RYAMy29HZ75+plK9V/Vf1Q/qP6merP6yuL3Fr618EIl5v82/+3y2txXSi8kf4kP4hedt5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCDO3j7nVs7tdrufk+mUWs2m+8OLXrYzMcf/yl7wNOjr3mcTPE4syfY6JfORtx35bNTicZDZ5Jk3JX/22w28yXJo+tGKR7PuJq5WYnzNDLTvS4Bj9/l+u03Lx+8/c439m7vvL77+u6drc3NrbWtzZc3Lt/Yq+2utV77t5rgma7AzOrc9PtL/jCdDgEAAAAAAAAAAAD3NfR///8vHtlfESTTHiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw6m2vRvluJLG+dmktnT8+2qilU5HvrFmOiFJEJD+PSD6MuBqtKZa6qktGtfP+3tZrH316/EmnrnKxfmnIdj+YbBSNfIqViJjL08KPxqqiPLK+a/2lE0vaI0wDdrEIHEzb/wMAAP//oBkKiA==")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x408, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
link(&(0x7f0000000480)='./file1\x00', &(0x7f0000000000)='./bus\x00')

1.02620373s ago: executing program 7 (id=2440):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ptrace(0x10, 0x0)
syz_clone(0x2020000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2002, 0x0)
ioctl$XFS_IOC_START_COMMIT(r1, 0x80585882, &(0x7f00000003c0)={<r4=>0xffffffffffffffff})
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x2}}]}, 0x1c}}, 0x8040)
socket$nl_route(0x10, 0x3, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
capset(&(0x7f0000000280)={0x19980330}, &(0x7f0000000440)={0xffffffff, 0x2, 0x8001, 0x2, 0x2, 0x3})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x72, 0xa, 0x0, 0xffc4, 0x0, 0x69, 0x10, 0x22}}, &(0x7f0000000480)='GPL\x00'}, 0x80)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

348.336499ms ago: executing program 7 (id=2441):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000200)=0x2, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_128={{0x303}, "9913d4ab2de66f9c", "dd79ff97261d7098a0723ec49ab4cfdc", 'i}oz', "ffca69dbc7b44302"}, 0x28)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r1)
readv(r1, &(0x7f0000000600)=[{&(0x7f0000000280)=""/15, 0xf}], 0x1)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
openat$kvm(0x0, 0x0, 0x0, 0x0)

5.139299ms ago: executing program 9 (id=2442):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
write$FUSE_NOTIFY_INVAL_INODE(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x15, 0x5, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000040))
pselect6(0x40, &(0x7f00000001c0)={0x7, 0x300, 0x3, 0xfffffffffffffffd, 0x0, 0x1000085, 0x10000008}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0xc1, 0x0, 0x3db4, 0x7fffffff, 0x400}, 0x0, 0x0)

0s ago: executing program 6 (id=2443):
r0 = socket$unix(0x1, 0x1, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bind$unix(r0, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r0, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000000)=@file={0x1}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
connect$unix(r2, &(0x7f0000000080)=@file={0x1}, 0x6e)
close(r0)

kernel console output (not intermixed with test programs):

tor??
[  548.976383][ T4312] gspca_main: cpia1-2.14.0 probing 0813:0001
[  549.498086][ T4284] Bluetooth: hci4: hcon ffff8880595d8000 sent 1 < count 7
[  549.505785][ T4284] Bluetooth: hci4: hcon ffff8880595d8000 sent 0 < count 10
[  549.760288][T10621] loop2: detected capacity change from 0 to 2048
[  549.867799][T10621] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  549.970427][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  550.094287][ T4312] gspca_cpia1: usb_control_msg 05, error -110
[  550.105045][ T4312] gspca_cpia1: usb_control_msg 01, error -32
[  550.166852][ T4312] gspca_cpia1: usb_control_msg 01, error -32
[  550.211447][ T4312] gspca_cpia1: usb_control_msg 01, error -32
[  550.258983][ T4312] gspca_cpia1: usb_control_msg 01, error -32
[  550.285169][ T4312] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0)
[  550.474045][   T22] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  550.664046][   T22] usb 3-1: Using ep0 maxpacket: 32
[  550.671343][   T22] usb 3-1: config 0 has an invalid interface number: 12 but max is 0
[  550.710338][   T22] usb 3-1: config 0 has no interface number 0
[  550.729455][   T22] usb 3-1: config 0 interface 12 has no altsetting 0
[  550.749767][   T22] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  550.769817][   T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.778177][   T22] usb 3-1: Product: syz
[  550.782764][   T22] usb 3-1: Manufacturer: syz
[  550.787561][   T22] usb 3-1: SerialNumber: syz
[  550.794692][ T4284] Bluetooth: Wrong link type (-71)
[  550.843616][   T22] usb 3-1: config 0 descriptor??
[  551.806276][T10645] netlink: 'syz.1.2027': attribute type 1 has an invalid length.
[  551.910299][   T22] f81534 3-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[  551.922567][T10645] netlink: 'syz.1.2027': attribute type 2 has an invalid length.
[  551.941025][   T22] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71
[  551.964586][   T22] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  551.981843][   T22] f81534: probe of 3-1:0.12 failed with error -71
[  552.043974][   T22] usb 3-1: USB disconnect, device number 34
[  552.073591][T10645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2027'.
[  552.117519][   T33] usb 5-1: USB disconnect, device number 33
[  552.354049][ T4312] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  552.609986][ T4312] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  552.630116][ T4312] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  552.701551][ T4312] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  552.772577][ T4312] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  552.884372][ T4312] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  552.957163][ T4312] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  553.019934][ T4312] usb 1-1: Product: syz
[  553.051371][ T4312] usb 1-1: Manufacturer: syz
[  553.119853][ T4312] cdc_wdm: probe of 1-1:1.0 failed with error -22
[  553.247268][T10676] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2034'.
[  554.101012][   T33] usb 1-1: USB disconnect, device number 40
[  554.854876][ T4312] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  555.048108][ T4312] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  555.080243][ T4312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.160934][ T4312] usb 2-1: config 0 descriptor??
[  555.220952][ T4312] gspca_main: cpia1-2.14.0 probing 0813:0001
[  557.278639][ T4312] gspca_cpia1: usb_control_msg 05, error -110
[  557.304340][ T4312] gspca_cpia1: usb_control_msg 01, error -32
[  557.316884][ T4312] gspca_cpia1: usb_control_msg 01, error -32
[  557.323257][ T4312] gspca_cpia1: usb_control_msg 01, error -32
[  557.331497][ T4312] gspca_cpia1: usb_control_msg 01, error -32
[  557.350227][ T4312] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0)
[  557.943274][T10726] netlink: 'syz.3.2050': attribute type 1 has an invalid length.
[  557.955390][T10726] netlink: 'syz.3.2050': attribute type 2 has an invalid length.
[  558.353781][T10733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2050'.
[  558.546769][ T4312] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  558.770595][ T4312] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  558.816607][ T4312] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  558.897764][ T4312] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  559.839555][ T4312] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  559.867082][ T4312] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  559.877275][ T4312] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  560.424022][ T4312] usb 5-1: Product: syz
[  560.434096][ T4312] usb 5-1: Manufacturer: syz
[  560.487246][ T4312] cdc_wdm: probe of 5-1:1.0 failed with error -22
[  560.504023][    T9] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  561.418750][ T4312] usb 2-1: USB disconnect, device number 35
[  561.547588][ T4314] usb 5-1: USB disconnect, device number 34
[  563.099830][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  563.106393][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  564.068348][ T4314] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  564.254082][ T4314] usb 3-1: Using ep0 maxpacket: 32
[  564.270519][ T4314] usb 3-1: config 0 has an invalid interface number: 12 but max is 0
[  564.288378][ T4314] usb 3-1: config 0 has no interface number 0
[  564.295820][ T4314] usb 3-1: config 0 interface 12 has no altsetting 0
[  564.302898][T10771] tipc: Failed to remove unknown binding: 66,1,1/0:2136316893/2136316895
[  564.317555][ T4314] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  564.339325][ T4314] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.376127][ T4314] usb 3-1: Product: syz
[  564.396686][ T4314] usb 3-1: Manufacturer: syz
[  564.418301][ T4314] usb 3-1: SerialNumber: syz
[  564.456917][ T4314] usb 3-1: config 0 descriptor??
[  566.747619][   T26] audit: type=1326 audit(1771644523.542:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.4.2066" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f655c59c629 code=0x0
[  566.795282][ T4314] f81534 3-1:0.12: f81534_set_register: reg: 1002 data: 0 failed: -71
[  566.813901][ T4314] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71
[  566.844046][ T4314] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  566.884407][ T4314] f81534: probe of 3-1:0.12 failed with error -71
[  566.900017][ T4314] usb 3-1: USB disconnect, device number 35
[  569.244131][ T4314] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  569.556613][ T4314] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  569.573703][ T4314] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  569.617806][ T4314] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  571.127419][ T4314] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  571.236139][ T4314] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  571.252325][ T4314] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  571.261120][ T4314] usb 3-1: Product: syz
[  571.288614][ T4314] usb 3-1: Manufacturer: syz
[  571.327241][ T4314] cdc_wdm: probe of 3-1:1.0 failed with error -22
[  571.417069][T10809] loop1: detected capacity change from 0 to 128
[  571.491730][T10809] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  571.516659][T10809] ext4 filesystem being mounted at /428/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  571.812737][ T4268] EXT4-fs (loop1): unmounting filesystem.
[  572.108328][ T4314] usb 3-1: USB disconnect, device number 36
[  572.994099][T10825] loop4: detected capacity change from 0 to 2048
[  573.096578][T10825] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  575.764197][   T22] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  575.964078][   T22] usb 2-1: Using ep0 maxpacket: 32
[  575.971271][   T22] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  576.030340][   T22] usb 2-1: config 0 has no interface number 0
[  576.064987][   T22] usb 2-1: config 0 interface 12 has no altsetting 0
[  576.102453][   T22] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  576.146781][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.176934][   T22] usb 2-1: Product: syz
[  576.201917][   T22] usb 2-1: Manufacturer: syz
[  576.238495][   T22] usb 2-1: SerialNumber: syz
[  576.304895][   T22] usb 2-1: config 0 descriptor??
[  576.456010][ T4270] EXT4-fs (loop4): unmounting filesystem.
[  576.609051][T10845] loop4: detected capacity change from 0 to 128
[  576.711040][T10845] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  576.727899][T10847] tipc: Failed to remove unknown binding: 66,1,1/0:3283116369/3283116371
[  576.793020][T10845] ext4 filesystem being mounted at /399/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  577.012285][T10850] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  577.172756][ T4270] EXT4-fs (loop4): unmounting filesystem.
[  577.337982][   T22] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  577.388177][   T22] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[  577.422288][   T22] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  577.430382][   T22] f81534: probe of 2-1:0.12 failed with error -71
[  577.453899][   T22] usb 2-1: USB disconnect, device number 36
[  578.115381][T10861] loop0: detected capacity change from 0 to 512
[  578.183229][T10864] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2088'.
[  578.246289][T10861] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  578.274872][T10861] ext4 filesystem being mounted at /394/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  578.307799][T10870] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2088'.
[  578.339785][T10870] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2088'.
[  578.594119][   T33] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  579.487046][ T4277] EXT4-fs (loop0): unmounting filesystem.
[  579.629406][   T33] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  579.665986][   T33] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  579.686852][   T33] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  579.704557][   T33] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  579.732915][   T33] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  579.754190][   T33] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  579.768341][   T33] usb 5-1: Product: syz
[  579.787716][   T33] usb 5-1: Manufacturer: syz
[  579.833375][   T33] cdc_wdm: probe of 5-1:1.0 failed with error -22
[  579.874061][  T127] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  580.097928][T10883] loop3: detected capacity change from 0 to 256
[  580.105425][  T127] usb 2-1: Using ep0 maxpacket: 8
[  580.115895][  T127] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  580.160148][  T127] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  580.178999][T10883] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  580.194307][  T127] usb 2-1: New USB device found, idVendor=056a, idProduct=0000, bcdDevice= 0.00
[  580.203703][T10883] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  580.230062][  T127] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.277080][  T127] usb 2-1: config 0 descriptor??
[  580.287427][T10883] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  580.724097][  T127] wacom 0003:056A:0000.0002: ignoring exceeding usage max
[  580.778567][  T127] wacom 0003:056A:0000.0002: Unknown device_type for 'HID 056a:0000'. Assuming pen.
[  580.851704][  T127] wacom 0003:056A:0000.0002: hidraw0: USB HID v0.00 Device [HID 056a:0000] on usb-dummy_hcd.1-1/input0
[  580.881617][  T127] input: Wacom Penpartner Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0000.0002/input/input13
[  581.197398][   T14] usb 2-1: USB disconnect, device number 37
[  581.408616][T10888] fido_id[10888]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  581.433479][   T22] usb 5-1: USB disconnect, device number 35
[  581.851411][T10898] ptrace attach of "./syz-executor exec"[4270] was attempted by "./syz-executor exec"[10898]
[  582.558101][T10904] loop4: detected capacity change from 0 to 512
[  582.589318][T10906] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2100'.
[  582.654869][T10908] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2100'.
[  582.708999][T10908] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2100'.
[  582.732588][T10904] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a800e018, mo2=0002]
[  582.757593][T10904] System zones: 2-12, 7-7
[  582.835203][T10904] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2750: inode #11: comm syz.4.2099: corrupted xattr block 95
[  582.918902][T10904] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2800: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  583.134619][T10904] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.2099: bg 0: block 7: invalid block bitmap
[  583.216883][T10913] capability: warning: `syz.0.2101' uses 32-bit capabilities (legacy support in use)
[  583.480109][T10913] loop0: detected capacity change from 0 to 2048
[  583.521772][T10913] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  583.737145][T10904] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6181: Corrupt filesystem
[  583.799016][T10904] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2916: inode #11: comm syz.4.2099: corrupted xattr block 95
[  583.918429][T10916] loop1: detected capacity change from 0 to 2048
[  583.937382][T10904] EXT4-fs warning (device loop4): ext4_evict_inode:299: xattr delete (err -117)
[  583.992175][T10904] EXT4-fs (loop4): 1 orphan inode deleted
[  584.043080][T10916] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  584.058695][T10904] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  584.122058][T10916] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  584.171355][T10916] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  584.179535][T10916] UDF-fs: Scanning with blocksize 512 failed
[  584.303695][ T4270] EXT4-fs (loop4): unmounting filesystem.
[  584.311660][T10916] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  584.459979][   T26] audit: type=1800 audit(1771644541.252:16): pid=10916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2102" name="file2" dev="loop1" ino=839 res=0 errno=0
[  584.520376][T10929] loop4: detected capacity change from 0 to 1024
[  584.540735][T10929] EXT4-fs: inline encryption not supported
[  584.578207][T10929] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  584.620429][T10931] tipc: Failed to remove unknown binding: 66,1,1/0:4287847145/4287847147
[  584.708495][T10929] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  585.150667][T10939] loop1: detected capacity change from 0 to 512
[  585.898353][T10939] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  585.907538][T10939] ext4 filesystem being mounted at /435/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  586.006742][ T4270] EXT4-fs (loop4): unmounting filesystem.
[  586.176684][ T4268] EXT4-fs (loop1): unmounting filesystem.
[  588.389476][T10952] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2112'.
[  588.494140][T10953] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2112'.
[  588.548708][T10953] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2112'.
[  590.268863][T10959] loop2: detected capacity change from 0 to 8
[  590.650246][T10963] loop2: detected capacity change from 0 to 512
[  590.713152][T10963] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  590.888168][T10963] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  591.614692][T10978] loop3: detected capacity change from 0 to 764
[  591.680539][T10977] rock: directory entry would overflow storage
[  591.687226][T10977] rock: sig=0x4f50, size=4, remaining=3
[  591.692875][T10977] iso9660: Corrupted directory entry in block 4 of inode 1792
[  592.262305][T10986] loop1: detected capacity change from 0 to 128
[  592.295908][T10986] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  592.322475][T10986] ext4 filesystem being mounted at /438/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  592.456734][T10993] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2126'.
[  592.477143][T10993] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2126'.
[  592.494349][ T4325] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  592.511641][T10993] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2126'.
[  592.564983][ T4268] EXT4-fs (loop1): unmounting filesystem.
[  594.549208][T11013] tipc: Failed to remove unknown binding: 66,1,1/0:1926104382/1926104384
[  596.263227][T11024] loop2: detected capacity change from 0 to 512
[  596.331114][T11024] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  596.506699][T11024] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  597.690136][T11034] loop3: detected capacity change from 0 to 128
[  597.782149][T11034] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  597.803695][T11034] ext4 filesystem being mounted at /429/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  598.086267][ T4279] EXT4-fs (loop3): unmounting filesystem.
[  598.976170][T11046] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2138'.
[  598.999258][T11046] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2138'.
[  599.055653][T11046] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2138'.
[  599.999461][T11063] loop0: detected capacity change from 0 to 1024
[  600.030081][T11063] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  600.085714][T11063] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  600.384445][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  600.449853][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  600.493397][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  600.526502][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  600.568661][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  600.591743][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  600.679594][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  600.723192][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  600.802755][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  600.824358][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  600.888810][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  600.917548][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  600.968644][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  601.382657][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  601.571195][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  601.621087][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  601.770819][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  601.859338][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  602.008134][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  602.161571][T11093] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2153'.
[  602.188287][T11093] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2153'.
[  602.214218][T11093] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2153'.
[  605.359960][ T4277] EXT4-fs: 9 callbacks suppressed
[  605.359975][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  605.434075][ T4277] EXT4-fs error: 9 callbacks suppressed
[  605.434094][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  605.457819][T11110] loop4: detected capacity change from 0 to 512
[  605.475537][T11110] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  605.542534][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  605.783638][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  605.884440][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  606.353341][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  606.435204][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  606.548163][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  606.618070][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  606.758764][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  606.852881][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  606.969626][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  607.032971][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  607.157469][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  607.175154][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  607.213703][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  607.231410][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  607.299814][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  607.317710][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  607.369744][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  607.825904][T11136] netlink: 116 bytes leftover after parsing attributes in process `syz.4.2168'.
[  608.452939][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2169'.
[  608.473329][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2169'.
[  608.627860][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2169'.
[  608.677838][T11147] loop2: detected capacity change from 0 to 512
[  608.701189][T11147] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  608.744573][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2169'.
[  608.768504][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2169'.
[  609.534780][T11151] loop1: detected capacity change from 0 to 512
[  609.784449][T11151] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  609.796778][T11151] ext4 filesystem being mounted at /453/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  610.251194][ T4268] EXT4-fs (loop1): unmounting filesystem.
[  610.373597][ T4277] EXT4-fs: 27 callbacks suppressed
[  610.373616][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  610.552005][ T4277] EXT4-fs error: 27 callbacks suppressed
[  610.552027][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  610.618234][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  610.718791][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  610.773402][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  610.855506][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  610.892766][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  610.929297][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  610.948779][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  611.013761][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  611.039059][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  611.087385][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  611.110663][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  611.178384][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  611.244869][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  611.612794][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  611.899440][T11181] loop3: detected capacity change from 0 to 4096
[  611.931085][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  612.020316][T11181] EXT4-fs (loop3): Test dummy encryption mode enabled
[  612.096919][T11181] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103]
[  612.140706][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  612.141855][T11181] System zones: 0-5
[  612.180225][T11181] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  612.212023][T11190] loop4: detected capacity change from 0 to 8
[  612.234171][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  612.276410][T11181] EXT4-fs (loop3): shut down requested (0)
[  612.338209][ T4277] EXT4-fs error (device loop0): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  612.404416][T11193] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[  612.647313][ T4279] EXT4-fs (loop3): unmounting filesystem.
[  613.016794][T11207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2190'.
[  613.041681][T11207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2190'.
[  613.054310][T11207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2190'.
[  613.089910][T11207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2190'.
[  613.122921][T11207] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2190'.
[  615.458636][ T4277] EXT4-fs: 24 callbacks suppressed
[  615.458655][ T4277] EXT4-fs (loop0): Remounting filesystem read-only
[  616.072581][T11237] loop2: detected capacity change from 0 to 764
[  616.081588][   T14] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  616.404698][   T14] usb 4-1: Using ep0 maxpacket: 32
[  616.419717][   T14] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  616.589778][   T14] usb 4-1: config 0 has no interface number 0
[  616.633967][   T14] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  616.724004][   T14] usb 4-1: config 0 interface 85 has no altsetting 0
[  616.776756][T11241] loop4: detected capacity change from 0 to 128
[  616.820510][   T14] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  616.831075][T11241] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  616.875456][T11241] ext4 filesystem being mounted at /426/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  616.884868][   T14] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  616.937166][   T26] audit: type=1800 audit(1771644573.732:17): pid=11241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2201" name="file1" dev="loop4" ino=12 res=0 errno=0
[  616.958150][   T14] usb 4-1: Product: syz
[  616.962471][   T14] usb 4-1: Manufacturer: syz
[  616.984165][   T14] usb 4-1: SerialNumber: syz
[  617.004474][   T14] usb 4-1: config 0 descriptor??
[  619.709195][ T4270] EXT4-fs (loop4): unmounting filesystem.
[  619.728721][   T14] appletouch 4-1:0.85: Failed to read mode from device.
[  619.754238][   T14] appletouch: probe of 4-1:0.85 failed with error -5
[  619.835166][   T14] usb 4-1: USB disconnect, device number 27
[  619.958812][ T4277] EXT4-fs (loop0): unmounting filesystem.
[  619.969408][T11259] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  619.984551][T11259] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  619.993303][T11259] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  620.001719][T11259] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  620.012834][T11259] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  620.020847][T11259] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  620.209624][T11263] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2207'.
[  620.512246][T11264] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2207'.
[  620.664813][T11264] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2207'.
[  620.779002][T11264] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2207'.
[  620.844327][T11264] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2207'.
[  620.952564][T11258] chnl_net:caif_netlink_parms(): no params data found
[  622.524150][ T4284] Bluetooth: hci3: command 0x0409 tx timeout
[  622.793259][T11258] bridge0: port 1(bridge_slave_0) entered blocking state
[  622.889630][T11258] bridge0: port 1(bridge_slave_0) entered disabled state
[  622.915033][T11258] device bridge_slave_0 entered promiscuous mode
[  622.933234][T11258] bridge0: port 2(bridge_slave_1) entered blocking state
[  622.947189][T11258] bridge0: port 2(bridge_slave_1) entered disabled state
[  622.956068][T11258] device bridge_slave_1 entered promiscuous mode
[  622.963829][T11280] netlink: 'syz.4.2209': attribute type 27 has an invalid length.
[  623.298607][T11258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  623.390622][T11258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  623.531535][T11258] team0: Port device team_slave_0 added
[  623.611614][T11258] team0: Port device team_slave_1 added
[  623.831131][T11258] batman_adv: batadv0: Adding interface: batadv_slave_0
[  623.838227][T11258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  623.886671][T11258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  623.906177][T11258] batman_adv: batadv0: Adding interface: batadv_slave_1
[  623.913349][T11258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  623.952446][T11258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  624.046136][T11258] device hsr_slave_0 entered promiscuous mode
[  624.053855][T11258] device hsr_slave_1 entered promiscuous mode
[  624.080717][T11258] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  624.096664][T11258] Cannot create hsr debugfs directory
[  624.514606][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  624.521035][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  624.584469][ T4284] Bluetooth: hci3: command 0x041b tx timeout
[  624.601740][T11295] Bluetooth: MGMT ver 1.22
[  625.168526][T11295] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes
[  625.339058][T11258] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  625.385234][T11258] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  625.448885][T11258] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  625.502961][T11258] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  625.886083][ T4273] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  626.263335][T11312] loop1: detected capacity change from 0 to 8
[  626.337933][ T4273] usb 4-1: Using ep0 maxpacket: 32
[  626.349327][ T4273] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  626.374989][T11312] SQUASHFS error: Unable to read inode 0xa7
[  626.384409][ T4273] usb 4-1: config 0 has no interface number 0
[  626.403988][ T4273] usb 4-1: config 0 interface 12 has no altsetting 0
[  626.417616][T11258] 8021q: adding VLAN 0 to HW filter on device bond0
[  626.426455][ T4273] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  626.444029][ T4273] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  626.456459][T11258] 8021q: adding VLAN 0 to HW filter on device team0
[  626.463533][ T4273] usb 4-1: Product: syz
[  626.468493][ T4273] usb 4-1: Manufacturer: syz
[  626.473239][ T4273] usb 4-1: SerialNumber: syz
[  626.482967][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  626.499442][ T4273] usb 4-1: config 0 descriptor??
[  626.507879][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  627.933236][ T4284] Bluetooth: hci3: command 0x040f tx timeout
[  628.050922][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  628.060719][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  628.072597][ T4386] bridge0: port 1(bridge_slave_0) entered blocking state
[  628.079903][ T4386] bridge0: port 1(bridge_slave_0) entered forwarding state
[  628.089369][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  628.099415][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  628.108540][ T4386] bridge0: port 2(bridge_slave_1) entered blocking state
[  628.115792][ T4386] bridge0: port 2(bridge_slave_1) entered forwarding state
[  628.179369][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  628.211231][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  628.234231][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  628.252282][T11325] netlink: 'syz.1.2219': attribute type 27 has an invalid length.
[  628.311283][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  628.342675][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  628.375191][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  628.420675][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  628.475829][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  628.505444][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  628.535093][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  628.556209][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  628.580778][T11328] loop1: detected capacity change from 0 to 1024
[  628.587428][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  628.618828][T11258] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  628.640726][T11328] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  628.745738][T11328] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  628.971961][ T4273] f81534 4-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  629.024522][ T4273] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  629.057022][ T4273] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  629.084190][ T4273] f81534: probe of 4-1:0.12 failed with error -71
[  629.109949][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  629.127802][ T4273] usb 4-1: USB disconnect, device number 28
[  629.188429][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  629.370299][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  629.467095][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  629.484373][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  629.491568][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  629.565654][T11258] 8021q: adding VLAN 0 to HW filter on device batadv0
[  629.599352][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  629.679981][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  629.780210][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  629.810845][T11340] loop3: detected capacity change from 0 to 8
[  629.833253][T11340] SQUASHFS error: lzo decompression failed, data probably corrupt
[  629.879489][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  629.910623][T11340] SQUASHFS error: Failed to read block 0x91: -5
[  629.948807][T11340] SQUASHFS error: Unable to read metadata cache entry [8f]
[  629.984106][T11340] SQUASHFS error: Unable to read inode 0x11f
[  630.010199][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  630.035072][ T4284] Bluetooth: hci3: command 0x0419 tx timeout
[  630.094873][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  630.126188][T11345] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'.
[  630.138496][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  630.156708][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  630.369802][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  630.391767][T11349] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'.
[  630.404459][T11349] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'.
[  630.864264][T11349] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'.
[  630.915219][T11349] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'.
[  630.936093][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  630.979044][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  630.996540][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  631.043824][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  631.072228][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  632.570127][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  635.350394][ T4268] EXT4-fs error: 2 callbacks suppressed
[  635.350414][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  635.384222][ T4268] EXT4-fs: 3 callbacks suppressed
[  635.384243][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  635.492041][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  635.589788][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  635.683355][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  635.769696][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  635.914975][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  635.995492][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  636.016277][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  636.025305][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  636.077452][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  636.104885][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  636.130680][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  636.155467][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  636.169703][T11372] loop4: detected capacity change from 0 to 1024
[  636.191987][T11258] device veth0_vlan entered promiscuous mode
[  636.203595][T11372] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  636.215180][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  636.259823][T11258] device veth1_vlan entered promiscuous mode
[  636.276625][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  636.331163][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  636.345868][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  636.365389][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  636.388242][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  636.397809][T11372] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  636.425082][T11258] device veth0_macvtap entered promiscuous mode
[  636.438703][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  636.466394][T11258] device veth1_macvtap entered promiscuous mode
[  636.497456][T11258] batman_adv: batadv0: Interface activated: batadv_slave_0
[  636.509131][T11258] batman_adv: batadv0: Interface activated: batadv_slave_1
[  636.520539][T11258] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  636.529913][T11258] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  636.538948][T11258] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  636.548021][T11258] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  636.556917][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  636.601223][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  636.655307][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  636.663468][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  636.683242][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  636.707582][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  636.720798][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  636.744307][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  636.755205][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  636.786355][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  636.794629][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  636.842366][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  636.891409][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  636.904331][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  637.003622][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  637.042457][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  637.072282][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  637.094826][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  637.129571][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  637.168319][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  637.181326][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  637.216041][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  637.383790][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  637.521271][T11384] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input17
[  637.679337][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  637.720703][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  638.114852][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  638.247146][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  638.255391][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  638.285912][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  638.377248][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  638.482961][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  638.914946][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  639.124468][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  639.496767][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  639.607588][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  639.782221][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  639.829445][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  639.945086][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  640.059568][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  640.232250][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  640.357588][ T4268] EXT4-fs error: 13 callbacks suppressed
[  640.357605][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  640.515006][ T4268] EXT4-fs: 13 callbacks suppressed
[  640.515024][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  640.676894][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  640.784538][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  641.799442][ T4270] EXT4-fs error: 2 callbacks suppressed
[  641.799462][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  641.874346][ T4270] EXT4-fs: 3 callbacks suppressed
[  641.874358][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  641.972729][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  642.055793][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  642.064140][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  642.097564][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  642.228072][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  642.254369][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  642.295077][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  642.322259][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  642.402938][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  642.458995][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  642.476536][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  642.483194][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  642.567661][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  642.592848][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  642.659918][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  642.666784][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  644.158615][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  644.260582][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  644.341192][ T4268] EXT4-fs error (device loop1): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  644.436178][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  644.479990][ T4268] EXT4-fs (loop1): Remounting filesystem read-only
[  644.500702][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  644.581505][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  644.630956][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  644.715591][ T4385] EXT4-fs (loop1): unmounting filesystem.
[  644.740256][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  644.804742][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  644.907517][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  644.956320][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  645.269189][T11259] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  645.280220][T11259] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  645.289761][T11259] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  645.307897][T11259] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  645.330206][T11259] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  645.338200][T11259] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  645.499118][ T4385] device syz_tun left promiscuous mode
[  645.969404][T11429] loop3: detected capacity change from 0 to 764
[  646.813288][T11428] rock: directory entry would overflow storage
[  646.819557][T11428] rock: sig=0x4f50, size=4, remaining=3
[  646.825175][T11428] iso9660: Corrupted directory entry in block 4 of inode 1792
[  647.095818][ T4270] EXT4-fs error: 7 callbacks suppressed
[  647.095837][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  647.263197][T11433] loop2: detected capacity change from 0 to 1024
[  647.296233][ T4270] EXT4-fs: 7 callbacks suppressed
[  647.296250][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  647.348938][T11433] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  647.374342][ T4284] Bluetooth: hci5: command 0x0409 tx timeout
[  647.447679][T11433] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  647.461819][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  647.481735][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  647.627493][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  647.703266][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  647.925622][T11421] chnl_net:caif_netlink_parms(): no params data found
[  648.698210][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  648.773567][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  648.827125][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  648.837173][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  648.988277][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  649.012475][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  649.033571][   T46] device ip6gretap0 left promiscuous mode
[  649.267169][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  649.282409][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  649.429347][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  649.454437][ T4284] Bluetooth: hci5: command 0x041b tx timeout
[  649.464032][T11421] bridge0: port 1(bridge_slave_0) entered blocking state
[  649.471184][T11421] bridge0: port 1(bridge_slave_0) entered disabled state
[  649.479845][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  649.493846][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  649.536158][T11421] device bridge_slave_0 entered promiscuous mode
[  649.603147][T11421] bridge0: port 2(bridge_slave_1) entered blocking state
[  649.629776][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  649.732797][T11421] bridge0: port 2(bridge_slave_1) entered disabled state
[  649.755057][T11421] device bridge_slave_1 entered promiscuous mode
[  649.766140][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  649.870602][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  649.908003][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  649.992589][T11421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  650.002293][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  650.097181][T11421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  650.116622][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  650.144401][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  650.192697][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  650.204411][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  650.319084][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  650.352690][T11421] team0: Port device team_slave_0 added
[  650.366818][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  650.387447][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  650.393467][T11421] team0: Port device team_slave_1 added
[  650.440931][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  650.546053][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  650.571854][T11421] batman_adv: batadv0: Adding interface: batadv_slave_0
[  650.584150][T11421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  650.615272][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  650.639845][ T4270] EXT4-fs error (device loop4): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  650.684212][ T4270] EXT4-fs (loop4): Remounting filesystem read-only
[  650.694080][T11421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  650.776799][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  650.834541][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  650.927610][T11421] batman_adv: batadv0: Adding interface: batadv_slave_1
[  650.944478][T11421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  651.002284][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  651.097051][T11421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  651.118434][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  651.270213][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  651.294242][T11467] loop5: detected capacity change from 0 to 2048
[  651.370266][T11467] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  651.534974][ T4284] Bluetooth: hci5: command 0x040f tx timeout
[  651.825712][T11421] device hsr_slave_0 entered promiscuous mode
[  651.931875][T11421] device hsr_slave_1 entered promiscuous mode
[  652.067455][T11421] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  652.804082][T11421] Cannot create hsr debugfs directory
[  652.822046][    T9] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  652.877600][ T4269] EXT4-fs: 4 callbacks suppressed
[  652.877625][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  652.892994][    T9] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  652.951474][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  652.979142][    T9] EXT4-fs (loop5): This should not happen!! Data will be lost
[  652.979142][    T9] 
[  653.014607][    T9] EXT4-fs (loop5): Total free blocks count 0
[  653.020682][    T9] EXT4-fs (loop5): Free/Dirty block details
[  653.033411][   T46] device hsr_slave_0 left promiscuous mode
[  653.044071][    T9] EXT4-fs (loop5): free_blocks=2415919504
[  653.049933][    T9] EXT4-fs (loop5): dirty_blocks=32
[  653.063576][   T46] device hsr_slave_1 left promiscuous mode
[  653.084565][    T9] EXT4-fs (loop5): Block reservation details
[  653.094280][    T9] EXT4-fs (loop5): i_reserved_data_blocks=2
[  653.109970][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  653.116910][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  653.132899][T11258] EXT4-fs (loop5): unmounting filesystem.
[  653.189930][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  653.220896][   T46] device bridge_slave_1 left promiscuous mode
[  653.240133][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  653.254079][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  653.304087][   T46] device bridge_slave_0 left promiscuous mode
[  653.320459][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  653.340806][T11483] loop5: detected capacity change from 0 to 256
[  653.372447][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  653.387878][T11483] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  653.454067][T11483] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  653.545517][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  653.562036][T11483] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  653.575256][T11485] loop3: detected capacity change from 0 to 512
[  653.614042][T11259] Bluetooth: hci5: command 0x0419 tx timeout
[  653.626439][T11485] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  653.665017][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  653.701005][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  653.731836][T11485] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  653.761415][T11485] ext4 filesystem being mounted at /459/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  653.786816][ T4269] EXT4-fs error: 11 callbacks suppressed
[  653.786835][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  653.836157][T11485] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2254: bg 0: block 217: padding at end of block bitmap is not set
[  653.851795][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  653.881880][T11485] EXT4-fs (loop3): Remounting filesystem read-only
[  653.892729][T11485] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6181: Corrupt filesystem
[  653.937562][T11485] EXT4-fs (loop3): Remounting filesystem read-only
[  653.965726][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  654.032774][T11259] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  654.054525][T11259] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  654.063445][T11259] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  654.072146][T11259] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  654.079914][T11259] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  654.092202][T11259] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  654.099859][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  654.188806][ T4279] EXT4-fs (loop3): unmounting filesystem.
[  654.195175][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  654.283236][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  654.407887][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  654.467990][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  654.568327][T11496] netlink: 'syz.3.2256': attribute type 1 has an invalid length.
[  654.595510][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  654.621694][T11496] netlink: 'syz.3.2256': attribute type 2 has an invalid length.
[  654.765514][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  654.819163][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  654.945799][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  655.754156][   T46] team0 (unregistering): Port device team_slave_1 removed
[  655.893807][   T46] team0 (unregistering): Port device team_slave_0 removed
[  656.054470][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  656.180654][ T4284] Bluetooth: hci1: command 0x0409 tx timeout
[  656.235151][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  656.705337][   T46] bond0 (unregistering): Released all slaves
[  656.872690][ T4270] device syz_tun left promiscuous mode
[  656.883372][T11500] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2256'.
[  656.928376][ T4270] EXT4-fs: 7 callbacks suppressed
[  656.928397][ T4270] EXT4-fs (loop4): unmounting filesystem.
[  656.974057][T11497] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2256'.
[  657.539410][T11421] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  657.601579][T11421] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  657.633620][T11421] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  657.710462][T11421] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  657.794493][T11488] chnl_net:caif_netlink_parms(): no params data found
[  658.044235][ T4269] EXT4-fs: 53 callbacks suppressed
[  658.044249][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  658.120773][T11421] 8021q: adding VLAN 0 to HW filter on device bond0
[  658.183175][T11488] bridge0: port 1(bridge_slave_0) entered blocking state
[  658.244079][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  658.254195][ T4284] Bluetooth: hci1: command 0x041b tx timeout
[  658.371092][T11488] bridge0: port 1(bridge_slave_0) entered disabled state
[  658.595072][T11488] device bridge_slave_0 entered promiscuous mode
[  658.652608][T11488] bridge0: port 2(bridge_slave_1) entered blocking state
[  658.716654][T11488] bridge0: port 2(bridge_slave_1) entered disabled state
[  659.171015][T11488] device bridge_slave_1 entered promiscuous mode
[  659.188361][ T4269] EXT4-fs error: 47 callbacks suppressed
[  659.188376][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  659.219722][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  659.262471][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  659.273089][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  659.531744][T11536] loop5: detected capacity change from 0 to 2048
[  659.743260][T11536] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  659.789866][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  659.814745][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  659.862751][T11421] 8021q: adding VLAN 0 to HW filter on device team0
[  659.886987][T11488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  659.921530][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  659.952488][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  659.964873][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  659.979647][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  659.987111][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  660.006293][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  660.023548][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  660.043082][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  660.082456][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  660.089786][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  660.100729][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  660.143679][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  660.182977][T11488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  660.201051][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  660.244102][   T22] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  660.273505][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  660.301591][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  660.332781][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  660.354101][T11259] Bluetooth: hci1: command 0x040f tx timeout
[  660.404041][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  660.476229][   T22] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  660.497354][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  660.507127][   T22] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  660.527440][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  660.540545][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  660.550163][   T22] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  660.584543][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  660.598400][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  660.612279][   T22] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  660.621464][   T22] usb 6-1: SerialNumber: syz
[  660.651070][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  660.679529][T11488] team0: Port device team_slave_0 added
[  660.689375][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  660.725817][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  660.765039][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  660.825449][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  660.851576][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  660.861246][   T22] usb 6-1: cannot find UAC_HEADER
[  660.917813][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  660.950429][   T22] snd-usb-audio: probe of 6-1:1.0 failed with error -22
[  660.985830][   T22] usb 6-1: USB disconnect, device number 2
[  660.992199][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  660.996779][ T4463] udevd[4463]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  661.024615][T11488] team0: Port device team_slave_1 added
[  661.093864][T11421] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  661.127422][T11421] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  661.166872][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  661.197594][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  661.215131][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  661.228840][T11488] batman_adv: batadv0: Adding interface: batadv_slave_0
[  661.269788][T11488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  661.299315][T11488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  661.358216][ T4269] EXT4-fs error (device loop2): ext4_empty_dir:3166: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864)
[  661.378348][T11488] batman_adv: batadv0: Adding interface: batadv_slave_1
[  661.389346][T11488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  661.416645][T11488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  661.615931][T11488] device hsr_slave_0 entered promiscuous mode
[  661.637751][T11488] device hsr_slave_1 entered promiscuous mode
[  661.705187][T11488] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  661.712915][T11488] Cannot create hsr debugfs directory
[  662.414377][ T4284] Bluetooth: hci1: command 0x0419 tx timeout
[  664.009497][ T4269] EXT4-fs: 10 callbacks suppressed
[  664.009517][ T4269] EXT4-fs (loop2): Remounting filesystem read-only
[  664.240292][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  664.294443][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  664.347070][T11421] 8021q: adding VLAN 0 to HW filter on device batadv0
[  664.572064][T11488] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  664.610361][T11488] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  664.704751][T11488] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  664.891286][T11488] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  665.224390][ T4269] device syz_tun left promiscuous mode
[  665.313521][ T4284] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  665.324522][ T4284] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  665.338490][ T4284] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  665.357481][ T4284] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  665.365308][ T4284] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  665.372599][ T4284] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  665.419072][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  666.370947][T11488] 8021q: adding VLAN 0 to HW filter on device bond0
[  666.492612][ T1121] device hsr_slave_0 left promiscuous mode
[  666.576227][ T1121] device hsr_slave_1 left promiscuous mode
[  666.616748][ T1121] batman_adv: batadv0: Removing interface: batadv_slave_0
[  666.651437][ T1121] batman_adv: batadv0: Removing interface: batadv_slave_1
[  666.662955][ T1121] device bridge_slave_1 left promiscuous mode
[  666.687174][ T1121] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.707466][ T1121] device bridge_slave_0 left promiscuous mode
[  666.734427][ T1121] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.859026][T11592] loop3: detected capacity change from 0 to 2048
[  666.923031][T11592] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  667.471870][T11259] Bluetooth: hci0: command 0x0409 tx timeout
[  669.534076][T11259] Bluetooth: hci0: command 0x041b tx timeout
[  669.986865][ T1121] team0 (unregistering): Port device team_slave_1 removed
[  670.054255][ T1121] team0 (unregistering): Port device team_slave_0 removed
[  670.234443][ T1121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  670.424996][ T1121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  671.621157][T11259] Bluetooth: hci0: command 0x040f tx timeout
[  671.787039][T11623] loop5: detected capacity change from 0 to 764
[  672.690102][T11626] loop5: detected capacity change from 0 to 2048
[  672.719797][T11626] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  673.256426][T11629] loop5: detected capacity change from 0 to 2048
[  673.344432][T11629] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  673.567107][ T1121] bond0 (unregistering): Released all slaves
[  673.849156][T11488] 8021q: adding VLAN 0 to HW filter on device team0
[  673.854583][ T4284] Bluetooth: hci0: command 0x0419 tx timeout
[  673.876993][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  673.890853][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  673.962173][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  673.989396][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  674.006812][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  674.025511][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  674.035744][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  674.043104][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  674.074406][ T4314] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  674.107817][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  674.146791][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  674.167168][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  674.184358][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  674.191560][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  674.212359][T11421] device veth0_vlan entered promiscuous mode
[  674.231957][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  674.246558][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  674.264180][ T4314] usb 6-1: Using ep0 maxpacket: 32
[  674.267768][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  674.279145][ T4314] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  674.325589][ T4314] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  674.329584][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  674.359636][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  674.384707][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  674.394245][ T4314] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  674.403438][ T4314] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.448801][T11421] device veth1_vlan entered promiscuous mode
[  674.468898][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  674.507755][ T4314] usb 6-1: config 0 descriptor??
[  674.516110][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  674.551366][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  674.607439][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  674.627492][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  674.659774][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  674.742428][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  674.766508][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  674.804718][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  674.822188][T11488] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  674.851468][T11488] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  674.861898][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  674.882127][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  674.893554][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  674.917183][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  674.929399][T11421] device veth0_macvtap entered promiscuous mode
[  674.970757][T11577] chnl_net:caif_netlink_parms(): no params data found
[  674.978591][ T4314] savu 0003:1E7D:2D5A.0003: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0
[  675.019404][T11421] device veth1_macvtap entered promiscuous mode
[  675.110809][T11421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  675.142503][T11421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  675.168560][T11421] batman_adv: batadv0: Interface activated: batadv_slave_0
[  675.223189][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  675.234708][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  675.243716][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  675.255977][T11421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  675.268607][T11421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  675.277967][ T4317] usb 6-1: USB disconnect, device number 3
[  675.285908][T11421] batman_adv: batadv0: Interface activated: batadv_slave_1
[  675.320029][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  675.343306][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  675.372792][T11648] fido_id[11648]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  675.466885][T11421] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  675.512686][T11421] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  675.532961][T11421] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  675.568634][T11421] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.728006][T11577] bridge0: port 1(bridge_slave_0) entered blocking state
[  675.761090][T11577] bridge0: port 1(bridge_slave_0) entered disabled state
[  675.788971][T11577] device bridge_slave_0 entered promiscuous mode
[  675.798000][T11577] bridge0: port 2(bridge_slave_1) entered blocking state
[  675.805329][T11577] bridge0: port 2(bridge_slave_1) entered disabled state
[  675.813745][T11577] device bridge_slave_1 entered promiscuous mode
[  676.249040][T11577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  677.070494][T11577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  677.143171][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  677.154063][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  677.333594][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  677.499430][T11671] loop5: detected capacity change from 0 to 764
[  678.101758][T11577] team0: Port device team_slave_0 added
[  678.269140][T11488] 8021q: adding VLAN 0 to HW filter on device batadv0
[  678.329612][T11577] team0: Port device team_slave_1 added
[  678.343523][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  678.361367][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  678.372063][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  678.433691][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  678.479910][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  678.564445][T11678] loop5: detected capacity change from 0 to 1024
[  678.661974][T11577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  678.699769][T11577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  678.758584][T11577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  678.795700][T11577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  678.809934][T11577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  678.877866][T11577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  679.229549][T11577] device hsr_slave_0 entered promiscuous mode
[  679.263184][T11577] device hsr_slave_1 entered promiscuous mode
[  679.306465][T11577] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  679.335638][T11577] Cannot create hsr debugfs directory
[  679.841944][ T4325] device ip6gretap0 left promiscuous mode
[  679.914080][T11702] loop5: detected capacity change from 0 to 128
[  681.012775][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  681.033730][ T4386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  681.166492][T11577] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  682.119528][T11725] loop5: detected capacity change from 0 to 764
[  682.119530][T11723] loop3: detected capacity change from 0 to 764
[  682.146333][T11577] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  682.217279][T11721] rock: directory entry would overflow storage
[  682.223528][T11721] rock: sig=0x4f50, size=4, remaining=3
[  682.229608][T11721] iso9660: Corrupted directory entry in block 4 of inode 1792
[  682.294693][T11577] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  682.417590][T11577] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  682.529281][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  682.548503][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  682.599498][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  682.633211][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  683.174358][ T4314] usb 4-1: new full-speed USB device number 29 using dummy_hcd
[  683.734870][T11488] device veth0_vlan entered promiscuous mode
[  683.753763][T11488] device veth1_vlan entered promiscuous mode
[  683.958008][ T4314] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  683.977405][ T4314] usb 4-1: config 4 has 0 interfaces, different from the descriptor's value: 1
[  684.008696][ T4314] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  684.024107][ T4314] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  684.032729][ T4314] usb 4-1: Product: syz
[  684.037517][ T4314] usb 4-1: Manufacturer: syz
[  684.189224][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  684.213711][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  684.255331][T11488] device veth0_macvtap entered promiscuous mode
[  684.437413][T11488] device veth1_macvtap entered promiscuous mode
[  684.536429][ T4325] device hsr_slave_0 left promiscuous mode
[  684.562741][ T4325] device hsr_slave_1 left promiscuous mode
[  684.602537][ T4325] batman_adv: batadv0: Removing interface: batadv_slave_0
[  684.625588][ T4325] batman_adv: batadv0: Removing interface: batadv_slave_1
[  684.639961][ T4325] device bridge_slave_1 left promiscuous mode
[  684.649391][ T4325] bridge0: port 2(bridge_slave_1) entered disabled state
[  684.671933][ T4325] device bridge_slave_0 left promiscuous mode
[  684.679713][ T4325] bridge0: port 1(bridge_slave_0) entered disabled state
[  686.697545][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  686.704034][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  686.721940][ T4273] usb 4-1: USB disconnect, device number 29
[  688.874352][T11770] xt_TCPMSS: Only works on TCP SYN packets
[  689.579849][ T4325] team0 (unregistering): Port device team_slave_1 removed
[  689.766394][ T4325] team0 (unregistering): Port device team_slave_0 removed
[  689.907279][ T4325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  689.984247][ T4325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  690.713293][ T4325] bond0 (unregistering): Released all slaves
[  690.831234][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  690.849716][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  690.929205][T11488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  691.035494][T11488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.045950][T11488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  691.060569][T11488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.107884][T11488] batman_adv: batadv0: Interface activated: batadv_slave_0
[  691.141722][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  691.175437][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  691.258151][T11488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  691.286419][T11488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.319596][T11488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  691.334677][T11488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  691.374236][T11488] batman_adv: batadv0: Interface activated: batadv_slave_1
[  691.434560][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  691.474400][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  691.539552][T11488] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  691.584048][T11488] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  691.620555][T11488] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  691.644027][T11488] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  691.691040][T11577] 8021q: adding VLAN 0 to HW filter on device bond0
[  692.301505][T11577] 8021q: adding VLAN 0 to HW filter on device team0
[  692.330394][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  692.387260][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  692.445509][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  692.462679][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  692.498765][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  692.506471][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  693.320205][T11791] Bluetooth: MGMT ver 1.22
[  693.958371][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  693.974627][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  694.005805][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.012934][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  694.052821][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  694.118319][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  694.154619][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  694.188709][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  694.237100][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  694.272706][T11806] loop5: detected capacity change from 0 to 128
[  694.298401][T11806] EXT4-fs (loop5): Test dummy encryption mode enabled
[  694.319928][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  694.365219][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  694.405433][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  694.445031][T11806] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  694.502121][T11618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  694.511710][T11618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  694.545878][T11806] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  694.556783][ T1121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  694.604686][ T1121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  694.645609][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  694.653742][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  694.734915][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  694.782341][T11577] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  694.907922][ T4328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  694.926726][ T4328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  694.965449][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  695.554022][T11748] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  695.704081][T11258] EXT4-fs (loop5): unmounting filesystem.
[  695.754043][T11748] usb 7-1: Using ep0 maxpacket: 16
[  695.763165][T11748] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  695.779960][T11748] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  695.790512][T11748] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  695.824025][T11748] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  695.833252][T11748] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  695.991873][T11748] usb 7-1: config 0 descriptor??
[  696.513765][T11748] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[  696.610531][T11748] microsoft 0003:045E:07DA.0004: item 0 4 0 11 parsing failed
[  696.637982][T11748] microsoft 0003:045E:07DA.0004: parse failed
[  696.661542][T11748] microsoft: probe of 0003:045E:07DA.0004 failed with error -22
[  696.729615][ T4273] usb 7-1: USB disconnect, device number 2
[  698.121333][T11577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  698.256834][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  698.265420][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  699.205890][T11892] loop3: detected capacity change from 0 to 256
[  699.289426][T11892] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  699.348704][    T6] device ip6gretap0 left promiscuous mode
[  699.474370][T11892] exFAT-fs (loop3): invalid start cluster (12296)
[  700.830738][T11912] loop3: detected capacity change from 0 to 512
[  701.029747][T11912] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  701.143725][   T26] audit: type=1800 audit(1771644913.932:18): pid=11912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2324" name="file2" dev="loop3" ino=16 res=0 errno=0
[  701.193423][T11921] loop5: detected capacity change from 0 to 1024
[  701.215018][T11921] EXT4-fs: Ignoring removed i_version option
[  701.265136][T11921] EXT4-fs: Ignoring removed i_version option
[  701.311053][T11921] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  701.495922][ T4279] EXT4-fs (loop3): unmounting filesystem.
[  701.566630][T11921] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  702.081491][T11934] loop3: detected capacity change from 0 to 764
[  702.505891][T11933] rock: directory entry would overflow storage
[  702.512183][T11933] rock: sig=0x4f50, size=4, remaining=3
[  702.517940][T11933] iso9660: Corrupted directory entry in block 4 of inode 1792
[  702.950427][T11258] EXT4-fs (loop5): unmounting filesystem.
[  704.949098][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  705.498849][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  705.769891][    T6] device hsr_slave_0 left promiscuous mode
[  705.779306][    T6] device hsr_slave_1 left promiscuous mode
[  705.786433][    T6] batman_adv: batadv0: Removing interface: batadv_slave_0
[  705.795339][    T6] batman_adv: batadv0: Removing interface: batadv_slave_1
[  705.804835][    T6] device bridge_slave_1 left promiscuous mode
[  705.811099][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[  705.819509][    T6] device bridge_slave_0 left promiscuous mode
[  705.825851][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[  707.342112][    T6] team0 (unregistering): Port device team_slave_1 removed
[  707.388574][    T6] team0 (unregistering): Port device team_slave_0 removed
[  707.436192][    T6] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  707.491363][    T6] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  707.968728][    T6] bond0 (unregistering): Released all slaves
[  708.107425][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  708.144448][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  708.230102][T11577] device veth0_vlan entered promiscuous mode
[  708.273653][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  708.315372][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  708.383239][T11577] device veth1_vlan entered promiscuous mode
[  708.844728][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  708.888232][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  708.958999][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  708.978596][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  709.009560][T11577] device veth0_macvtap entered promiscuous mode
[  709.094166][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  709.148061][T11577] device veth1_macvtap entered promiscuous mode
[  709.186630][ T4284] Bluetooth: hci4: hcon ffff8880595d8000 sent 1 < count 2058
[  709.336706][T11577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  709.420542][T11577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.475567][T11577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  709.538580][T11577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  709.600109][T11577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  710.180182][T11577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.263202][T11577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  710.320159][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  710.351074][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  710.462017][T11577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.527935][T11979] loop3: detected capacity change from 0 to 512
[  710.564097][T11577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.631670][T11979] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  710.650609][T11577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.712554][T11577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.754047][T11577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  710.774076][T11577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  710.785962][T11577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  710.793490][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  710.804435][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  710.817382][T11979] EXT4-fs error (device loop3): __ext4_iget:5095: inode #15: block 1803188595: comm syz.3.2335: invalid block
[  710.820433][T11577] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  710.844926][T11577] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  710.853796][T11577] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  710.874570][T11577] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  710.931202][T11979] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2335: couldn't read orphan inode 15 (err -117)
[  712.014130][T11979] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  712.233074][T11844] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  712.308537][T11844] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  712.365380][T11841] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  712.401104][T11841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  712.432690][T11841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  712.493807][ T4279] EXT4-fs (loop3): unmounting filesystem.
[  712.502967][T11844] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  714.509674][T12001] netlink: 'syz.8.2267': attribute type 1 has an invalid length.
[  714.524511][T12001] netlink: 'syz.8.2267': attribute type 2 has an invalid length.
[  714.684017][ T4317] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  715.568441][ T4317] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  715.581751][ T4317] usb 6-1: New USB device found, idVendor=056a, idProduct=0018, bcdDevice= 0.00
[  715.591249][ T4317] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.610049][ T4317] usb 6-1: config 0 descriptor??
[  715.968721][T12006] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2267'.
[  716.148656][ T4317] usbhid 6-1:0.0: can't add hid device: -71
[  716.167809][ T4317] usbhid: probe of 6-1:0.0 failed with error -71
[  716.237961][ T4317] usb 6-1: USB disconnect, device number 4
[  716.448252][T12016] loop5: detected capacity change from 0 to 736
[  717.791901][T12033] netlink: 'syz.3.2346': attribute type 6 has an invalid length.
[  717.825026][T12033] netlink: 'syz.3.2346': attribute type 7 has an invalid length.
[  717.885707][T12033] netlink: 'syz.3.2346': attribute type 8 has an invalid length.
[  718.263360][T11771] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.827454][T12045] loop6: detected capacity change from 0 to 764
[  718.869925][T12044] rock: directory entry would overflow storage
[  718.876336][T12044] rock: sig=0x4f50, size=4, remaining=3
[  718.882015][T12044] iso9660: Corrupted directory entry in block 4 of inode 1792
[  719.579362][T11771] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.778878][T11771] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  721.604859][T11771] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.920901][T12076] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2356'.
[  724.026338][T11259] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  724.051758][T11259] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  724.064360][T11259] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  724.072433][T11259] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  724.081740][T11259] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  724.091043][T11259] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  724.870299][T12095] loop6: detected capacity change from 0 to 512
[  724.943144][T12095] EXT4-fs: Ignoring removed i_version option
[  725.035134][T12095] EXT4-fs: Ignoring removed bh option
[  725.047737][T12080] chnl_net:caif_netlink_parms(): no params data found
[  725.368933][T12103] loop3: detected capacity change from 0 to 764
[  726.179956][T11259] Bluetooth: hci2: command 0x0409 tx timeout
[  726.189428][T12099] rock: directory entry would overflow storage
[  726.195781][T12099] rock: sig=0x4f50, size=4, remaining=3
[  726.201550][T12099] iso9660: Corrupted directory entry in block 4 of inode 1792
[  726.246665][T12095] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  726.267729][T12095] ext4 filesystem being mounted at /15/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  727.429821][T11421] EXT4-fs (loop6): unmounting filesystem.
[  727.609695][T12115] loop6: detected capacity change from 0 to 8
[  727.642357][T12115] SQUASHFS error: lzo decompression failed, data probably corrupt
[  727.684320][T12115] SQUASHFS error: Failed to read block 0x91: -5
[  727.714142][T12115] SQUASHFS error: Unable to read metadata cache entry [8f]
[  727.734799][T12115] SQUASHFS error: Unable to read inode 0x11f
[  728.255483][T11259] Bluetooth: hci2: command 0x041b tx timeout
[  729.854002][T12080] bridge0: port 1(bridge_slave_0) entered blocking state
[  729.871614][T12080] bridge0: port 1(bridge_slave_0) entered disabled state
[  730.375380][ T4284] Bluetooth: hci2: command 0x040f tx timeout
[  730.876296][T12080] device bridge_slave_0 entered promiscuous mode
[  732.235170][T11771] device hsr_slave_0 left promiscuous mode
[  732.244208][T11771] device hsr_slave_1 left promiscuous mode
[  732.294101][T11771] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  732.324319][T11771] batman_adv: batadv0: Removing interface: batadv_slave_0
[  732.342793][T11771] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  732.384289][T11771] batman_adv: batadv0: Removing interface: batadv_slave_1
[  732.399955][T11771] device bridge_slave_1 left promiscuous mode
[  732.413981][T11259] Bluetooth: hci2: command 0x0419 tx timeout
[  732.458992][T11771] bridge0: port 2(bridge_slave_1) entered disabled state
[  732.519789][T11771] device bridge_slave_0 left promiscuous mode
[  732.694188][T11771] bridge0: port 1(bridge_slave_0) entered disabled state
[  734.068410][T12153] loop3: detected capacity change from 0 to 764
[  734.976889][T12151] rock: directory entry would overflow storage
[  734.983153][T12151] rock: sig=0x4f50, size=4, remaining=3
[  734.988845][T12151] iso9660: Corrupted directory entry in block 4 of inode 1792
[  735.284954][T11771] device veth1_macvtap left promiscuous mode
[  735.291743][T11771] device veth0_macvtap left promiscuous mode
[  735.338920][T11771] device veth1_vlan left promiscuous mode
[  735.379446][T11771] device veth0_vlan left promiscuous mode
[  735.525138][T12161] loop3: detected capacity change from 0 to 128
[  735.636703][T12161] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  735.671225][T12161] ext4 filesystem being mounted at /496/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  735.733269][T12165] loop6: detected capacity change from 0 to 512
[  735.810066][T12165] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  735.846539][T12165] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  735.989240][T11421] EXT4-fs (loop6): unmounting filesystem.
[  736.168993][ T4279] EXT4-fs (loop3): unmounting filesystem.
[  736.471923][T12176] loop3: detected capacity change from 0 to 128
[  737.310897][T12176] EXT4-fs (loop3): Test dummy encryption mode enabled
[  737.425798][T12176] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  737.639489][T12176] ext4 filesystem being mounted at /497/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  738.900054][T12176] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  738.975602][T12176] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  739.082814][ T4279] EXT4-fs (loop3): unmounting filesystem.
[  740.651478][T12214] loop6: detected capacity change from 0 to 764
[  740.701129][T12213] rock: directory entry would overflow storage
[  740.707459][T12213] rock: sig=0x4f50, size=4, remaining=3
[  740.713127][T12213] iso9660: Corrupted directory entry in block 4 of inode 1792
[  742.855497][T12226] loop6: detected capacity change from 0 to 764
[  743.028949][T12226] rock: directory entry would overflow storage
[  743.035294][T12226] rock: sig=0x4f50, size=4, remaining=3
[  743.040926][T12226] iso9660: Corrupted directory entry in block 4 of inode 1792
[  745.482340][ T4273] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  745.650619][T11771] team0 (unregistering): Port device team_slave_1 removed
[  745.685676][ T4273] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  745.704151][ T4273] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  745.738874][ T4273] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  745.754055][ T4273] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  745.772449][ T4273] usb 7-1: Product: syz
[  745.778972][ T4273] usb 7-1: Manufacturer: syz
[  745.824110][ T4273] usb 7-1: SerialNumber: syz
[  745.924800][T11771] team0 (unregistering): Port device team_slave_0 removed
[  746.063060][ T4273] usb 7-1: cannot find UAC_HEADER
[  747.598200][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  747.613997][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  747.653047][T11771] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  747.681589][ T4273] snd-usb-audio: probe of 7-1:1.0 failed with error -22
[  747.744544][ T4273] usb 7-1: USB disconnect, device number 3
[  747.875596][T11771] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  747.975842][ T4463] udevd[4463]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  751.746877][T12245] loop6: detected capacity change from 0 to 8
[  751.822326][T12245] SQUASHFS error: zlib decompression failed, data probably corrupt
[  751.834065][T12245] SQUASHFS error: Failed to read block 0x9b: -5
[  751.840390][T12245] SQUASHFS error: Unable to read metadata cache entry [99]
[  751.915745][T12245] SQUASHFS error: Unable to read inode 0x127
[  751.976410][T11771] bond0 (unregistering): Released all slaves
[  752.243078][T12080] bridge0: port 2(bridge_slave_1) entered blocking state
[  752.260816][T12080] bridge0: port 2(bridge_slave_1) entered disabled state
[  752.285329][T12080] device bridge_slave_1 entered promiscuous mode
[  752.471303][T12080] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  752.553557][T12080] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  752.690635][T12080] team0: Port device team_slave_0 added
[  752.724344][T12080] team0: Port device team_slave_1 added
[  752.767976][T12080] batman_adv: batadv0: Adding interface: batadv_slave_0
[  752.798153][T12080] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  752.966634][T12080] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  753.160130][T12080] batman_adv: batadv0: Adding interface: batadv_slave_1
[  753.233928][T12080] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  753.344011][T12080] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  753.358667][T12257] loop7: detected capacity change from 0 to 512
[  753.655695][T12257] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  753.664916][T12257] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  753.743608][T12080] device hsr_slave_0 entered promiscuous mode
[  753.782318][T12080] device hsr_slave_1 entered promiscuous mode
[  753.924720][T11488] EXT4-fs (loop7): unmounting filesystem.
[  757.064518][T11259] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  757.073320][T11259] Bluetooth: hci5: Injecting HCI hardware error event
[  757.082503][ T4284] Bluetooth: hci5: hardware error 0x00
[  757.622920][T12080] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  757.727260][T12080] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  757.779154][T12080] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  757.851535][T12080] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  758.366337][T12080] 8021q: adding VLAN 0 to HW filter on device bond0
[  758.430084][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  758.474333][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  758.519363][T12080] 8021q: adding VLAN 0 to HW filter on device team0
[  758.564774][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  758.579695][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  758.612856][T11771] bridge0: port 1(bridge_slave_0) entered blocking state
[  758.620148][T11771] bridge0: port 1(bridge_slave_0) entered forwarding state
[  758.693293][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  758.738651][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  758.794591][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  758.866349][T11771] bridge0: port 2(bridge_slave_1) entered blocking state
[  758.874011][T11771] bridge0: port 2(bridge_slave_1) entered forwarding state
[  758.964819][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  759.009045][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  759.287799][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  759.326657][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  759.844885][ T4284] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  759.960183][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  760.037422][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  760.065259][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  760.091144][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  760.128007][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  760.177368][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  760.201138][T12306] netlink: 'syz.6.2399': attribute type 1 has an invalid length.
[  760.209384][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  760.261697][T12080] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  760.285126][T12306] netlink: 'syz.6.2399': attribute type 2 has an invalid length.
[  760.453007][T12306] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2399'.
[  761.314177][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  761.321684][ T4325] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  761.375036][T12080] 8021q: adding VLAN 0 to HW filter on device batadv0
[  765.549927][T12353] loop6: detected capacity change from 0 to 2048
[  765.759506][T12353] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  766.869831][T11667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  766.926562][T11667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  767.034308][T11855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  767.061086][T11855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  767.115488][T12080] device veth0_vlan entered promiscuous mode
[  767.147303][T11855] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  767.180345][T11855] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  767.231233][T12080] device veth1_vlan entered promiscuous mode
[  767.326036][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  767.369078][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  767.419903][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  767.477650][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  767.521275][T12080] device veth0_macvtap entered promiscuous mode
[  767.597004][T12080] device veth1_macvtap entered promiscuous mode
[  767.726270][T12080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  767.766772][T12080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  767.794011][T12080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  767.814325][T12080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  767.834932][T12080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  767.863949][T12080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  767.904905][T12080] batman_adv: batadv0: Interface activated: batadv_slave_0
[  767.914840][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  767.928730][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  767.972264][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  768.041847][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  768.073666][T12080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  768.123981][T12080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  768.140635][T12080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  768.179535][T12080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  768.203960][T12080] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  768.233964][T12080] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  768.244407][T12384] loop3: detected capacity change from 0 to 128
[  768.290475][T12384] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  768.292781][T12080] batman_adv: batadv0: Interface activated: batadv_slave_1
[  768.334581][T12384] ext4 filesystem being mounted at /506/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  768.401144][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  768.420342][T10670] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  768.466098][T12080] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  768.496853][T12080] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  768.534024][T12080] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  768.573663][T12080] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  768.619227][ T4279] EXT4-fs (loop3): unmounting filesystem.
[  768.864705][ T4386] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  768.901570][ T4386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  768.912905][T11667] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  770.441727][T12390] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2411'.
[  770.488095][T10670] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  770.522232][T10670] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  770.565962][T11771] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  773.294627][T12421] loop3: detected capacity change from 0 to 764
[  773.357384][T12421] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  775.534749][T12443] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  777.120541][T12464] loop7: detected capacity change from 0 to 2048
[  777.128303][T12464] UDF-fs: bad mount option "rootdir=00000000000000000008" or missing value
[  778.365198][ T4463] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  780.173969][ T4284] Bluetooth: hci1: command 0x0406 tx timeout
[  788.934690][T12534] loop9: detected capacity change from 0 to 1024
[  894.993863][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  895.000990][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P11577/1:b..l
[  895.009739][    C1] 	(detected by 1, t=10502 jiffies, g=99697, q=178 ncpus=2)
[  895.017092][    C1] task:syz-executor    state:R  running task     stack:22064 pid:11577 ppid:11568  flags:0x00004004
[  895.029531][    C1] Call Trace:
[  895.032864][    C1]  <TASK>
[  895.035851][    C1]  __schedule+0x11d1/0x40e0
[  895.040446][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  895.046515][    C1]  ? __sched_text_start+0x8/0x8
[  895.051518][    C1]  ? lock_chain_count+0x20/0x20
[  895.056436][    C1]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  895.062403][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  895.067670][    C1]  ? preempt_schedule_irq+0xb0/0x160
[  895.073053][    C1]  preempt_schedule_irq+0xbb/0x160
[  895.078250][    C1]  ? preempt_schedule_notrace+0x120/0x120
[  895.084032][    C1]  ? rcu_is_watching+0x11/0xa0
[  895.088860][    C1]  ? rcu_irq_exit_check_preempt+0xdb/0x210
[  895.094730][    C1]  irqentry_exit+0x63/0x70
[  895.099193][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  895.105230][    C1] RIP: 0010:xas_find+0x2cf/0xab0
[  895.110218][    C1] Code: 44 0f b6 75 00 45 89 ef 41 83 e7 3f 4c 89 ff 4c 89 f6 e8 24 c4 62 f7 4d 39 f7 0f 85 98 00 00 00 e8 36 c2 62 f7 4c 8b 7c 24 08 <48> bb 00 00 00 00 00 fc ff df e9 b0 00 00 00 e8 1d c2 62 f7 eb 16
[  895.129893][    C1] RSP: 0018:ffffc900034a7768 EFLAGS: 00000293
[  895.136133][    C1] RAX: ffffffff8a1fb2ea RBX: 1ffff92000694f0e RCX: ffff8880725fd940
[  895.144161][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008
[  895.152178][    C1] RBP: ffffc900034a7872 R08: ffff8880725fd940 R09: 0000000000000002
[  895.160194][    C1] R10: 0000000000000003 R11: 0000000000000000 R12: ffffc900034a7878
[  895.168221][    C1] R13: 0000000000001b88 R14: 0000000000000008 R15: ffffc900034a7878
[  895.176341][    C1]  ? xas_find+0x2ca/0xab0
[  895.180736][    C1]  ? xas_find+0x2ca/0xab0
[  895.185167][    C1]  ? folio_contains+0x270/0x580
[  895.190098][    C1]  find_lock_entries+0x1c8/0xbb0
[  895.195105][    C1]  ? find_lock_entries+0xfe/0xbb0
[  895.200193][    C1]  ? find_get_entries+0x540/0x540
[  895.205298][    C1]  shmem_undo_range+0x288/0x20c0
[  895.210353][    C1]  ? shmem_truncate_range+0xb0/0xb0
[  895.215639][    C1]  ? do_raw_spin_lock+0x128/0x2f0
[  895.220722][    C1]  ? __rwlock_init+0x140/0x140
[  895.225541][    C1]  shmem_evict_inode+0x25b/0xa80
[  895.230567][    C1]  ? inode_wait_for_writeback+0x1df/0x220
[  895.236436][    C1]  ? shmem_free_in_core_inode+0xb0/0xb0
[  895.242047][    C1]  ? do_raw_spin_lock+0x128/0x2f0
[  895.247123][    C1]  ? bit_waitqueue+0x30/0x30
[  895.251781][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  895.257034][    C1]  ? shmem_free_in_core_inode+0xb0/0xb0
[  895.262649][    C1]  evict+0x4c9/0x8d0
[  895.266602][    C1]  ? dput+0x37/0x1d0
[  895.270557][    C1]  ? proc_nr_inodes+0x2f0/0x2f0
[  895.275469][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  895.280805][    C1]  ? _raw_spin_unlock+0x24/0x40
[  895.285705][    C1]  ? iput+0x768/0x980
[  895.289742][    C1]  do_unlinkat+0x388/0x580
[  895.294289][    C1]  ? fsnotify_link_count+0xf0/0xf0
[  895.299554][    C1]  ? getname_flags+0x206/0x500
[  895.304393][    C1]  __x64_sys_unlink+0x45/0x50
[  895.309123][    C1]  do_syscall_64+0x4c/0xa0
[  895.313618][    C1]  ? clear_bhb_loop+0x60/0xb0
[  895.318383][    C1]  ? clear_bhb_loop+0x60/0xb0
[  895.323299][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  895.329247][    C1] RIP: 0033:0x7f64fbf9b717
[  895.333724][    C1] RSP: 002b:00007ffcf5371488 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[  895.342200][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f64fbf9b717
[  895.350329][    C1] RDX: 00007ffcf53714b0 RSI: 00007ffcf5371540 RDI: 00007ffcf5371540
[  895.358615][    C1] RBP: 00007ffcf5371540 R08: 00007ffcf5372540 R09: 00000000ffffffff
[  895.366647][    C1] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffcf53725d0
[  895.374672][    C1] R13: 00007f64fc031ef0 R14: 00000000000bf919 R15: 00007ffcf5372610
[  895.382835][    C1]  </TASK>
[  895.385986][    C1] rcu: rcu_preempt kthread starved for 9477 jiffies! g99697 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  895.397236][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  895.407253][    C1] rcu: RCU grace-period kthread stack dump:
[  895.413182][    C1] task:rcu_preempt     state:R  running task     stack:26992 pid:16    ppid:2      flags:0x00004000
[  895.424025][    C1] Call Trace:
[  895.427393][    C1]  <TASK>
[  895.430383][    C1]  __schedule+0x11d1/0x40e0
[  895.434984][    C1]  ? __sched_text_start+0x8/0x8
[  895.439895][    C1]  ? __mod_timer+0x91e/0xd00
[  895.444632][    C1]  schedule+0xb9/0x180
[  895.448755][    C1]  schedule_timeout+0x184/0x2d0
[  895.453669][    C1]  ? console_conditional_schedule+0x40/0x40
[  895.459663][    C1]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  895.465616][    C1]  ? update_process_times+0x1b0/0x1b0
[  895.471058][    C1]  ? prepare_to_swait_event+0x335/0x350
[  895.476666][    C1]  rcu_gp_fqs_loop+0x303/0x1340
[  895.481574][    C1]  ? rcu_gp_kthread+0x3b0/0x3b0
[  895.486483][    C1]  ? dyntick_save_progress_counter+0x2b0/0x2b0
[  895.493125][    C1]  ? rcu_gp_init+0x14e0/0x14e0
[  895.497941][    C1]  ? rcu_gp_cleanup+0xb41/0xc90
[  895.502933][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  895.508354][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  895.513615][    C1]  rcu_gp_kthread+0x99/0x3b0
[  895.518270][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  895.523612][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  895.529570][    C1]  ? __kthread_parkme+0x162/0x1c0
[  895.534665][    C1]  kthread+0x29d/0x330
[  895.538777][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  895.543985][    C1]  ? kthread_blkcg+0xd0/0xd0
[  895.548626][    C1]  ret_from_fork+0x1f/0x30
[  895.553112][    C1]  </TASK>
[  895.556172][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  895.562624][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted syzkaller #0
[  895.569721][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  895.579828][    C1] RIP: 0010:default_idle+0xb/0x10
[  895.584921][    C1] Code: 48 89 df e8 27 c3 9c f7 e9 44 ff ff ff e8 3d 07 f6 ff 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 66 90 0f 00 2d 77 0c 50 00 fb f4 <c3> 0f 1f 40 00 41 57 41 56 53 49 be 00 00 00 00 00 fc ff df 65 48
[  895.604668][    C1] RSP: 0018:ffffc90000177de8 EFLAGS: 000002c6
[  895.610791][    C1] RAX: 532c85ee6d030f00 RBX: ffffffff8a36a2b7 RCX: 532c85ee6d030f00
[  895.618807][    C1] RDX: 0000000000000001 RSI: ffffffff8a8c1220 RDI: ffffffff8adf0de0
[  895.626923][    C1] RBP: ffffc90000177f20 R08: ffff8880b8f3580b R09: 1ffff110171e6b01
[  895.634943][    C1] R10: dffffc0000000000 R11: ffffed10171e6b02 R12: 1ffff9200002efc8
[  895.642963][    C1] R13: dffffc0000000000 R14: ffff888017731dc0 R15: 0000000000000001
[  895.650995][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  895.660042][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  895.666775][    C1] CR2: 00007f6e75e9d92f CR3: 000000007e42a000 CR4: 00000000003506e0
[  895.674908][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  895.682979][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  895.691011][    C1] Call Trace:
[  895.694465][    C1]  <TASK>
[  895.697452][    C1]  default_idle_call+0x84/0xc0
[  895.702449][    C1]  do_idle+0x20d/0x5a0
[  895.706606][    C1]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  895.712834][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  895.718121][    C1]  ? do_idle+0x58a/0x5a0
[  895.722500][    C1]  cpu_startup_entry+0x3f/0x60
[  895.727568][    C1]  start_secondary+0xe4/0xf0
[  895.732229][    C1]  secondary_startup_64_no_verify+0xcf/0xdb
[  895.738319][    C1]  </TASK>