last executing test programs:

10m57.596611054s ago: executing program 2 (id=485):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./file1\x00', 0x0, 0x1000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$alg(0x26, 0x5, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

10m55.95172561s ago: executing program 2 (id=492):
socket$nl_route(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0xfffe, 0x7fffffff, @local, 0x9}, 0x1c)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x2c}, 0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400)=@v2={0x3, 0x1, 0x8, 0x7}, 0x9, 0x1)
syz_open_dev$sndctrl(&(0x7f0000000280), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r0 = memfd_create(0x0, 0x0)
execveat(r0, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x2)
r1 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x40001f, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1, 0x0, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x1000, 0x7, {}, {0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, "a730b801"}, 0x0, 0x1, {0x0}})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
utime(&(0x7f0000000000)='./file0\x00', 0x0)

10m54.576692282s ago: executing program 2 (id=496):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x408c40, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, &(0x7f0000000100))
r6 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_REWIND(r6, 0xc0844123, &(0x7f0000000180)=0x4)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x3, 0x6, 0xfffa}, 0x1000001d, [0x8000, 0xc95a, 0xf, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x49, 0x39cc191b, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x2, 0x3, 0x0, 0x5, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x24, 0x9, 0x1, 0x1f461e2c, 0xfffffff9, 0xe661, 0x4, 0x6, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x0, 0xe, 0x0, 0x71, 0x7, 0x7, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x80000132, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x5, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x0, 0x8000, 0x2009, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x5, 0x5f2e, 0x4, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x1, 0x8000, 0x1, 0xfe000000, 0xffff, 0x42, 0x7f, 0x9, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0x4, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x4, 0x6d01, 0x5, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0x5, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0xfffffff9, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x6, 0xa2ed, 0x4, 0x25], [0x9, 0xbb31, 0x7, 0xb, 0x5, 0x938, 0x4, 0x6, 0x0, 0x5, 0xce7, 0x8001, 0x2, 0x7, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0x7, 0xffff, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0x2, 0x4, 0x6, 0x1, 0x80010080, 0x5, 0x8, 0x1000, 0xa1f, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)

10m52.665348432s ago: executing program 2 (id=499):
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='cgroup.max.descendants\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$swradio(0x0, 0x1, 0x2)
syz_io_uring_setup(0x117, &(0x7f0000000300), &(0x7f0000000280), &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000000)=0x1a7)
mmap$dsp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x300000d, 0x8012, r3, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000400)="3f4e55f1", 0x4)
sendto$unix(r5, &(0x7f0000000080), 0xffffff9d, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/209, 0xd1}], 0x1}, 0x7fff}, {{0x0, 0x0, 0x0}, 0xff}], 0x2, 0x2, 0x0)

10m38.036019292s ago: executing program 2 (id=540):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x8, 0x7, 0x4})
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, r2, 0x0, 0x0, 0xa, 0x1ff, 0x1})

10m37.944797363s ago: executing program 2 (id=542):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

10m22.797183401s ago: executing program 32 (id=542):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

3m10.809733268s ago: executing program 5 (id=1718):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000280)={[{@keep_last_dots}, {@discard}, {@zero_size_dir}, {}, {@namecase}, {@gid}, {@gid}, {@allow_utime={'allow_utime', 0x3d, 0x1}}, {@allow_utime={'allow_utime', 0x3d, 0x2}}]}, 0xc1, 0x14fc, &(0x7f0000004f80)="$eJzs3Al0VUW2MODaVXUgxIjXiAyB2rUPXDFAERERGURABhERERERmURAxIiIiIAIAZlEDIgIyBgRGQICIpMxYpjnQWYRIyJGREQmmQTqX9j2o/vZr339d/fP/172t1at1L7n7H2rsrNyzzlrJT90H1GnWd2aTYhI/FPgT19ShBAxQoghv70YCCEqxFeIv3w8n4KUf+5N2N8H/+D5D6f/mxbC/kfg/udu3P/cjfufu3H/czfuf+7G/c/duP+5G/efsdxs66wi1/PIvePf+fz/OiH4+f//1/jz/3+RnLITv1lf9sYe/0AK9z934/7nbtz/3I37n7tx/3M37v//fjX+zjHuf+7G/WcsN7vaz595XN1xtX/+GGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4zlDmf9FVoI8ef51V4XY4wxxhhjjDHG/nV83qu9AsYYY4wxxhhjjP37gZBCCS0CkUfkFTEin4gV14g4ca3IL64TEXG9iBc3iALiRlFQFBKFRRGRIIqKYsIIFFaQCEVxUUJExU2ipLhZJIpSorQoI5woK5LELaKcuFWUF7eJCuJ2UVHcISqJyqKKqCruFNXEXaK6qCFqirtFLVFb1BF1xT2inrhX1Bf3iQbiftFQPCAaiQdFY/GQaCIeFk3FI6KZeFQ0F4+JFqKlaCVaizb/V/kvid7iZdFH9BUpop/oL14RA8RAMUgMFkPEq2KoeE0ME6+LVDFcjBBviJHiTTFKvCVGizFirHhbjBPjxQQxUUwSk0WaeEdMEe+KqeI9MU1MFzPETJEuZonZ4n0xR8wV88QHYr74UCwQC8UisVgsER+JDPGxyBSfiKXiU5EllonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKj4T28R2sUPsFLvEbrFHfC72ii/EPvGlyBZf/YP5Z/5Tfg8QIECCBA0a8kAeiIEYiIVYiIM4yA/5IQIRiId4KAAFoCAUhMJQGBIgAYpBMUBAICAoDsUhClEoCSUhERKhNJQGBw6SIAnKwa1QHspDBagAFaEiVILKUBmqQlWoBtWgOlSHmlATakEtqAN14B64B+6F+lAfGkADaAgNoRE0gsbQGJpAE2gKTaEZNIPm0BxaQAtoBa2gDbSBttAW2kE76AAdoCN0hE7QCZIhGTpDZ+gCXaArdIVu0A26Q3foAT2hJ7wEL8HL8DL0hVqyH/SH/jAABsAgGAyD4VUYCq/Ba/A6pMJwGAFvwBvwJoyC0zAaxsBYGAvV5HiYABOB5GRIgzSYAlNgKkyFaTAdpsNMSIdZMBtmwxyYC3PhA5gPH8KHsBAWwmJYAksgAz6GTMiEpXAGsmAZLIcVsBJWwUpYA2thDayHDbAeNsEm2AJb4DP4DLbDdtgJO2E37IbP4XP4Ar6AVMiGbNgP++EAHICDcBByIAcOwSE4DIfhCByBo3AUjsFxOAHH4RScgtNwBs7CWTgP5+ECvJDwXdPdpdalCnmZllrmkXlkjIyRsTJWxsk4mV/mlxEZkfEyXhaQBWRBWVAWloVlgkyQxWQxiRIlyVAWl8VlVEZlSVlSJspEWVqWlk46mSSTZDlZTpaX5WUFebusKO+QlWRl2d5VlVVlNdnBVZc1ZE1ZU9aStWUdWVfWlfVkPVlf1pcNZAPZUDaUjeSDsrHsB4PgYXm5M83kcGguR0AL2VK2kq3lm/C4bCtHQTvZXnaQT8oxMBo6ybYuWT4jO8sJ0EU+JyfC87KbnAzd5Yuyh+wpe8mXZG/ZzvWRfeU06Cf7y5kwQA6Ug+RgOQdqy8sdqyNfl6lyuBwh35CL4U05Sr4lR8sxcqx8W46T4+UEOVFOkpNlmnxHTpHvyqnyPTlNTpcz5EyZLmfJ2fJ9OUfOlfPkB3K+/FAukAvlIrlYLpEfyQz5scyUn8il8lOZJZfJ5XKFXClXydVyjVwr18n1coPcKDfJzXKL3Co/k9vkdrlD7pS75G65R34u98ov5D75pcyWX8n98mt5QH4jD8pvZY78Th6S38vD8gd5RP4oj8qf5DF5XJ6QJ+Up+bM8Lc/Is/KcPC9/kRfkRXlJeikUKKmU0ipQeVReFaPyqVh1jYpT16r86joVUdereHWDKqBuVAVVIVVYFVEJqqgqpoxCZRWpUBVXJVRU3aRKqptVoiqlSqsyyqmyKkndosqpW1V5dZuqoG5XFdUdqpKqrKqoqupOVU3dpaqrGqqmulvVUrVVHVVX3aPqqXtVfXWfaqDuVw3VA6qRelA1Vg+pJuph1VQ9opqpR1Vz9ZhqoVqqVqq1aqMeV23VE6qdaq86qCdVR/WU6qSeVsnqGdVZPau6qOdUV/W86qZeUN3Vi6qH6ql6qYvqkvKqj+qrUlQ/1V+9ogaogWqQGqyGqFfVUPWaGqZeV6lquBqh3lAj1ZtqlHpLjVZj1Fj1thqnxqsJaqKapCarNPWOmqLeVVPVe2qamq5mqJkqXc1Sg36rNO+/kf/u38gf9uu7b1Fb1Wdqm9qudqidapfarfaoPWqv2qv2qX0qW2Wr/Wq/OqAOqIPqoMpROeqQOqQOq8PqiDqijqqj6pg6rs6pk+qU+lmdVmfUGXVOnVfn1YXfvgdCg5Zaaa0DnUfn1TE6n47V1+g4fa3Or6/TEX29jtc36AL6Rl1QF9KFdRGdoIvqYtpo1FaTDnVxXUJH9U26pL5ZJ+pSurQuo50uq5P0Lf90/h+tr41uo9vqtrqdbqc76A66o+6oO+lOOlkn6866s+6iu+iuuqvuprvp7rq77qF76F66l+6te+s+uo9O0Sm6v35FD9AD9SA9WA/Rr+qheqgepofpVJ2qR+gReqQeqUfpUXq0Hq3H6rF6nB6nJ+gJepKepNN0mp6ip+ipeqqepqfpGXqGTtfperaerefoOXqenqfn6/l6gV6gF+lFegkInaEzdKbO1Ev1Up2ll+lleoVeoVfpVXqNXqPX6XV6g96gN+lNOktv1Vv1Nr1N79A79C69S+/Re/RevVfv0/t0ts7W+/V+fUAf0Af1QZ2jc/QhfUgf1of1EX1EH9VH9TF9TJ/QJ/QpfUqf1qf1WX1Wn9fn9QV9QV/Sly5f9gUykIEOdJAnyBPEBDFBbBAbxAVxQf4gfxAJIkF8EB8UCG4MCgaFgsJBkSAhKBoUC0yAgQ0oCIPiQYkgGtwUlAxuDhKDUkHpoEzggrJBUnBLUC64NSgf3BZUCG4PKgZ3BJWCykGVoGpwZ1AtuCuoHtQIagZ3B7WC2kGdoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLHg0aB48FrQIWgatgtZBm39pfe9PF3rC9TF9TYrpZ/qbV8wAM9AMMoPNEPOqGWpeM8PM6ybVDDcjzBtmpHnTjDJvmdFmjBlr3jbjzHgzwUw0k8xkk2beMVPMu2aqec9MM9PNDDPTpJtZZrZ538wxc80884GZbz40C8xCs8gsNkvMRybDfGwyzSdmqfnUZJllZrlZYVaaVWa1WWPWmnVmvdlgNppNZrPZYraaz8w2s93sMDvNLrPb7DGfm73mC7PPfGmyzVdmv/naHDDfmIPmW5NjvjOHzPfmsPnBHDE/mqPmJ3PMHDcnzElzyvxsTpsz5qw5Z86bX8wFc9FcMv7yxf3lj3fUqDEP5sEYjMFYjMU4jMP8mB8jGMF4jMcCWAALYkEsjIUxAROwGBbDywgJi2NxjGIUS2JJTMRELI2l0aHDJEzCclgOy2N5rIAVsCJWxEpYCatgFbwT78S78C6sgTXwbrwba2NtrIt1sR7Ww/pYHxtgA2yIDbERNsLG2BibYBNsik2xGTbD5tgcW2ALbIWtsA22wbbYFtthO+yAHbAjdsRO2AmTMRk7Y2fsgl2wK3bFbtgNu2N37IE9sBf2wt7YG/tgH0zBFOyP/XEADsBBOAiH4BAcikNxGA7DVEzFETgCR+JIHIWjcDSOwbH4No7D8TgBJ+IknIxpmIZTcApOxak4DafhDJyB6ZiOs3E2zsE5OA/n4XycjwtwAS7CRbgEl2AGZmAmZuJSXIpZmIXLcTmuxJW4GlfjWlyL63E9bsSNuBk341bcittwG+7AHbgLd+Ee3IN7cS/uw32Yjdm4H/fjATyAB/Eg5mAOHsJDeBgP4xE8gkfxKB7DY3gCT+ApPIWn8TSexbN4Hn/BC3gRL6HHGCtFrL3GxtlrbX57nY2x+exfxoVtEZtgi9pi1tiCttBfxWitTbSlbGlbxjpb1ibZW34XV7KVbRVb1d5pq9m7bPXfxfXsvba+vc82sPfbuvaev4ob2gdsI/uobWwfs01sS9vUtrbN7KO2uX3MtrAtbSvb2na0T9lO9mmbbJ+xne2zv4sz7Md2rV1n19sNdq/9wp615+xh+4M9b3+xfWxfO8S+aofa1+ww+7pNtcN/F4+1b9txdrydYCfaSXby7+IZdqZNt7PsbPu+nWPn/i5eYj+y822mXWAX2kV28a/x5TVl2k/sUvupzbLL7HK7wq60q+xqu+Y/1rrCbrKb7Ra7x35ut9ntdofdaXfZ3b/Gl/exz35ps+1X9pD93h6w39iD9ojNsd/9Gl/e3xH7oz1qf7LH7HF7wp60p+zP9rQ98+v+L+/9pL1oL1lvBQFJUqQpoDyUl2IoH8XSNRRH11J+uo4idD3F0w1UgG6kglSIClMRSqCiVIwMIVkiCqk4laAo3UQl6WZKpFJUmsqQo7KURLdQObqVytNtVIFup4p0B1WiylSFqtKdVI3uoupUg2rS3VSLalMdqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDN6lJrTY9SCWlIrak1t6HFqS09QO2pPHehJ6khPUSd6mpLpGepMz1IXeo660vPUjV6g7vQi9aCe1Iteot70MvWhvpRC/ag/vUIDaCANosE0hF6lofQaDaPXKZWG0wh6g0bSmzSK3qLRNIbG0ts0jsbTBJpIk2gypdE7NIXepan0Hk2j6TSDZlI6zaLZ9D7Nobkk6QOaL0TMr49gaDEtoY8ogz6mTPqEltKnlEXLaDmtoJW0ilbTGlpL62g9baCNtIk20xbaSp/RNtpOO2gn7aLdtIc+p730Be2jLymbvqL99DUdoG/oIH1LOfQdHaLv6TD9QEfoRzpKP9ExOk4n6CSdop/pNJ2hs3SOztMvdIEu0iXyJEIIZahCHQZhnjBvGBPmC2PDa8K48Nowf3hdGAmvD+PDG8IC4Y1hwbBQWDgsEiaERcNioQkxtCGFYVg8LBFGw5vCkuHNYWJYKiwdlgldWDZMUreE5cJbw/LhbWGF8PawYnhHWCmsHD56f9XwzrBaeFdYPawR1gzvDmuFtcM6Yd3wnrBeeG9YP7wvbBDeH5YPHwgbhQ+GjcOHwibhw2HT8JGwWfho2Dx8LGwRtgxbha3DNuHjYdvwibBd2D7sED4ZdgyfCjuFT4fJ4TNh5/DZPzyeEvYL+4evhK+E3t+nFkUXR5dEP4pmRAORGf0kujT6aTQruiy6PLoiujK6Kro6uia6Nrouuj66Iboxuim6Obol6n3dvMKBk0457QKXx+V1MS6fi3XXuDh3rcvvrnMRd72Ldze4Au5GV9AVcoVdEZfgirpizjh01pELXXFXwkXdTa6ku9klulKutCvjnCvrklxr18a1cW3dE66da+86uCfdk+4p95R72j3tnnGd3bOui3vOdXXPu27uBfeCe9H1cD1dL/eS6+1edn1cX5fiUlx/198NcAPcIDfIDXFD3FA31A1zw1yqS3Uj3Ag30o10o9woN9qNdmPdWDfOjXMT3AQ3yU1yaS7NTXFT3FQ31U1z09wMN8Olu3Q32812c9wcN8/Nc/MT57sFboFb5Ba5JW6Jy3AZLtNluqVuqctyWW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0u22W7/W6/O+AOuIPuW5fjvnOH3PfusPvBHXE/uqPuJ3fMHXcn3El3yv3sTrsz7qw75867X9wFd9Fdct6lRd6JTIm8G5kaeS8yLTI9MiMyM5IemRWZHXk/MicyNzIv8kFkfuTDyILIwsiiyOLIkshHkYzIx5HMyCeRpZFPI1mRZZHlkRWRlZFVEe+Lbgt9cV/CR/1NvqS/2Sf6Ur60L+OdL+uT/C2+nL/Vl/e3+Qr+dl/R3+Er+cq+in/Mt/AtfSvf2rfxj/u2/gnfzrf3HfyTvqN/ynfyT/tk/4zv7J/1Xfxzvqt/3nfzL/ju/kXfw/f0vfxLvrd/2ffxfX2K7+f7+1f8AD/QD/KD/RD/qh/qX/PD/Os+1Q/3I/wbfqR/04/yb/nRfowf69/24/x4P8FP9JP8ZJ/m3/FT/Lt+qn/PT/PT/Qw/06f7WX62f9/P8XP9PP+Bn+8/9Av8Qr/IL/ZL/Ec+w3/sM/0nfqn/1Gf5ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/8Nr/d7/A7/S6/2+/xn/u9/gu/z3/ps/1Xfr//2h/w3/iD/luf47/zh/z3/rD/wR/xP/qj/id/zB/3J/xJf8r/7E/7M/6sP+fP+1/8BX/RX+K/WWOMMcYY+29Rf3C83994Tf42LusvhLh2e5Gc/1xzY8E/zQfKhI4RIcQzfbs//OdRq1ZKSspv52YpEZRYKISIXMnPI67Ey0QH8ZRIFu1Fub+5voGy53n6g/rR24WI/Yucyzfdf46v1L/1v6j/+JNjMyqGZ+P/Tv2FQiSWuJKTT1yJr9Qv/1/UL9T2D9af75s0Idr9RU6cuBJfqZ8knhDPiuS/OpMxxhhjjDHGGPuTgbJK1z+6f758f56gr+TkFVfiP7o/Z4wxxhhjjDHG2NX3fM9eTz+enNy+K094whOe/Mfkav9mYowxxhhjjP2rXbnov9orYYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGcq//F/9O7GrvkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/k8AAAD//z4xNns=")
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x601, &(0x7f0000001280)="$eJzs3U1vG8cdB+DfUrJsqYCjJHaSFi0q2IcWMWqLYuLoUKBuURQ6BEWAXnLJQbDpWDCtBBJTKEFR2H299hs0PcjnnnooejCQnvsVBOSQQ4HeetDNxS6XFB3JNKXWJYU8DzCcGc7u7Oxfu0PuUgQDfGWtvZszj1Jk7crbO2V9b7fV2dtt3euXk5xN0khme1mKzaT4LLmRXsrXyyfr7oqnbee92bdWv2g+fNCrzdapWr5xeL3P/328vbhfpywlmanz/8IT/d0c7q9xku6KwR6WAbvcDxxM2uND7h9n9aee78DpUfReNw9ZTBaSnKvfB6SeHU70MjhNjjXLAQAAwCn1wn72s5Pzkx4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnCZFZmaqrJca/fJSiv7v/8/Vz6Uun2qPJj0AAAAAAAAAAPgf+PZ+9rOT8/3646L6zP9SVblQPX4tH2U77Wzlanaynm662UozyeJQR3M7693uVnOMNVeOXHPlWSM99f9qAAAAAAAAAADP06+ydvD5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIMimellVbrQLy+mMZvkXJK5crn7yd/65dPs0aQHAAAAAP8HL+xnPzs5368/Lqpr/leq6/5z+Sib6WYj3XTSzq3qXkDvqr+xt9vq7O227pXpcL8//NexhlH1mN69h6O3vFwtcXGwxlp+kp/lSpbyTraykZ9nPd20s5QfV6X1FFms714s9sd59HhvPFF751ljfa0ayXxuZ6Ma29XczAfp5FYa1T5Uy4ze4oMyOsUPamPG6Fadl3v0hzqfDotVRM4MIrJcx76MxoujIzE4Th6caEvNNAb3oC48h5gv1HkZ699NdcxXho6+V0ZHIrn0+bf+cqezeffO7e0r07NLJ/TlSLSGIvHqVyoSc3U0erPo8WbLS9W657ORn+aD3Eo7b2Y1b2Ylb+SNLGc114fienGMc61xvHPt8nfrwnyS39f5dCjj+uJQXIdnusWqbfiZgyi9dNwZ6XbjWUOZ/UZdKJf8dZ1Phy9HojkUiZdHR+JPj8vH7c7m3a076x+Oub3v1Hl52v52qubm8nh5qfxjVbUnj46y7eUj25pV24VBW+NQ28VB27PO1Ln6PdzhnlaqtlePbGtVba8NtR31LgeAqbfw+sLc/D/n/zH/6fxv5u/Mv33uR2dXz35zLmf+PvvXmT83Hja+X7yeT/PLg+t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5LY//uTueqfT3lKY9kL/d46mZTwKowsL0zGMkxYmPDEBz9217r0Pr21//Mn3Nu6tv99+v73ZajWvr6xeX125fu32Rqe93Huc9DCB5+DgRX/SIwEAAAAAAAAAAADGNcb3AVJ/8eTEXyeY9D4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9vauznzKEWay1eXy/rebqtTpn75YMnZJI0kxS+S4rPkRnopi0PdFU/bznt/fGv1i+bDBwd9zfaXb4xabzz365SlJDN1PtrM2P3dHKu/UYrBHpYBu9wPHEzafwIAAP//XoQJTA==")
syz_usb_connect(0x5, 0x2d, 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')

3m9.688057116s ago: executing program 5 (id=1723):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000080}, 0x20048840)

3m9.39696239s ago: executing program 5 (id=1724):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, &(0x7f0000000380))

3m9.075894165s ago: executing program 5 (id=1726):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f00000023c0)={0x2020}, 0x2020)

3m9.011160756s ago: executing program 5 (id=1727):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r0, 0x1, 0x5, 0x0, &(0x7f0000000180))
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000002a82, 0x0)
keyctl$restrict_keyring(0xb, 0xfffffffffffffffc, 0x0, 0x0)
r4 = dup(r3)
fcntl$dupfd(r1, 0x0, r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r4, 0x2f126000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

3m8.315863407s ago: executing program 5 (id=1730):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r1, 0x4b3a, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000070000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
ioctl$TCXONC(r0, 0x4b3a, 0x3)

3m7.725971737s ago: executing program 33 (id=1730):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r1, 0x4b3a, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000070000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
ioctl$TCXONC(r0, 0x4b3a, 0x3)

1m56.636098002s ago: executing program 0 (id=1902):
socket(0x40000000002, 0x3, 0x1)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b43a409aa81", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @echo_reply={0xe0, 0x0, 0x0, 0xfffd}}}}}, 0x0)

1m56.495408274s ago: executing program 0 (id=1903):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
move_mount(r1, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x891018, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x101091, 0x0)
umount2(0x0, 0x7)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20000023896)
ioctl$TCSETSW2(r2, 0x402c542c, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)

1m55.624379708s ago: executing program 0 (id=1904):
personality(0xfe47fef9f5ff7379)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x3200014, &(0x7f0000000000)=ANY=[], 0xfe, 0x625, &(0x7f0000002c40)="$eJzs3U9oHNcdB/DvrFay5IKjJHZiSqAihrRU1NYflFa92C2l6BBKSA+9VthyLLxWgqQUJYdW/X/tIddCetCtp0Lvhvbc3HLVMVDoJSdBDyozO7ta2autLNvSKvl8zNv33r437735zcyudhczAb6ylqbTfJgiS9NvbZX1n+/Mt3Z35i/Uza0kZbmRNNtZirWk+efkVtopoz3DFUfN8/Hq4juffbH7ebvWrFPVv3F4iJPYrlOmkozUebJ/4XC3AdPs7x853u3ueCdVdCNTBuxamW8/1YDwbOw/pnNm/vc4mx95vQPnR9F+33zMZHIxyXj9d0DqV4fG6a7u2fP+CwAAwFfBC3vZy1YunfU6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dyp7/9f1KnRKU+l6Nz/f6x+LnX5nCkO1R6e2ToAAAAAAAAA4Nn5xl72spVLnfp+Uf3m/3pVuVw9fi0fZCMrWc/1bGU5m9nMemaTTPYMNLa1vLm5PnuMLef6bjl3OvsLAAAAAAAAAOfHzSfp/JssHfz+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw6BIRtpZlS53ypNpNJOMJxkr+20nn3bK59nDs14AAAAAnIIX9rKXrVzq1PeL6jP/K9Xn/vF8kLVsZjWbaWUld6rvAtqf+hu7O/Ot3Z35B2V6fNwf/OeJllGNmPZ3D/1nvlr1mMjdrFbPXM/tvJdW7qRRbVm62llP/3X9ulxTcbOtOObK7tR52f9PdT4cJquIjHYjMlOvrYzGi4Mj8YRH59GZZtPofvNz+dGZRg5teijmN48538U6L/fnD0Md87n67Pu0vGYGxzz55t//+rN7rbX79+5uTA/PLp1QHYntZh2J+Z7r8NVzGonRE201U0XiSre+lB/np5nOVN7e/1WSX2Q5m1nJVH5UlZZTdM/oycGRunWo9vb/W8lYfVzal+ARa8p6Vvus6fVq20tZzU/yXu5kJW9W/+Yym+9mIQtZ7DnCV47xStt4sqv+2rfqwkSSP9b5MBit4vpiT1x7X3Mnq7beZw6i9NLRUSpO+NrY/HpdKOf4bZ0Ph0cjMdsTiZcHny9/2S8fN1pr99fvLb9/zPneqPMylL8fqneJ8nx5qTxYVe3w2VG2vdy3bbZqu9xtazzWdqXb1vdKXe/Mv1j1fqXvSHNV26t92+artqs9bf3+3gJg6F389sWxiX9P/Gvik4nfTdybeGv8hxe+d+G1sYz+c/T7zZmRNxqvFX/LJ/nlwed/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5DY+/Oj+cqu1sj6g0LnBzqA+T1so6hv5PMcpFIaskPGhWMbzLDQzFMs40dEBvuRubD54/8bGhx99Z/XB8rsr766sjS4sLM4sLrw5f+Puamtlpv141qsEnoeDN/2zXgkAAAAAAAAAAABwXKfx3wnOeh8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA821pOs2HKTI7c32mrO/uzLfK1Ckf9GwmaSTjZbn4R3Ir7ZTJnuGKo+b5eHXxnc++2P38YKxmp39j0HZ9jT76xHadMpVkpM6fwqHxbj/1eEV3D8uAXesEDs7a/wIAAP//XHoJeA==")
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x132c422, &(0x7f0000000240)=ANY=[], 0x85, 0x676, &(0x7f0000000800)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")

1m55.166856845s ago: executing program 0 (id=1906):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0x320c81c, &(0x7f0000000380)=ANY=[@ANYBLOB="636865636b3d7374726963742c6d61703d61636f726e2c686964652c6e6f726f636b2c636865636b3d72656c617865642c6e6f6a6f6c6965742c6d6f64653d3078303030303030303030303030303030302c626c6f636b3d3078303030303030303030303030303430302c00ef49cf86458fe7d77ad665fd54ecde2920ecf341fdc99e3dd3bbb43add61fbd65ef0936a80c2f39e63"], 0x1, 0x54e, &(0x7f0000001040)="$eJzs3VFv0+YawPHHpYWeHAkdnXOEUFXgpZwjFakEJ4GgiCvPeZO+4NiR7aD2ClU0RRUpTJRJa282btgmbR+C232IfSO0+90w2U5KS5u4pbSpqv8v2vzGfuz3ed3ID25jWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFhu3bZLlnjG7yyp4dx6GLQ+ve2vvW+G3N4zGdGviJX8J9PTcjWbdfW/nxZfSf43J7PZu1mZTibTsv3PK/96+J/JicH6IxI+FZtb2y9Wer3u63EncoKuXRq+rKl9EwWm5TS1MlGgatWqfXexEamG8XS0HMW6pdxQO3EQqnn3tirVahWli8tBx2/WHU8PZj64U7btqnpUbGsnjAL/7qNi5C4azzN+M41JFicxD5IP4mMTq1g7LaXW1nvdSt4AkqDSYYLKIyNEVNkul0ulcrlUvV+7/8C2J/fNsD8j+yLG/6HFeH3FozdwPBP9+i+eGPGlI0uiDny5UpdQAmkNWd43qP//v6tH9ru7/g+q/NVPi2ckrf/Xs3fXh9X/Ibmc3mtTtmRbXsiK9KQnXXk99oxO99UULb4YiSQQIy1x0jmqP0dJTapSFVueyqI0JBIlDTHiiZZIliWSWHT6iXIlFC2OxBJIKErmxZXboqQkNalJRZRoKcqyBNIRX5pSFyfdypqsp/u9IsoaluNOUGnoMAqDz11XyiNGS/3H8X3V4zdwHB8H9R8AAAAAAJxbVvrb9+T8f0qupa2G8bQ97rQAAAAAAMBXlP7lfzaZTCWta2Jx/g8AAAAAwHljpdfYWSJSkBtZa02s9HIpfgkAAAAAAMA5kf79/3oySe+BckOsndulcP4PAAAAAMA58XPuPfaj9iXrjz8lDKest+2l/1kbThLnbFzI1rvw+Rbjxox1ub+RZPLXx8zkpKtnreksaOcmmB/6k7W8PKyDEvjxMAk8rE7238mvcjOLubmaTVcHS7JeCg3j6aIbeA9L4jiXJ2K9FH/3cv17SYf/i9+6bMnaeq9bfPaqt5rm8jbZytuN/g0U991HcUQub9L7LaTXXBw44qn0Qox+v4WsX3v3+Cey1SeO0Oc7mcti5vp3vC3sHf900mepOGz0/SxKxxz5O7mVxdyav5VNDsiinJdFeXcWX7QvDpFFJS+LyjGzAIBxWcupQtb+wv8FR7kvq+5yxOr+TuazmPmZ9MA6OXPAEd3OO6Lbx6xuv+97BtKwGpv0+9tnVfV9ssL7of1GXtlKduGFNxvfypXNre076xsrz7vPuy/L5UrVvmfb98sylQ6jP6H2AAAOkPuMnY+X8iKsezln1f/e+UpBUZ7JK+nJqiykVxuk3zg4cKuFXV9DWMg5ay2kZTJ7wsvCiLO6i+lVDoPtlkfG7s2hcvI/CAAATtFcTh228v+FYC3knHfvreWjz44Lu57WBgAAToYOP1iF+CcrDE37aalWKznxolZh4D5Woak3tTJ+rEN30fGbWrXDIA7cwEsaT0xdRyrqtNtBGKtGEKp2EJml9Mnvqv/o90i3HD82btT2tBNp5QZ+7LixqpvIVe3ON56JFnWYrhy1tWsaxnViE/gqCjqhq4tKRVrvCjR17cemYZKmr9qhaTnhsnoSeJ2WVnUduaFpx0G2wUFfxm8EYSvdbHHcOxsAgDNic2v7xUqv1319qMY/jhK80xj3GAEAwF5UaQAAAAAAAAAAAAAAAAAAAAAAzr6jXclH4+w0Lh7qJ/ioH3Wi+QxuBX0Wdsu5bKQPuhCR0+w099Dxw8kckQCclr8DAAD//+mYTN4=")
syz_mount_image$ext4(&(0x7f0000000d40)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2, &(0x7f00000000c0)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}]}, 0x3, 0x4ee, &(0x7f0000002680)="$eJzs3E9oHNUfAPDvbJIm/fdrfv31V22pmlrFYDFp02p7EKSi4EFBrKAeQ5KW2rSRJgVbqmxB6lEK3sWjVw9e1UsRT4LXehSkUKSXtoK4Mrsz2c12d/Nv/xj7+cBm35vZmfe+O/Nm37y32QAeWiPpn6SSvhkROyKiUP+CkcrTvTtXpu7fuTIVxVLp5O9JebO7aT6T7Sa2ZpnRQkThk6S6osb8pctnJ2dnZy5k+fGFcx+Mz1+6/NyZoWzJ8eNHjxw+9sLE86sPqkF5aVx39348t2/Pa+9df2OqP1+el1YbR7uMxEijqpQ93e7Cemx7TTrpX8kWxcHO1YaVSs//9HANlNv/juiLVgev2MWaAZ1WKpVKLS7ExVK9qw8sATasJHpdA6A38g/69P43fzTqCGzqTPej526fqNwApXHfyx4RT5QX5uMgA3X3t+00EhHvFv/4In1Eh8YhAABqfXci7wnW9f+GKzMjf1688VL6/J9sDmU4Iv4bETsj4n8RsSsi/h8RuyPikYh4tG7/fRFRalH+SF1+sfzFSajCrTaF2lDa/3sxm9uq9v+WVGC4L8ttj8g7zDOHsvdkNAYGT52ZnTncoozvX/n5s2bravt/6SMtP+8LZvW41V83QDc9uTC55oDr3L4asbe/Pv6kPyJZnAlIImJPROxdxX6Ha9Jnnv1q32JmYOnrlo+/rNRwHm1F80ytlb6MeKZy/Iux5PhXS0yWzE+emzw9c3rm/MTi/OT4UMzOHBpPz4JDDcv48adrbzYrf9n4v/m1fpNXj317MmtZ65ce/y0153/k87fV+IeTiGRxvnZ+9WVc++XTpvc0az3/NyVvl9P5femHkwsLFw5HbEpef3D5RHXbPJ8+R7ES/+iBxu1/Z7ZN/k6kJ/FjEfF4VO4Q07rvj4gnI+JAi/h/ePmp99cef2el8U/XXf8q8S45/tX5+maJJJsbbLCq7+z+m/ebXDxWdvyPllOj2ZLG179kySWiWU3zT7t0yV/rfvcAAABgYyhExLaasaRtUSiMjVXGgHbFlsLs3PzCwVNzF89Pp+sihmOgkI90VcaDB5J8/HO4Jj9Rlz+SjRt/3re5nB+bmpud7mnkwNZym08KYxHv9NW0/9Rv7RliBv7J2jCPBmxQrdp/2onffb2LlQG6auWf/zc+6mhFgK6raf8N/sO//I294hq+9wVsAO7/garlf+jHNQM2vpK2DA+1VbX/g34EEP5N+uOtxXShpzUBuk3/Hx5Ky/5f/7oSpcHGq4biwRfHUOsd9sXaqrG5QVn3Oxdy80Tas+p6oWli81q2yn9NoelrorC6HQ5Ge47pqXW+G8UL86d3t/3kL2XflW/3Efy6K+00SwxEzZKeXI4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa7u8AAAD//8TA4LM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
inotify_add_watch(r0, 0x0, 0x10000400)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x10)
personality(0x100000)
read$FUSE(r1, &(0x7f0000006b40)={0x2020}, 0x206e)

1m54.524323325s ago: executing program 0 (id=1907):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe1000/0x18000)=nil, 0x0, 0x0, 0x34, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x5, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xd)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r2, 0xe6)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
write$rfkill(r4, &(0x7f0000000100)={0x0, 0x9, 0x3, 0x1, 0x1}, 0x8)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r5, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r5)

1m54.016400113s ago: executing program 0 (id=1910):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
mmap(&(0x7f000045f000/0x3000)=nil, 0x3000, 0xa, 0x810, r0, 0xb35ef000)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r7, 0x0, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x4000000)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r9 = accept(r5, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)

1m53.920849755s ago: executing program 34 (id=1910):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
mmap(&(0x7f000045f000/0x3000)=nil, 0x3000, 0xa, 0x810, r0, 0xb35ef000)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r7, 0x0, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x4000000)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r9 = accept(r5, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)

1m30.975946948s ago: executing program 1 (id=1960):
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{{@in, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@initdev}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2880714, &(0x7f0000000240)={[{@grpid}, {@orlov}], [{@dont_hash}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@permit_directio}, {@euid_lt={'euid<', r0}}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
getdents(0xffffffffffffffff, &(0x7f0000000500)=""/173, 0xad)

1m27.828053518s ago: executing program 1 (id=1963):
syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x28000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_io_uring_setup(0x110, &(0x7f0000000400)={0x0, 0xfac6, 0x800, 0x0, 0x287}, &(0x7f0000000240), &(0x7f0000000280))
mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

1m25.363043117s ago: executing program 1 (id=1967):
prctl$PR_SET_PDEATHSIG(0x59616d61, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = inotify_init1(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_add_watch(r0, &(0x7f00000000c0)='.\x00', 0x4000000e)
r4 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000180)={0xa0, 0xfffffffffffffffe, 0x0, {{0x3, 0x1, 0x5, 0x6, 0x5, 0x1, {0x1, 0x2d203ae5, 0x6, 0x1, 0x2, 0xd615, 0x5, 0x800001, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3fa, 0x1}}, {0x0, 0x1f}}}, 0xa0)
sendfile(r4, r4, &(0x7f0000000080), 0x7f01)

1m24.829282305s ago: executing program 1 (id=1968):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc01, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020)

1m24.350473833s ago: executing program 1 (id=1972):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
syz_clone(0x40200000, &(0x7f0000000340), 0x0, &(0x7f0000000380), &(0x7f0000000400), &(0x7f0000001480)="c2d853f9f2f843a53173ffdcf80a6afbef5381ca5832c6ffa545a1dd58bbbe90d039b96a13587bcfe3a4c80ba617cd8cc02efcb35edf63609bdb9cf5b7e4ce6a83ef0429d7d14d233340ecc48380b44cb465be3e531dc9c3bc6870576d275ebdd5569d49fabf5db5fd1d6fc7541deb55cbd839986f21419011794fcb8d311c1d56a8a5e13cad6743df9a15198da9ab03b7d0f8a0fc8c4597b4b8eb02b3280b562e8298ec4481ee7609c1cd949861cec5ff20e39f8c3ef045a7bafc9bfa47c2d535dbc90883761dcfea306f52312d617d431cda9bafbeeeab5514b113aca721c402f7abb7fab3082b23a46c94043ec813a210362e0bc524930ddfeea693f678588c567fb7f5d21513d63b699c4a4e31cfdd9ed87b6ee76c43f824ddd806ae49bc4f145cedab316fe329ea26f106621194bf54970721c229f9bbda051d8a613d682b822c9129c54bba5ae1018f91cc20b64e4c82dc2de299cc5c2285fa3baf3c047c1574f80d8dcd1b852b59a647c93946c20951e97e6908711def9cd1d907efa69fe0b1d2e390fceffe32fd370b8616d81bb48e20a6f3b39773bbd6e8221b83844ffcbacaba3abcd2d3b7b910311746329afe71cab49f8106439aff0de582dfa05b9d9393bfde9423372723f61249ab0c242ffa6ba6f6da7b0d6642124860964c2840252f8a8fcef3d2644a499e436959aa73948a4d551421fa669102cf559a7298548bdd4efdff0b3ef69b66a7198351cc57b844207d393f022a574045d66850174a254f56a301fa8c137c45ab2914882b921023a59f72e992e49bb76ec12e3d326717eb5a261f0672f6f570ec950aac923aa0ff595cba4dc677d2f8855004e38fa24575d47087ca3f5bfe7e05a6aa2b57fddfcc2bd38d73602608b26205590a7f7b736541f938ec15e6fa43e8a793b0d49c940fb247f098cb9a28b51cdaf19ac720dd65f2f416e6d760805968d66738ea0d3b0ee883fd783b440e273890d51c8837476b8a11547f23b361532ad1d7ab78953602b5016ea59c86f3b0272e6602b4c91037190e3aba162380d0bbf3634e1d21e122bcd02782abbd67fe72aa9998db4260d80c3bcb1ee3c8fb29649d1a99927cf4181b3e43a7c53a9295ae6aeeb82d965f3bba3e4d2470717c896da654ac6df2e6d50d444e570f3e2629edcded167fd74a0ad7adcb968efe78a0f636d4d04d689522b07eba2ce6609d896664ee970312f295d16f6f918930141d46b720e182681db45d41b480ef1c33042c4e62f940b3eb8bfe9bb7b75d86180f14739a185e178395286bf3f4c61b0385a42610be32002dbdd5fd014b79cd29b9823d9140e74afc0b488bc073085d5bbc08a4dbe34d5e06499cb59f82a394ea55f071d69725da20c6d59382726fc0843b5a1a77768c29681993b1f06cd89abeff373e0682b642e9b72acca5ad76ed0ba2eb3f78b34bd7ec9b5c78a3fb3965ce9816b9dc33964d0d15788e410fb8e2d5e0ab443d76362510b3f7b0617acfe931a4de5a7612e82701063295b95a8ab384c5e903f37cec93227165db3721bb5a87c56c5726978a14619760eccfc6fd1f0048f590a96d25d945e320b08af82381c745a2e9b6baeebb5613130baf72bbe1705af4af07372ca8b773575f3b40936c62df2e40d78e8c50d7902b7084499bf93e86d042b0cd7f7502ddbb477266eabb8bf01aafd2a3f9d300871a904bc8c24cc5af0a862120e22dc0d17bd05600cf07db6062b3d032e12d2a311c2928ffa9ac464c5b4a7b5613993f61c00e7f985969036ce2edca4b1220381a618349bb070050dbd928d8cea293a8dbac41b27c0df7467379537763c086e6d41f59f1de3f478c0629ebd5646adeb89726cd0e65c21a36ffb283efb50c6c28c5b56656fe01c39a59d3455c2bdcf95e1a146c50d07d0a8340b94c52109eceb5de428c5de2df2358fa6f05ef02daeaed6ed22b0ab28ef84965e510293bea19f2612264584f33b51776af91a2e3504ef71151602f1fe3386add00485b7529137dc4b8a6b64a7eba954fac1b575765d65aaf3ef6071247149934bda513fe351598b35c757458c78845f1550846d6b5eb68d1f68a21d4f8d7690c662a67a38900e11d123050451c020c08afc5ac10e6ccb828cdd4e08686c2bb5bc0f662d96e962e68cdb30245b35ceea893f2acfd4c40de0e1863cfc28831bad2186a68c0189e9ef1676db5bbda68b34f185437c4c1c6cf828abedc9473299d7d780083fb3f8aa48d2ba93f7d254755911a29f97bde7486bb76a5d32e99bfc2d197d9c7126ec5b189e7b91ac7bd89ad6e7f31009de88a691156e5879747adbc6fb44b39864fe7ff65fc143bc29563d9f5a923865f61faccea1184de28396459f5d026a38b0b525429a70bbbb9d268fd53e1f4c548084c85e3a0efc872a4067f01a6d3b2e16bc76dba9b0dbd0432485c8fc4671238d87bf9b964e66e97d98ecde7db0bc335920cff7cdca5fcddb569315dbb6e62944c4073397c4d70e3b17fe23a4986533960be5de399511d7c80c4488c9e71c3e24f7174eaaf3f1aed013e4d09586595a6d04cc7f99e632b920e4ee0c458398b4bedd96f1ac1bd6d84c2b5c91503e88718f2ecf8ecabb3be8541ba76f9c7f35796947eec659cab4199e729b4377fe5750c9c178fe73fbf61da2fea9a9bf970a869a617a15ecb993628be04fc27c1f694c024ce5e896b47c4c6ded4b4e55a89b0a464077f26320b79fdddcc638b7899d893cc8abf81516782e0ebd3bd2c3b2d517f846a6c6996f7db38c456a8b6a033056316bd2ac76ffed2a795fd01ef0795d58ccc593540e6a5c04bfd7bad429feda3fc51cbdd1b1dbc36a14cf1057c787def1383891d50dc0cc5e0151f4632a517e38ca7ca052ce03298ef9d46ce8e55a0ddb90fbb6d9bdaa16464911af90631b170f9f7e824d0602497e1754630a2129f3c4b92381ebe83c0372469775a47eec0dd144bcef6824a11028a87cebe78daaff96ee5aa15c5c08c3a4548fd1637ef2acdc52cc3e6ba189ef0f4f6d6d2472a2ce2c14d7a26a84a0e82ea0be9bdb3066230c108450808cb805510917254157cf9bb5687f450e94747dc38f07c512ce5dd84ef2e0995aacf72899f44325e7db57214b7085245362725961c9fada45506023fc04535f45423b1be98c171c428e8a0d1eeed80cf81adf7951a55526cb53a401c2474ccbf3254216856aed6705665264d04f71eb5ee9ffbe47006a6e7d5a31c08fb65d8b3c45b98c59848137227266a60ecd82cada51ca8a53cf61d487462088249817d7608a997a696aceda9bd6d44ea4875f0a188b7cebb7170432e0baed5d4ce5791b5fb647f9ded8d9ad516b550552955bf0873cfbbf5b309690907fe2ee85a2c438eae17de08ba0a9189b4a8b30c1d36a1ae96f9338cf23343df2aacc0d2b20e1573c50b76a09038ecad16ec92ae1d9a7860c9c5390518c65a8857fe0312ad4280e0fc9c06cd1ef3677519203d73196e1b6e3155100b70c8f86ade622a7eb0cf983985f689ffc5073a499ec5af6ce6d7e693bfee5ad97d9dbe98861e7d61f6bd4c093ac971be74ef0937c73febe4802cf3f2f23ece1f45231262e8ef3eb9198fb6a0075622dcd043c4d32203f59c8d65d2424abc36d189eef1c9125b2ccd76aa02f41da4ef4f3a3af70c4f0a37954ea3b7be5dae6ae3a3115a3048ab11403c14520cbe45ee70086275c0a6899ee9585775e191072960b30cd4cd7a2d99ddfdf45aebe8a567ab93fad7f75ea7dce8f81599df69507b4299d40397bb6618ad03055b710fba9014023964e5f1c9e80b65eb2cd3f785439a090893339cd7caa7f9ec90faabdac7c38ce784d36206f772f7585746a188d64b151b099e6543ed02a0dd55d587d0460501469b40940a45ebcc2bf540849378730bafc4ed5001f670742cdfee5f40436a6beff1d4147fd9d3e8ea0d355182a5aaaff141361da4c3da138ac29ec265c76d6378818f175b04f5c16cd4ecc82cec3f7b7de819da2443b5e1c3592665fb7bcf92fbb219b2b32d1abbf77984a1143909a58da6ad4790265c091b62e9137e16c0917a82b0956ef815375bca41acba2a5e77af494b63c392994f310b393d2accc1a9c67ffcf4e58d85b529a10008914ba4a1b0424c5a672a2569768ca28800f611ef877dc005ff516122f4a6e429de76028445676f94c79eb763f6a0273777233028a4dda9e9ed2cf4fdb9f503ca66d07bccf5f08cd291ef529e3be6065d7f919056a6a4be47184f0a39418cebcfba5d39394525c5ed55ddf7f9e19fba4bfa3409acf85cdadae2af140aed8ca8b498455b31c57748d21891871669cb0ad15750c39d16665a565a18dd492ff8f4f3d37137365ce260f241dab5c459a65ae3512cb246b5c786df8991298cc8571915bfd5f86d519439382f1423d70701b44d13d2aef9aec46dec3275a789fd0e5528e19e5ce4a3dc6ba0d32812a5eefbd198ce96faa13b836c4e585f1fff217355f674fb56af9a90925720b30430b81dbea4f7e185de99bd925791fc79c82034e950f3e49a2349b7c66b163f8d7575016429184e7e65fa050ef932b0f60ed8d8322e61d7d63cfc7158d782ca29e857a4dda932116375a4ed4f33ae79e867381a5057d9c22b65593e5f2560c5530f94b39ba65fce5f729d2b178fd56143e226b596408e953e113f2bf9b1a58aa8019be737837b5cd143b699da4fca8a89df6eaf6d93a8a366dfa7b5cb9d445db9bb9e057fc53ad8737dd19d776b372ca6e1ba9a2aee5bc538610aa31787d5fa05556bb6b659582a40e85e26a8b81203fd0de53c5237f3bd829f3ae4e212b00d89314b9bd0baef4f02d46633f3c6a5c9ea7e7adbc4fe840e11788a545d91920e41e35848d95172448e5262b44345843b6efcaa3cbfd3de018612854604227dee06942b09476867b47514a6fa4d34642c77e940b7ad1e5376c62eaf4669d18bcb00281a12155cfb22809dbcf8653e650880538a58ad6ff4d6b313b8f147b65ed3e25ef4daa3514debb2b3e21a445e76c1e848b679dd791d6253a5d90dbfdf2e8dc43a834dec0e63bfbde2efe915e7de998761f69fb29e53f729c733426b6b3e1c29c5c6740dec2539f90c8365fde4ed4e96fb478ad43a227311b8a3978acc492f26878074e52422647130bee57dfa36e904f3e2146a4f9eb45c0660a6f8c14a991a66d8f00eaa87b75b9906943b3d2b8e57b8293f8fa42c26865eb6c62634a05a8e4425d4be152a3754c73f1033e722bb9b093a715e98276bb1dfe69bec7359a71376fd5e8ad2a68cfa35d7f3323798257703a280322906c39819f1119b215d76d166e5114f7cb54e1801b11b95c231abca229b7008895752d11b2e4e5086f16a39387148fda4507ab54cd04b48d9b3d79b0292de2a9635e80ffb6ba8855b9e04375e491aa3f5c89cc74eabe806f190259b9c12b57c4de53afbba5448c098b10882df06d449e4afb76dcdb5827619e5278461df16cbe6af509e534be38a5daa415e2bafe331340982e5aee3bb27602d8c124c3c17b474b96076b15cb7972284dfeaa0da1998e6ab70f8129f3bf5c34cd47988164583b74eed96024ed2327f9ae449f5bea904c97c9fa457fb2d315e61463b48de4fc21adb62985f6b569809e1271107bff1cab6c367530f058f54fe7657b5f9b250967d90282c3419ba05e3452156c29f733b21780898fe4de5d740eb47f54c41a90fd48ac6c6a2560fac27d0728e236a74c17acde5a433d07193d5c16066e375301bdba5d78d3a92d56ec6c8b96bc60cda46924aaafdb5f6b8ddea8716ee77")
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$bsg(0xffffff9c, &(0x7f0000000000), 0x161000, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=@ipv4_newrule={0x28, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x28}}, 0x40800)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000), 0x8)
r4 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r4, &(0x7f0000000140)={0x11, 0x3, r2, 0x1, 0x9, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000), 0x8)

1m17.417686433s ago: executing program 1 (id=1988):
syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x28000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x110, &(0x7f0000000400)={0x0, 0xfac6, 0x800, 0x0, 0x287}, &(0x7f0000000240), &(0x7f0000000280))
mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

1m16.91675823s ago: executing program 35 (id=1988):
syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x28000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x110, &(0x7f0000000400)={0x0, 0xfac6, 0x800, 0x0, 0x287}, &(0x7f0000000240), &(0x7f0000000280))
mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

14.059810917s ago: executing program 8 (id=2111):
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1ff, 0x20000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000100000001000000003000000020000000000401102043ad71492c03ea971ca"], 0x0, 0x2b, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000100)={@multicast2, @private=0xa010102}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)="a6e2976b", 0x4, 0x840, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000001280)=@nat={'nat\x00', 0x1b, 0x5, 0x7c8, 0x188, 0x2c8, 0xffffffff, 0x188, 0x2c8, 0x6f8, 0x6f8, 0xffffffff, 0x6f8, 0x6f8, 0x5, &(0x7f0000000180), {[{{@ipv6={@empty, @empty, [0xffffff00, 0x0, 0xff000000, 0xff], [0xffffff00, 0xff, 0xff000000, 0xffffff00], 'geneve1\x00', 'netpci0\x00', {}, {}, 0x0, 0x8, 0x4, 0x18}, 0x0, 0x140, 0x188, 0x0, {}, [@common=@hbh={{0x48}, {0x0, 0x4, 0x0, [0x9, 0x9, 0x8b0, 0x2, 0x2, 0xfff8, 0x4, 0x1, 0x3, 0x1, 0xfff8, 0x6, 0x8, 0x100, 0xe88, 0xcda0], 0x7}}, @common=@inet=@set3={{0x50}, {{0x1, 0x1, 0x2}, {0x1, 0x4}, {0x6, 0x8}, 0x9}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x4, @ipv6=@empty, @ipv6=@loopback, @icmp_id=0x68, @gre_key=0xc}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@inet=@length={{0x28}, {0x7, 0xfffd}}, @common=@hl={{0x28}, {0x0, 0xbb}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x5, @ipv6=@remote, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, @port=0x4e23, @port=0x4e22}}}, {{@uncond, 0x0, 0x318, 0x340, 0x0, {}, [@common=@rt={{0x138}, {0x1, [0xffffff00, 0x17], 0x5f1, 0x10, 0x2, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev={0xfe, 0x80, '\x00', 0x16}, @loopback, @local, @mcast1, @mcast2, @dev={0xfe, 0x80, '\x00', 0x34}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2], 0xe}}, @common=@rt={{0x138}, {0xfffffff9, [0x3, 0x400], 0x10000, 0x8, 0x5, [@private1, @dev={0xfe, 0x80, '\x00', 0x19}, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, @dev={0xfe, 0x80, '\x00', 0xf}, @ipv4={'\x00', '\xff\xff', @multicast1}, @loopback, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private0, @private1, @dev={0xfe, 0x80, '\x00', 0x26}, @remote, @private2={0xfc, 0x2, '\x00', 0x1}, @private2, @mcast1], 0xa}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x3, 0x5}, {0x0, 0x0, 0x5}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x2, @ipv4=@broadcast, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, @icmp_id=0x64, @icmp_id=0x66}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x828)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x1, 0x3, 0x6, 0x448, '\x00', 0x9}, 0x1, [0x7, 0xd5, 0x2, 0xfff, 0x6, 0x6, 0x2, 0x5, 0x2, 0xbd, 0x80000000, 0x102d, 0x8, 0x1, 0x3, 0x1, 0x1, 0x7, 0x6, 0x200, 0x80, 0x7, 0x7, 0x7, 0x8, 0x2, 0x2, 0x7, 0xffffffffffffffff, 0x3, 0x900000001, 0x403, 0x1, 0x4, 0x101, 0x3, 0x5, 0x1, 0x0, 0x6, 0x9, 0x4, 0x8a, 0x50f, 0x9ac2, 0x6fe5, 0xffffffffba36ba5a, 0x4, 0xa, 0x88b, 0x6, 0x4000006, 0x100, 0x403, 0x3, 0xfffffffffffff8f6, 0x4, 0xfffffffffffffff9, 0x0, 0xf9800000, 0x3ff, 0x9, 0x1800000, 0x2, 0x82b, 0x8, 0x5, 0x0, 0x9, 0x2, 0x3ff, 0x100000000000006, 0x2, 0x2f, 0x1, 0x7, 0x40, 0x2, 0x42843379, 0x1, 0x7, 0x200, 0x8077d, 0xb3, 0x5, 0x539, 0x623b, 0x6, 0x0, 0x7, 0x4, 0x200, 0x7, 0x8, 0x0, 0x5, 0x97, 0x8, 0x401, 0x2, 0x2775e12f, 0x680000000000, 0x5, 0x7, 0xe88, 0x80000004, 0x0, 0xfffffffffffffffa, 0x10001, 0x8, 0x8, 0x1000, 0x0, 0x3, 0x8000000000007, 0xfffffffffffff000, 0x6, 0x7ffd, 0xfffffffffffffff7, 0x6, 0x2, 0x8, 0x5, 0x9, 0x4, 0x0, 0x7f, 0xd1]})
add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000001180)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c1286306ff6ee45265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b8da13c4e7bbeedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce070", 0xc2, 0xffffffffffffffff)
r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockopt$sock_buf(r5, 0x1, 0x1c, 0x0, &(0x7f0000000100)=0xa00)

13.046887513s ago: executing program 8 (id=2115):
r0 = epoll_create1(0x80000)
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0))
r2 = socket(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd60e4d70000383a00fe880000000000000000000000000001ff020000000000000000000000000001020090780000000060fd906300003a0000008700000000000000000000000000fec0ffff000000000000ffffac1414aaef9edaaa64947bfe"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESOCT=r5, @ANYBLOB="755b18946957c8ef77cfa07832faa04fad08a9f263ddfbab83fe3410135e1d52733575444e6562344adec33b"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)
recvmmsg$unix(r2, &(0x7f0000000040), 0x4000000000002ac, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107242, 0x99)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x101142, 0x94)
pwrite64(r8, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
fallocate(r8, 0x1, 0x3, 0x80000007f)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6, 0x4, 0x0, 0x0, 0x3})

11.263425781s ago: executing program 3 (id=2117):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000300)=ANY=[@ANYBLOB="020080"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000380)={0x1c, &(0x7f0000000200)=ANY=[@ANYBLOB="2005020000005b70"], 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000d80)={0x84, &(0x7f0000000500)=ANY=[@ANYBLOB="4016040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)

11.160062093s ago: executing program 8 (id=2118):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x4e}]})
bind$bt_hci(r0, 0x0, 0x0)
write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x6)

11.091681494s ago: executing program 8 (id=2119):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7902})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
write$cgroup_devices(r0, &(0x7f0000000080)=ANY=[], 0xffdd)

11.049506605s ago: executing program 7 (id=2120):
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{{@in, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@initdev}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2880714, &(0x7f0000000240)={[{@grpid}, {@orlov}], [{@dont_hash}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@permit_directio}, {@euid_lt={'euid<', r0}}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000000500)=""/173, 0xad)

9.919618013s ago: executing program 7 (id=2122):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0)
syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock2(&(0x7f00004a9000/0x3000)=nil, 0x3000, 0x1)
mlock2(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0)

9.729870306s ago: executing program 8 (id=2123):
r0 = socket$nl_route(0x10, 0x3, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000180)={[0xfffffffffffffe00]}, 0x8, 0xc0800)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0x9}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r4, 0x0, 0x48a, &(0x7f0000000040)={0x2, 0x0, 0x1}, 0xc)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0xe9)
syz_emit_ethernet(0x7e, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080045000070000000000001907864010100ac1414aa0b009078032c00004500000000000000006c000000000000ac1414aa863600000000000d5e000000ff0000000000000512057ebbeb7864328703a813eb09de539100119606053d0006ff00800000b61af93a830700ac1414000000003a423e6d89ef33bc2e29e2c294bd54a294c57343b9334c313e7594b5105f069d9426963004303335d046d2bc0372445d8370bdf66c773283e8a7d0d393ccdfe6980572ad630d"], 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r5, 0xc0d05640, &(0x7f00000000c0)={0xa, @pix={0x0, 0x0, 0x34565348, 0x0, 0x0, 0x0, 0x25}})
pread64(0xffffffffffffffff, 0x0, 0x0, 0xc2a)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, 0xffffffffffffffff, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r7 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000001ac0)={r6, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174ff10000000000000010e200", [0x0, 0x2]}})
ioctl$LOOP_SET_BLOCK_SIZE(r7, 0x4c09, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000500)=[&(0x7f0000454000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil], 0x0, &(0x7f0000000000), 0x2)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x40000)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x58, 0x0, 0x6, 0x0, &(0x7f00000002c0), 0x7fffffff, 0x0, 0x1, {0x1}})
write(r4, &(0x7f0000000240)="9c1467cbfb06d55d1e8106345a6d34a6482be6a4d5b751b0171a37e58e8007a5f5140629a669", 0x26)

8.399255267s ago: executing program 6 (id=2125):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x40, &(0x7f00000000c0)={[{@resuid}, {@bh}, {@resgid}]}, 0x1, 0x509, &(0x7f0000000500)="$eJzs3c9vHFcdAPDvjL2x47q1C5UKCGgohYCi7Nqb1qp6KhcQVJUQFScOrrE3luVdr2WvS20i1f4fkKjEAcGJAycOSBwq5cQRwQ1uuYQDUoAIFCPlsGj2h+PEu7brrHcV7+cjjWbevNn5vpfVvLf52t4XwNC6EhG7EXEpIt6PiKnW+aS1xdvNLbvuwf1bi/v3by0mUa+/96+kUZ+di0OvyTzXuud4RPzgOxE/To7G3dzeWV0ol0sbrXKhVlkvPNzeub5SWVguLZfWisW52bmZN2+8UexZX1+p/O7et1fe+eEnf/jS3b/sfvOnWbMmW3WH+9FLza7nDuJkRiPinfMINgAjrf5cGnRDOJM0Ij4TEa82nv+pGGm8m6fT4bEGAJ4B9fpU1KcOlwGAiy5t5MCSNN/KBUxGmubzzRzeSzGRlqubtWs3q1trS81c2XTk0psr5dJMK1c4HbkkK89+lB0/Khfj8fKNiHgxIn42drlRzi+ePs8AAPTWc0/M//8da87/AMAFN37SBfP9aQcA0D8nzv8AwIVj/geA4WP+B4DhY/4HgOFj/geAYXOnPf+PDLolAEBffP/dd7Otvt/6/uulD7a3VqsfXF8qba7mK1uL+cXqxnp+uVpdLpfyi9XKSfcrV6vrs6/H1oeFWmmzVtjc3pmvVLfWavON7/WeL+X60isA4DgvvnL7b0lE7L51ubHFobUczNVwsaWDbgAwMHL+MLx8CzcML//HB05ay7Prrwh/fIZg9Y/O8CKg165+Xv4fhpX8Pwwv+X8YXvL/MLzq9aTbmv/pwSUAwIUixw/09ef/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEFMNrbpQ+U0zecjno+I6cglN1fKpZmIeCEi/jqWG8vKswNtMQDw9NJ/JK31v65OvTb5ZO2l5H9jjX1E/OQX7/38w4VabWM2O//vg/O1j1vni4NoPwBwkvY83Z7H2x7cv7XY3vrZnnvfai4umsXdb23NmtEYzXZ/Ho9cREz8J2mWW7LPKyM9iL+7FxGf69T/pJEbmW6tfPpk/Cz2832Nnz4WP23UNffZv8Vnj9x5rGvMk9Z6hWFxOxt/3u70/KVxpbEf77j48XhjhHp67fFv/8j4137exxtjTafx78ppY7z+x+92rduL+MJop/jJQfykS/zXThn/zhe//Gq3uvqvIq5G5/iHYxVqlfXC5vbO9ZXKwnJpubRWLM7Nzs28eeONYqGRoy60M9VH/fOtay907f9vIia6xB8/of9fO7bX9YMB+NcP3//RV7rF34v4xlc7v/8vHRM/mxO/fmz8RxYmft91+e4s/lKz/3uf9v2/dsr4d/++s9Th9G9P+XIAoMc2t3dWF8rl0kZPD3LR4xseOkjOqc1nPrjcz6APvhcx+C4/kwfZ5/Gnvc/LrZRZx2v+9MtPXs4qc4PuaU8OBjwwAefu0UM/6JYAAAAAAAAAAAAAAADdnPufE6WD7iEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2f8DAAD//1KSywI=")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7.971524634s ago: executing program 4 (id=2127):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
gettid()
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0x18d, 0x2, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
flistxattr(r0, &(0x7f0000000300)=""/115, 0xb4)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r4, 0x10d, 0x2, &(0x7f0000000000)="f7be50ba7c88a9f911a2d585c715d7f42d186669a854a5519a131cbaae3a9ef466156eb5af5853e3e061c7c39d7df8a52a0883a0c10b467e3f9d7092566853b8d73d398ff643c9de69fae6959a55fdb4c1bba5fb52dfeea10aad0ed7dc42f547f470485d251dcc730f2bb28464359cee8b9c8b1bcdab9df28aeefb1f97feef7222", 0x81)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
fcntl$setstatus(r6, 0x4, 0x0)
fcntl$setstatus(r6, 0x4, 0x42400)
clock_nanosleep(0xfffffffa, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000000000))

6.885077961s ago: executing program 4 (id=2128):
r0 = epoll_create1(0x80000)
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0))
r2 = socket(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000086dd60e4d70000383a00fe880000000000000000000000000001ff020000000000000000000000000001020090780000000060fd906300003a0000008700000000000000000000000000fec0ffff000000000000ffffac1414aaef9edaaa64947bfe"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRESOCT=r5, @ANYBLOB="755b18946957c8ef77cfa07832faa04fad08a9f263ddfbab83fe3410135e1d52733575444e6562344adec33b"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)
recvmmsg$unix(r2, &(0x7f0000000040), 0x4000000000002ac, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107242, 0x99)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x101142, 0x94)
pwrite64(r8, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
fallocate(r8, 0x1, 0x3, 0x80000007f)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6, 0x4, 0x0, 0x0, 0x3})

5.739800009s ago: executing program 4 (id=2129):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x4e}]})
bind$bt_hci(r0, 0x0, 0x0)
write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x6)

5.739614569s ago: executing program 3 (id=2130):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
eventfd2(0x0, 0x80800)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, 0x0)

5.71001829s ago: executing program 6 (id=2131):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00')
r1 = open_tree(r0, &(0x7f00000000c0)='.\x00', 0x9101)
fchdir(r1)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0xfe}]})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000003c0)='./mnt\x00', 0x6)

5.654884501s ago: executing program 4 (id=2132):
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{{@in, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@initdev}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2880714, &(0x7f0000000240)={[{@grpid}, {@orlov}], [{@dont_hash}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@permit_directio}, {@euid_lt={'euid<', r0}}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000000500)=""/173, 0xad)

5.564037022s ago: executing program 7 (id=2133):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000007d40)='./bus\x00', 0x2000000, &(0x7f0000000300)=ANY=[], 0x4, 0x2bf, &(0x7f0000000900)="$eJzs3U9rI2UcB/DfpMkkrmBy8CSCA3rwtGz36iVFdkHsySUH9aDF3QVpgtBCwT8Ye/LqxYMHX4Eg+EK8+A4Er4I3KxRGZjLTJG1Mk9K06n4+l/76zPOd+c3ToZ0e+vTDl0f7j7N4evzFr9HpJNHoRz9OkuhFI2pfxZz+NwEA/Jed5Hn8kU+sk0siorO5tgCADVrx5/8LZ9VPN9IWALBBj9597+2d3d0H72RZJx6Ovj4aFL/ZFx8nx3eexscxjCdxL7pxGlG+KLSifFsoyod5no+bWaEXr43GR4MiOfrg5+r8O79HlPnt6EavHDp72yjzb+0+2M4mZvLjoo871fX7Rf5+dOPFs/Bc/v6CfAzSeP3Vmf7vRjd++Sg+iWE8LpuY5r/czrI382///Pz9or0in4yPBu1y3lS+dcNfGgAAAAAAAAAAAAAAAAAAAAAA/sfuVnvntKPcv6cYqvbf2TotPmlFVuvN788zySf1iWb3B8rzfJzH9/X+OveyLMuridN8M15qRvN27hoAAAAAAAAAAAAAAAAAAAD+XQ4//Wx/bzh8cnAtRb0bQDMi/noUcdXz9GdGXonlk9vVNfeGw0ZVzs9pzo7EVj0niVjaRnET17QslxXPXei5Kn74cd0Tdi6f01p8rSsVdxavYf107e8li9ewHfVIp3pIvksjpnPSWLGN9J8O5bHO45cuPNRde1nS58tivGROJMsae+O3ycpVI8n5u0jLVV0Yb1XFTPzcs7HS8xydSfzi94rEbh0AAAAAAAAAAAAAAAAAALBR07/+XXDweGm0kbc31hYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Kjp//9foxhX4RUmp3FweMu3CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDPg7wAAAP//Ui1bwQ==")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa02000, 0x0, 0x1, 0x0, &(0x7f00000000c0))

5.189068628s ago: executing program 7 (id=2134):
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
rseq(0x0, 0x0, 0x0, 0x0)
llistxattr(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0x10000000})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x7}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", '\x00\x00=*', "1202000000040030"}, 0x38)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e24, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10000}}, 0x0, 0x0, 0x4d, 0x0, "5d9ed5ab7ede1bcf73742bc36c0efe1906cf090045230bc5d9dfea4ffd1e48aaf9a42d97f58da594d5eb926f70f03d2d46f375a6b62ee9d04ac1bf0bef969bcbd8e470061e00"}, 0xd8)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)

5.183775958s ago: executing program 3 (id=2135):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0900000003000000040001000500000000000000", @ANYRES32], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)

4.559373888s ago: executing program 4 (id=2136):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1181, 0x1})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000017c0), 0x2002, 0x0)
fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x211000, &(0x7f00000020c0)=ANY=[], 0x5, 0x151a, &(0x7f0000002c80)="$eJzs3AuYjlXXOPC99t43Y5KeJjkMe+1189BgmyTJISGHJEmSJKeEpEmShMSQU9KQhBwnyWEIyWEak8b5fMg5afJKkyQhIcn+X6r3732/er++93r7Pt/3zvpd177mXnM/az3rnjXPPPd9X9c8X/ccVa9F/drNiEj8S+CXL8lCiBghxDAhxDVCiEAIUSmuUtyl/fkUJP9rT8L+XA+kXekO2JXE88/deP65G88/d+P55248/9yN55+78fxzN54/Y7nZ9jlFr+X1Z6xSea98D//84vv/uRm///8bySk/+fON5a/v9U+k8PxzN55/7sbzz914/rkbzz934/n/+6v1n+zj+eduPH/GcrMrff+Z1//IyvOP9l3p3z/GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY7nDOX+ZFkL8dftK98UYY4wxxhhjjLE/j897pTtgjDHGGGOMMcbYfz8QUiihRSDyiLwiRuQTseIqkV9cLQqIa0REXCvixHWioLheFBKFRRFRVMSLYqK4MAKFFSRCUUKUFFFRSpQWN4gEUUaUFeWEE+VForhRVBA3iYriZlFJ3CIqi1tFFVFVVBPVxW2ihrhd1BS1RG1xh6gj6op6or64UzQQd4mG4m7RSNwjGot7RRNxn2gq7hfNxAOiuXhQtBAPiZbiYdFKtBZtRFvR7p/OF8ktxfOir3hB9BP9RbIYIAaKF8UgMVgMEUPFMPGSGC5eFiPEKyJFjBSjxKtitHhNjBGvi7FinBgv3hATxEQxSUwWU8RUkSreFNPEW2K6eFvMEDPFLDFbpIk5Yq54R8wT88UC8a5YKN4Ti8RisUQsFenifZEhlolM8YFYLj4UWWKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iI7FD7BS7xG6xR+wV+8THYr/4RBwQn4ps8dk/mX/2P+T3AgECJEjQoCEP5IEYiIFYiIX8kB8KQAGIQATiIA4KQkEoBIWgCBSBeIiH4lAcEBAICEpACYhCFEpDaUiABCgLZcGBg0RIhApwE1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24E+6Eu6AhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBJEiCrtAVukE36A7doQf0gJ7QE3pBb+gNz8Pz8AK8AP2hjhwAA2EgDIJBMASGwlB4CYbDy/AyvAIpMBJGwavwKrwGY+AMjIVxMB7GQw05ESbBZCA5FVIhFabBNJgO02EGzISZMBvSYA7MhbkwD+bDfHgXFsJ78B4shsWwFNIhHTJgGWRCJiyHs5AFK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22AYfwUewE3bCbtgNe2EvfAwfwyfwCaRANmTDQTgIh+AQHIbDkAM5cASOwFE4CsfgGByH43ACTsIpOAmnAX59uZ+D83AeLsCz8V8231tmQ4qQl2ipZR6ZR8bIGBkrY2V+mV8WkAW0EELGyThZUBaUhWQhWUQWkfEyXhaXxSVKlCRDWUKWkFEZlaVlaZkgE2RZWVY66WSiTJQVZAVZUVaUleQtsrK8VVaRVWVHV11WlzVkJ1dT1pK1ZW1ZR9aV9WR9WV82kA1kQ9lQNpKNZGPZWDaR98mmcgAMgQfkpcm0kCOhpRwFrWRr2Ua2la/BI7K9HAMdZEfZST4mx8FY6CLbuyT5pOwqJ0E3+bScDM/IHnIq9JTPyV6yt+wjn5d9ZQfXT/aXM2CAHChnwyA5WA6RQ+U8qCsvTayefEWmyJFylHxVLoXX5Bj5uhwrx8nx8g05QU6Uk+RkOUVOlanyTTlNviWny7flDDlTzpKzZZqcI+fKd+Q8OV8ukO/KhfI9uUgulkvkUpku35cZcpnMlB/I5fJDmSVXyJVylVwt18i1cp1cLzfIjXKT3Cy3yK1ym9wuP5I75E65S+6We+ReuU9+LPfLT+QB+anMlp/Jg/Iv8pD8XB6WX8gc+aU8Ir+SR+XX8pj8Rh6X38oT8qQ8Jb+Tp+X38ow8K8/JH+R5+aO8IH+SF6WXQoGSSimtApVH5VUxKp+KVVep/OpqVUBdoyLqWhWnrlMF1fWqkCqsiqiiKl4VU8WVUaisIhWqEqqkiqpSqrS6QSWoMqqsKqecKq8S1Y2qgrpJVVQ3q0rqFlVZ3aqqqKqqmqqublM11O2qpqqlaqs7VB1VV9VT9dWdqoG6SzVUd6tG6h7VWN2rmqj7VFN1v2qmHlDN1YOqhXpItVQPq1aqtWqj2qp26hHVXj2qOqiOqpN6THVWj6su6gmVpJ5UXdVTqpt6WnVXz6ge6lnVUz2neqneqo/6SV1UXvVT/VWyGqAGqhfVIDVYDVFD1TD1khquXlYj1CsqRY1Uo9SrarR6TY1Rr6uxapwar95QE9RENUlNVlPUVJWq3lTT1FtqunpbzVAz1Sw1W6WpOWrIr5UW/Bfy3/qd/BE/P/s2tV19pHaonWqX2q32qL1qn9qn9qv96oA6oLJVtjqoDqpD6pA6rA6rHJWjjqgj6qg6qo6pY+q4Oq5OqJPqB/WdOq2+V2fUWXVW/aDOq/Pqwq8/A6FBS6201oHOo/PqGJ1Px+qrdH59tS6gr9ERfa2O09fpgvp6XUgX1kV0UR2vi+ni2mjUVpMOdQldUkd1KV1a36ATdBldVpfTTpfXifrGfzn/j/prp9vp9rq97qA76E66k+6sO+suuotO0km6q+6qu+luurvurnvoHrqn7ql76V66j+6j++q+up/up5N1sh6oX9SD9GA9RA/Vw/RLergerkfoETpFp+hRepQerUfrMXqMHqvH6vF6vJ6gJ+hJepKeoqfoVJ2qp+lperqermfoGXqWnqXTdJqeq+fqeXqeXqAX6IV6oV6kF+kleolO1+k6Q2foTJ2pl+vlOkuv0Cv0Kr1Kr9Fr9Dq9Tm/QG/QmvUlv0Vt0lt6ut+sdeofepXfpPXqP3qf36f16vz6gD+hsna0P6oP6kD6kD+vDOkfn6CP6iD6qj+pj+pg+ro/rE/qEPqVP6dP6tD6jz+hz+pw+r8/rC/qCvqgvXjrtC2QgAx3oIE+QJ4gJYoLYIDbIH+QPCgQFgkgQCeKCuKBgcH1QKCgcFAmKBvFBsaB4YAIMbEBBGJQISgbRoFRQOrghSAjKBGWDcoELygeJwY1BheCmoGJwc6wQIqgc3BpUCaoG1YLqwW1BjeD2oGZQK6gd3BHUCeoG9YL6wZ1Bg+CuoGFwd9AouCdoHNwbNAnuC5oG9wfNggeC5sGDQYvgoaBl8HDQKmgdtAnaBu1+qR9UCm75E+p7f6bwo66f6W+SzQAz0LxoBpnBZogZaoaZl8xw87IZYV4xKWakGWVeNaPNa2aMed2MNePMePOGmWAmmklmsplipppU86aZZt4y083bZoaZaWaZ2SbNzDFzzTtmnplvFph3zULznllkFpslZqlJN++bDLPMZJoPzHLzockyK8xKs8qsNmvMWrPOrDcbzEazyWw2W8xWs81sNx+ZHWan2WV2mz1mr9lnPjb7zSfmgPnUZJvPzEHzF3PIfG4Omy9MjvnSHDFfmaPma3PMfGOOm2/NCXPSnDLfmdPme3PGnDXnzA/mvPnRXDA/mYvGXzq5v/T2jho15sE8GIMxGIuxmB/zYwEsgBGMYBzGYUEsiIWwEBbBIhiP8Vgci+MlhIQlsARGMYqlsTQmYAKWxbLo0GEiJmIFrIAVsSJWwkpYGStjFayC1bAa3oa34e14O9bCWngH3oF1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgkmYhF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfJmMyDsSBOAgH4RAcgsNwGA7H4TgCR2AKpuAoHIWjcTSOwTE4FsfheHwDJ+BEnISTcQpOxVRMxWk4DafjdJyBM3AWzsI0TMO5OBfn4TxcgAtwIS7ERbgIl+ASTMd0zMAMzMRMXI7LMQuzcCWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4ALMxGw/iQTyEh/AwHsYczMEjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Ds/jj3gBf8KL6DHGShFrr7L57dW2gL3Gxth89m/jIraojbfFbHFrbCFb+O9itNYm2DK2rC1nnS1vE+2Nv4mr2Kq2mq1ub7M17O225m/iBvYu29DebRvZe2x9e+ffxY3tvbaJfcg2tQ/bZra1bW7b2hb2IdvSPmxb2da2jW1rO9vHbRf7hE2yT9qu9qnfxBl2mV1vN9iNdpPdbz+x5+wP9qj92p63P9p+tr8dZl+yw+3LdoR9xabYkb+Jx9s37AQ70U6yk+0UO/U38Sw726bZOXaufcfOs/N/E6fb9+1Cm2kX2cV2iV36c3ypp0z7gV1uP7RZdoVdaVfZ1XaNXWvX/f9eV9ktdqvdZvfZj+0Ou9PusrvtHrv35/jScRywn9ps+5k9Yr+yh+zn9rA9ZnPslz/Hl47vmP3GHrff2hP2pD1lv7On7ff2jD378/FfOvbv7E/2ovVWEJAkRZoCykN5KYbyUSxdRfnpaipA11CErqU4uo4K0vVUiApTESpK8VSMipMhJEtEIZWgkhSlUlSabqAEKkNlqRw5Kk+JdCNVoJuoIt1MlegWqky3UhWqStWoOt1GNeh2qkm1qDbdQXWoLtWj+nQnNaC7qCHdTY3oHmpM91ITuo+a0v3UjB6g5vQgtaCHqCU9TK2oNbWhttSOHqH29Ch1oI7UiR6jzvQ4daEnKImepK70FHWjp6k7PUM96FnqSc9RL+pNfeh56ksvUD/qT8k0gAbSizSIBtMQGkrD6CUaTi/TCHqFUmgkjaJXaTS9RmPodRpL42g8vUETaCJNosk0haZSKr1J0+gtmk5v0wyaSbNoNqXRHJpL79A8mk8L6F1aSO/RIlpMS2gppdP7lEHLKJM+oOX0IWXRClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttNHtIN20i7aTXtoL+2jj2k/fUIH6FPKps/oIP2FDtHndJi+oBz6ko7QV3RUCzpG39Bx+pZO0Ek6Rd/RafqeztBZOkc/0Hn6kS7QT3SR1BkRQihDFeowCPOEecOYMF8YG14V5g+vDguE14SR8NowLrwuLBheHxYKC4dFwqJhfFgsLB6aEEMbUhiGJcKSYTQsFZYObwgTwjJh2bBc6MLyYWJ4Y1ghvCmsGN4cVgpvCSuHt4ZVwqrhQ/dUD28La4S3hzXDWmHt8I6wTlg3rBfWD+8MG4R3hQ3Du8NG4T1hxfDesEl4X9g0vD9sFj4QNg8fDFuED4Utw4fDVmHrsE3YNmwXPhK2Dx8NO4Qdw07hY2Hn8PGwS/hEmBQ+GXYNn/rD/cnhgHBg+GL4Yuj93WpJdGk0Pfp+NCO6LJoZ/SC6PPphNCu6Iroyuiq6Oromuja6Lro+uiG6Mbopujm6Jbo1ui3qff28woGTTjntApfH5XUxLp+LdVe5/O5qV8Bd4yLuWhfnrnMF3fWukCvsiriiLt4Vc8WdceisIxe6Eq6ki7pSrrS7wSW4Mq6sK+ecK+8SXVvXzrVz7d2jroPr6Dq5x9xj7nH3uHvCPeGedF3dU66be9p1d8+4Hu5Z96x7zvVyvV0f97zr615w/Vx/l+yS3UA30A1yg9wQN8QNc8PccDfcjXAjXIpLcaPcKDfajXZj3Bg31o114914N8FNcJPcJDfFTXGpLtVNc9PcdDfdzXAz3Cw3y6W5NDfXzXXz3Dy3wC1wCxMWukVukVvilrh0l+4yXIbLdJluuVvuslyWW+lWutVutVvr1rr1br3b6Da6zW6z2+q2uu1uu5Nih9vldrk9bo/b5/a5/W6/O+AOuGyX7Q66g+6QO+QOuy9cjvvSHXFfuaPua3fMfeOOu2/dCXfSnXLfudPue3fGnXXn3A/uvPvRXXA/uYvOu9TIm5Fpkbci0yNvR2ZEZkZmRWZH0iJzInMj70TmReZHFkTejSyMvBdZFFkcWRJZGkmPvB/JiCyLZEY+iCyPfBjJiqyIrIysiqyOiIj3xXaEvoQv6aO+lC/tb/AJvowv68t558v7RH+jr+Bv8hX9zb6Sv8VX9rf6Kr6qr+Yf9q18a9/Gt/Xt/CO+vX/Ud/AdfSf/mO/sH/dd/BM+yT/pu/qnfDf/tO/un/E9/LO+p3/O9/K9fR//vO/rX/D9fH+f7Af4gf5FP8gP9kP8UD/Mv+SH+5f9CP+KT/Ej/Sj/qh/tX/Nj/Ot+rB/nx/s3/AQ/0U/yk/0UP9Wn+jf9NP+Wn+7f9jP8TD/Lz/Zpfo6f69/x8/x8v8C/6xf69/wiv9gv8Ut9un/fZ/hlPtN/4Jf7D32WX+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u//I7/A7/S6/2+/xe/2+X+5IxQr/qc/2n/mD/i/+kP/cH/Zf+Bz/pT/iv/JH/df+mP/GH/ff+hP+pD/lv/On/ff+jD/rz/kf/Hn/o7/gf/LPnuD/WWOMMcYY+69Qf7B/wO98T/66LhkohLh6Z9Gc/1hzc6FftgfL+M4RIcST/Xs+8NdVp05ycvKvj81SIii5WAgRuZyfR/xNnNxJPC6SREdR4Xf7Gyx7n6c/qB+95dJJ5mUx4nK8Qvy1/k3/oP4jj43PqByei/tP6i8WIqHk5Zx84nJ8uX7Ff1C/cPs/6D/f56lCdPibnPzicny5fqJ4VDwlkv7ukYwxxhhjjDHG2C8Gy2rd//76U/3u9Xm8vpyTV/wc//zJAZevP3//+pwxxhhjjDHGGGNX3jO9+zzxSFJSx+7/RzZifu37f0s/vPFvugH/R18gf9rGFfyjxBhjjDHGGPtvcfmk/0p3whhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5V7/Ex8ndqWPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLvS/l8AAAD//+BwJXk=")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0xfff})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x800000000003)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x90a495, &(0x7f00000002c0)={[], [{@smackfsroot={'smackfsroot', 0x3d, '/dev/kvM\x00w\xb1\xe5\xafC\xe9\x84\x01\x97\x98\x95BR\xedh*\xff\xb9k\xd7L\xd7\'K\x18\x7f:X\x1a\xb1\x7f\\\v\xc1\x02\x86~\x87\xf0F\x96o9\xfe\x91\xcf\xaa/\xe5\x96\xbd2\xb4\x17\x05\xec\x03\xe6j]\xb6sV\x9a\x95k\xe5%O\xe0\x13`\xbd\x8b\x91z\x10\x0fZ%\xf8!\x12\x1e\xba\xa5\x14b\xd7\x18\xd0\xa7\xfeq\xcf\xf1W\x81\xea\xda\xc4@\xbd\x84\x81\xf8\x84\x0f\x99^\x8fb\xe0\xd3}\xcf.I\xfdn\x1a\x1f=\x0f\xb1\x81\xc7n\xf3\xc3\xc6\xc9$\x18f.\xc4\x8d\x00\xb1\xa5\xae\x87\x16*\xda\xa7\x1b\b\x94\x88\xda\xb3\x9a\x8e@b\xc6\xd7\x0f\n=\x8bO\xb0\xff+s\xcd~4<^:2\x95\x82\xfdLq\xac\vyi\xb0\xc5\x88\xaf\x97[~\xb9cP\xd1X\x99\f(&\x9bQ\xe6\xfc|\f\x14\v\x18@\xf7\xea\xd7\x1f\xb6\xf7\xfe\xe5\x9c'}}, {@mask={'mask', 0x3d, 'MAY_READ'}}]}, 0x6, 0x510, &(0x7f0000002740)="$eJzs3c9vHFcdAPDvrHdbuzGsWziUSrShTeUiyNqu+8PiUBoJ6KkSotwdY68ty2tvZK/b2IrIRvwBARQBEidOXJD4A5AgfwJCigS3nEEROOTABS2a2d3YXu8aG6+9xP58pJd5855nvt+3P+ftjDIBXFiXI+LDiBiKiDcjothqz7VK1Jsl/bvHO7fm05JEo/HJ35NIWm2d+7zU2iz1vY8ifpAcjLuxtb0yV6mU1/c3b19dXp1bKi+V16anp96beX/m3ZnJI44kyR/WOxoRH3zryc/u/vo7H/z+6589nP3bWz9M07re6u82jn5oDr0Qw+2G+mlEGZz0dZPPRggAwLPgSkS8FBGvR8RXoxhDcehhNAAAAPAManxz9Pl2FQAAADifctm1sUmulF3vm4/RyOVKpeY1vF+MF3KV6kbta4vVzbWF5jW0Y1HILS5XypOta4XHopCk61NZfXf97Y716Yh4MSLuFUfS9awPAAAAOBuX9s3/I54Um/N/AAAA4JxxMh4AAADOvyPO//9w2nkAAAAAp8f5fwAAADjXvvvxx2lpPN65ld0HYOHTrc2V6qdXF8obK6XVzfnSfHX9RmmpWl2qlEtD7a163+25Uq3eeCfWNm9O1PIbtYmNre3Z1ermWm02u6/3bPmlMxoXAAAAsOvF1+7/JYmI+jdGspJ6rtXXe5YPXDBJvqPh+lcGlAnQF0PH3eDy5ukkApy5zu904OIwxweSzoaOA4PhrOXuTw5s+Mfjx3LMAQAAgzH+Jef/4aLKDToBYGB+POgEgIHJO8yHC6tw/CsAgXPmo//SP9yr48jn/xuNYyUEAAD03WhzUY/WucDRyOVKpaenBZPF5Up5MiI+HxF/LhaeT9enBpgvAAAAAAAAAAAAAAAAAAAAAAAAADyLGo0kGgAAAMC5FpH7axIRaRkvXhnt/H3gueRfxWwZEZ/98pOf35yr1dan0vZ/PG2v/aLV/vYxfnZwOzAAAAA4gcKhve15enseDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD99Hjn1ny7nGXcR9diJMa6xc/HcLYcjkJEvPDPJPJ7tksiYqgP8et3IuLlbvGTNK0Ya2XRGT8XESMDjn+pD/HhIrt/LSI+7Pb+y8XlbNn9/ZdvlZN6dC17k3eN3/78G+rx+fe5I8Z45cFvJzrbfjTcin8n4pV898+fdvykR/w3egUs7F+9/v3t7V5/2vhVxHjX759kX6yJ2uqNiY2t7avLq3NL5aXy2vT01Hsz78+8OzM5sbhcKbf+7Rrjp1/+Xf1ej/iP7uSy5d747XGONTO83Wv8V3oNqsO/H9zc+UKzWjgYP+KtN7o//y9ny+6Pf/qaeLP1PZD2j7fr9WZ9r1d/86dXe+WWxl/o8fg3n/9io9f4j+jAmHfdPvpeAIC+2djaXpmrVMrrZ1B5/Z3+7TA5o5xVelSG/z/SOOvKt0+2eZTX24fDJ9nPw7TSSPowrnTOkCXWOqLfkyoAAHDO7M4HBp0JAAAAAAAAAAAAAAAAAAAAXFz/038e9trxtuqMWR/MUAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADvWfAAAA//98Ecuy")
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.518737198s ago: executing program 6 (id=2137):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(0x0, 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x80000000, 0x482)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000200)={0x9, 0x3, 0x20204})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x800008, 0xfe})
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b30, &(0x7f0000000040)={'wlan0\x00'})
connect$inet6(0xffffffffffffffff, &(0x7f0000000a40)={0xa, 0x4e22, 0x7fff, @remote, 0x9}, 0x1c)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000280)=0x1, 0x4)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r6=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, 0x0, 0x0)
bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x5, r6, 0x39, r4}, 0x10)
recvmmsg(r4, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x200}], 0x2, 0x160, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x953a, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x58c}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x6, 0x141102)
fcntl$setstatus(r7, 0x4, 0x42c00)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESDEC=r2, @ANYBLOB="7e4fe2bbc1089816d6195fdc7aa6285a86ef5a4c1c90bb5c0e4d40bbac0a07eba7ee3105910f016a43f8db75f30869d6a9acb9ef2251c7bc9d3fe7814d64dba0f88a7e1de5ba439daf507244abda4ab144cf8b2a66c8b0feb60029906158a0a97a4d40a8ee02", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="010000000100"/28], 0x50)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000080)={0xb, 0x8169, 0x6})
close_range(r0, 0xffffffffffffffff, 0x0)

3.233490029s ago: executing program 7 (id=2138):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x401, 0x15f800c9, 0x0, {0x5}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e23}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040804}, 0x0)

3.079199731s ago: executing program 7 (id=2139):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x41, 0x3, 0x3, '\x00', 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.978238323s ago: executing program 3 (id=2140):
landlock_restrict_self(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x7}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", '\x00\x00=*', "1202000000040030"}, 0x38)

2.975247053s ago: executing program 6 (id=2141):
writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000080)="76e5eac907f9ccf7a251ceddcec7d6aa45cffe2c63a56077123a276d3ba4e9d17eb3eb5db12a3783a8e0620d357de1fe04fa9465b5", 0x35}], 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
fsopen(&(0x7f0000000080)='proc\x00', 0x0)

2.775968886s ago: executing program 6 (id=2142):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x4e}]})
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, 0x0, 0x6)

1.869794s ago: executing program 3 (id=2143):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$unix(0x1, 0x1, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
preadv(r3, &(0x7f0000000600)=[{0x0}, {0x0}, {&(0x7f0000000880)=""/214, 0xd6}], 0x3, 0x6c, 0x0)

1.25246831s ago: executing program 8 (id=2144):
r0 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
lstat(0x0, 0x0)
close(0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
sched_setattr(r3, 0x0, 0x0)
setrlimit(0xf, 0x0)
gettid()
r4 = openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[0x0], 0x0, 0x0, 0x0, 0x1})
r5 = syz_open_dev$dri(&(0x7f0000000200), 0x0, 0x600)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r5, 0xc00464be, &(0x7f0000000300))
syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000000)=ANY=[], 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000540)={0x2, 0x0, &(0x7f00000002c0)=[0x0, <r6=>0x0]})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000580)={&(0x7f00000001c0), &(0x7f0000000380)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0], 0x6, 0x3, 0x0, 0x0, r6})
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000040)=ANY=[@ANYBLOB="2b72646d61208b70327e6a5c37489d0f2143331ea0d6c51337d71bb8cea204a286073dacb92efdd742000efa14166d2c5f94"], 0x6)

1.176477022s ago: executing program 6 (id=2145):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0)
io_uring_setup(0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
write$cgroup_devices(r4, &(0x7f0000000000)={'a', ' *:* ', 'w\x00'}, 0x8)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_SECURITY_KEY(r5, 0x110, 0x1, &(0x7f0000000080)='[\x00', 0x2)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e"], 0x6c}}, 0x0)

879.114886ms ago: executing program 4 (id=2146):
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{{@in, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@initdev}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe8)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2880714, &(0x7f0000000240)={[{@grpid}, {@orlov}], [{@dont_hash}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@permit_directio}, {@euid_lt={'euid<', r0}}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000000500)=""/173, 0xad)

0s ago: executing program 3 (id=2147):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x10405, &(0x7f00000002c0)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@grpjquota_path={'grpjquota', 0x3d, './file2'}}, {@noauto_da_alloc}, {@quota}]}, 0x3, 0x434, &(0x7f0000000d80)="$eJzs3M9rHFUcAPDv7CaN6Q8TS/3RtGq0iEExadJae/BSUPCgIOihHmOSltBtI00EW4JGkXqUgnfxKPgXeNKLoCfBq96lUCSXVk8rszuT7G52t0m6yabdzwem+97MW9777szbffNeJwH0rNH0nyTiYET8GRFD1Wx9gdHqy93V5Zl/V5dnkiiX3/snqZS7s7o8kxfN33cgz/RFFL5M4liTehevXb80XSrNXc3yE0uXP5pYvHb9lfnL0xfnLs5dmTp79vSpydfOTL3akTjTuO6MfLpw/OhbH9x8Z+b8zQ9//SHJ42+Io0NG2x18oVzucHXddagmnfR1sSFsSbHaTaO/0v+HohjrJ28o3vyiq40DdlS5XC4/0frwShl4iCXR7RYA3ZH/0Kf3v/m2S0OPPeH2ueoNUBr33WyrHumLQlamv+H+tpNGI+L8yn/fplvszDwEAECdn84NVF43jv8KUTsv9Gi2hjIcEY9FxOGIOBMRRyLi8YhK2Scj4qkt1t+4SLJx/FO4tY2wNi0d/72erW3Vj//y0V8MF7PcoUr8/cmF+dLcyewzGYv+gTQ/2aaOn9/44+tWx2rHf+mW1p+PBbN23OobqH/P7PTS9P3EXOv25xEjfc3iT9ZWApKIOBoRI9usY/6l74+3Onbv+NvowDpT+buIF6vnfyUa4s8l7dcnJx6J0tzJifyq2Oi332+826r++4q/A9Lzv7/p9b8W/3BSu167uPU6bvz1Vct7mu1e//uS9+v2fTK9tHR1MmJf8na10bX7pxrKTa2XT+MfO9G8/x+O9U/iWESkF/HTEfFMRDybtf25iHg+Ik60ib/Y5theOP+zWzr/64l90bineaJ46Zcf6yod3kr86fk/XUmNZXuy77+BdnFtpl3bu5oBAADgwVOIiIORFMbX0oXC+Hj1//Afif2F0sLi0ssXFj6+Mlt9RmA4+gv5TNdQzXzoZHZbn+enGvKnsnnjb4qDlfz4zEJpttvBQ4870KL/p/5uN3EJPBw8rwW9S/+H3qX/Q+/S/6F3Nen/g91oB7D7mv3+f9aFdgC7r6H/W/aDHuL+H3qX/g+9S/+HnrQ4GPd+SF5i84nBTf/pgQc8EYU90QyJHUp0+5sJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgM/4PAAD//6tp5F4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
write$binfmt_elf64(r0, 0x0, 0x5b0)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 USB device number 53 using dummy_hcd
[  671.907914][ T5524] vhci_hcd: vhci_device speed not set
[  672.087860][ T4237] usb 1-1: Using ep0 maxpacket: 16
[  672.943134][ T4237] usb 1-1: unable to read config index 0 descriptor/start: -61
[  672.956386][ T4237] usb 1-1: can't read configurations, error -61
[  673.019243][ T9671] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  673.104008][ T9671] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[  673.300171][ T4237] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  673.316643][ T9678] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1534'.
[  673.325844][ T9678] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1534'.
[  673.427431][ T1325] usb 6-1: new low-speed USB device number 50 using dummy_hcd
[  673.834166][ T4237] usb 1-1: Using ep0 maxpacket: 16
[  674.116572][ T1325] usb 6-1: config index 0 descriptor too short (expected 1307, got 27)
[  674.162557][ T1325] usb 6-1: config 0 has an invalid interface number: 0 but max is -1
[  674.411232][ T4237] usb 1-1: unable to read config index 0 descriptor/start: -61
[  674.419062][ T4237] usb 1-1: can't read configurations, error -61
[  674.425523][ T4237] usb usb1-port1: attempt power cycle
[  674.594426][ T1325] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0
[  674.604737][ T1325] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  674.624432][ T1325] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  674.641586][ T1325] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  674.987445][ T1325] usb 6-1: string descriptor 0 read error: -22
[  674.996982][ T1325] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  675.015829][ T1325] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  676.078441][ T1325] usb 6-1: config 0 descriptor??
[  676.118275][ T1325] hub 6-1:0.0: bad descriptor, ignoring hub
[  676.134045][ T1325] hub: probe of 6-1:0.0 failed with error -5
[  676.191889][ T9713] netlink: 'syz.1.1546': attribute type 1 has an invalid length.
[  676.201818][ T1325] usb 6-1: USB disconnect, device number 50
[  676.208136][ T9713] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1546'.
[  676.468062][ T4907] vhci_hcd: vhci_device speed not set
[  677.374187][ T1325] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  678.297420][ T1325] usb 6-1: Using ep0 maxpacket: 16
[  678.433572][ T9738] vivid-001: disconnect
[  678.444235][ T9738] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1554'.
[  678.457616][ T1325] usb 6-1: unable to read config index 0 descriptor/start: -61
[  678.493682][ T1325] usb 6-1: can't read configurations, error -61
[  678.677650][ T1325] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  679.141680][ T9746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1557'.
[  679.177447][ T1325] usb 6-1: Using ep0 maxpacket: 16
[  679.225863][ T9746] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1557'.
[  679.259863][ T9746] device batadv1 entered promiscuous mode
[  679.378587][ T1325] usb 6-1: unable to read config index 0 descriptor/start: -61
[  679.665202][ T9736] vivid-001: reconnect
[  679.687373][ T1325] usb 6-1: can't read configurations, error -61
[  679.694324][ T1325] usb usb6-port1: attempt power cycle
[  680.244052][ T9766] netlink: 'syz.5.1566': attribute type 21 has an invalid length.
[  680.252184][ T9766] netlink: 156 bytes leftover after parsing attributes in process `syz.5.1566'.
[  683.918055][ T9786] ALSA: mixer_oss: invalid OSS volume 'u'
[  684.883285][ T4237] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  685.749892][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  685.907696][ T4237] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  685.945790][ T4237] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  686.124057][ T4237] usb 2-1: config 0 descriptor??
[  686.890718][ T4237] ath6kl: Failed to submit usb control message: -71
[  686.900435][ T4237] ath6kl: unable to send the bmi data to the device: -71
[  686.915547][ T4237] ath6kl: Unable to send get target info: -71
[  686.924483][ T4237] ath6kl: Failed to init ath6kl core: -71
[  687.162496][ T4237] ath6kl_usb: probe of 2-1:0.0 failed with error -71
[  687.251108][ T4237] usb 2-1: USB disconnect, device number 53
[  688.175153][ T9834] loop1: detected capacity change from 0 to 128
[  688.633138][ T9844] fuse: Unknown parameter '000000000000000000000100x0000000000000009'
[  689.655469][ T9834] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  689.709838][ T9847] vivid-002: disconnect
[  689.920896][ T9847] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1588'.
[  690.009574][ T9852] loop1: detected capacity change from 0 to 1024
[  690.093781][ T9852] EXT4-fs (loop1): Ignoring removed nobh option
[  690.143714][ T9836] vivid-002: reconnect
[  690.155424][ T9852] EXT4-fs (loop1): Ignoring removed bh option
[  690.808289][ T9852] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,bsdgroups,barrier=0x0000000000000001,usrjquota=,max_dir_size_kb=0x00000000004007b1,data_err=ignore,errors=remount-ro,nobh,bh,usrquota,abort,. Quota mode: writeback.
[  691.740689][ T9230] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  692.084436][ T9880] loop5: detected capacity change from 0 to 128
[  692.387992][ T9230] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  693.022916][ T9872] ceph: No mds server is up or the cluster is laggy
[  693.084661][ T9230] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.115865][ T9230] usb 5-1: config 0 descriptor??
[  693.132451][ T4907] libceph: connect (1)[c::]:6789 error -101
[  693.147979][ T9886] loop3: detected capacity change from 0 to 1024
[  693.165118][ T4907] libceph: mon0 (1)[c::]:6789 connect error
[  693.424975][ T5271] hfsplus: b-tree write err: -5, ino 4
[  693.474644][ T9601] usb 2-1: new full-speed USB device number 54 using dummy_hcd
[  693.685368][ T9895] vivid-002: disconnect
[  693.719874][ T9895] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1604'.
[  693.859431][ T9230] ath6kl: Failed to submit usb control message: -71
[  693.870046][ T9230] ath6kl: unable to send the bmi data to the device: -71
[  693.878051][ T9601] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  693.888375][ T9601] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  693.897836][ T9230] ath6kl: Unable to send get target info: -71
[  693.922349][ T9230] ath6kl: Failed to init ath6kl core: -71
[  693.937434][ T6555] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  694.038549][ T9601] usb 2-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[  694.068880][ T9601] usb 2-1: New USB device strings: Mfr=8, Product=0, SerialNumber=3
[  694.227768][ T6555] usb 6-1: Using ep0 maxpacket: 8
[  694.517750][ T6555] usb 6-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  694.530603][ T6555] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.540461][ T9890] vivid-002: reconnect
[  694.543679][ T6555] usb 6-1: Product: syz
[  694.547774][ T9601] usb 2-1: Manufacturer: syz
[  694.554107][ T6555] usb 6-1: Manufacturer: syz
[  694.558526][ T9601] usb 2-1: SerialNumber: syz
[  694.558821][ T6555] usb 6-1: SerialNumber: syz
[  694.576180][ T9601] usb 2-1: config 0 descriptor??
[  694.578816][ T6555] usb 6-1: config 0 descriptor??
[  694.619629][ T6555] radio-usb-si4713 6-1:0.0: Si4713 development board discovered: (10C4:8244)
[  694.629472][ T9230] ath6kl_usb: probe of 5-1:0.0 failed with error -71
[  694.687393][ T9230] usb 5-1: USB disconnect, device number 52
[  695.028561][ T9893] udc-core: couldn't find an available UDC or it's busy
[  695.137828][ T9893] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  696.457449][ T6555] radio-usb-si4713: probe of 6-1:0.0 failed with error -32
[  696.477747][ T6555] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  696.495766][ T9932] loop4: detected capacity change from 0 to 256
[  696.630160][ T9932] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  697.957355][ T4237] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  697.997304][ T4208] Bluetooth: hci0: command 0x0401 tx timeout
[  698.039861][ T9945] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1618'.
[  698.048938][ T9945] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1618'.
[  698.369401][ T4208] usb 6-1: USB disconnect, device number 54
[  698.377697][ T4237] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  698.437993][ T4237] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.468871][ T4237] usb 1-1: config 0 descriptor??
[  700.119478][ T9230] Bluetooth: hci0: command 0x0c1a tx timeout
[  700.147690][ T4237] ath6kl: Failed to submit usb control message: -110
[  700.174861][ T4237] ath6kl: unable to send the bmi data to the device: -110
[  700.212057][ T4237] ath6kl: Unable to send get target info: -110
[  700.328983][ T4237] ath6kl: Failed to init ath6kl core: -110
[  700.462844][ T9601] usb 2-1: USB disconnect, device number 54
[  700.466565][ T9965] loop5: detected capacity change from 0 to 256
[  700.507983][ T4237] ath6kl_usb: probe of 1-1:0.0 failed with error -110
[  700.547347][ T4237] usb 1-1: USB disconnect, device number 56
[  700.573371][ T9965] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  700.608525][ T9965] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  700.635870][   T26] audit: type=1326 audit(1743726341.582:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9966 comm="syz.1.1626" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc2bf93b169 code=0x0
[  700.696396][ T9965] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  700.967382][ T4208] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  701.123058][ T9979] loop0: detected capacity change from 0 to 256
[  701.230558][ T9980] loop5: detected capacity change from 0 to 512
[  701.253007][ T9979] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  701.378141][ T4208] usb 5-1: config 0 has no interfaces?
[  701.404782][ T9980] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  701.417491][ T9980] ext4 filesystem being mounted at /204/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  701.551270][ T9988] loop1: detected capacity change from 0 to 512
[  701.558845][ T4208] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  701.584566][ T4208] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.598729][ T4208] usb 5-1: Product: syz
[  701.606658][ T4208] usb 5-1: Manufacturer: syz
[  701.612649][ T4208] usb 5-1: SerialNumber: syz
[  701.640878][ T4208] usb 5-1: config 0 descriptor??
[  701.653677][ T9988] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  701.780895][ T9988] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2219: inode #15: comm syz.1.1631: corrupted in-inode xattr
[  701.940479][ T9988] EXT4-fs (loop1): Remounting filesystem read-only
[  701.948378][ T9988] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.1631: couldn't read orphan inode 15 (err -117)
[  702.052620][ T9988] EXT4-fs (loop1): Remounting filesystem read-only
[  702.317866][ T9996] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1632'.
[  702.326875][ T9996] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1632'.
[  702.430387][ T9988] EXT4-fs (loop1): mounted filesystem without journal. Opts: prjquota,noload,errors=remount-ro,resgid=0x000000000000ee00,min_batch_time=0x0000000000000005,usrjquota=,nombcache,noquota,grpquota,norecovery,. Quota mode: writeback.
[  703.421705][T10015] loop0: detected capacity change from 0 to 1024
[  703.530764][T10018] kvm: emulating exchange as write
[  703.663108][T10015] EXT4-fs (loop0): Ignoring removed oldalloc option
[  703.695604][T10015] EXT4-fs (loop0): Ignoring removed nobh option
[  703.729545][T10015] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  703.895979][T10015] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,usrjquota=,nobarrier,dioread_lock,nodioread_nolock,max_dir_size_kb=0x00000000004007b1,oldalloc,grpquota,nobh,delalloc,resgid=0x0000000000000000,dioread_nolock,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: writeback.
[  703.924957][ T4208] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  704.126885][ T9601] usb 5-1: USB disconnect, device number 53
[  704.174961][   T26] audit: type=1326 audit(1743726345.122:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23c84f6169 code=0x7ffc0000
[  704.198425][T10015] EXT4-fs (loop0): shut down requested (1)
[  704.718978][ T4208] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  704.956225][ T4208] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  705.073816][   T26] audit: type=1326 audit(1743726345.202:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f23c84f6169 code=0x7ffc0000
[  705.327413][T10039] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1645'.
[  705.336501][T10039] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1645'.
[  705.563838][   T26] audit: type=1326 audit(1743726345.872:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23c84f6169 code=0x7ffc0000
[  705.588700][ T4208] usb 4-1: config 0 descriptor??
[  705.750308][   T26] audit: type=1326 audit(1743726345.872:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23c84f6169 code=0x7ffc0000
[  705.845808][T10044] loop5: detected capacity change from 0 to 512
[  705.861447][   T26] audit: type=1326 audit(1743726346.022:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  705.953994][T10047] kvm: pic: single mode not supported
[  705.954572][T10047] kvm: pic: single mode not supported
[  705.962100][T10047] kvm: pic: single mode not supported
[  705.967735][T10047] kvm: pic: level sensitive irq not supported
[  705.974382][T10047] kvm: pic: level sensitive irq not supported
[  705.982403][T10047] kvm: pic: single mode not supported
[  705.988827][T10047] kvm: pic: level sensitive irq not supported
[  705.994635][T10047] kvm: pic: level sensitive irq not supported
[  706.001130][T10047] kvm: pic: level sensitive irq not supported
[  706.007953][T10047] kvm: pic: single mode not supported
[  706.015657][T10047] kvm: pic: single mode not supported
[  706.021142][T10047] kvm: pic: level sensitive irq not supported
[  706.028413][T10047] kvm: pic: single mode not supported
[  706.034509][T10047] kvm: pic: level sensitive irq not supported
[  706.046216][   T26] audit: type=1326 audit(1743726346.022:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  706.089777][   T26] audit: type=1326 audit(1743726346.022:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  706.385899][T10044] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  706.416236][   T26] audit: type=1326 audit(1743726346.022:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  706.439328][   T26] audit: type=1326 audit(1743726346.022:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  706.461673][   T26] audit: type=1326 audit(1743726346.022:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  706.495358][   T26] audit: type=1326 audit(1743726346.022:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  706.513021][T10044] ext4 filesystem being mounted at /211/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  706.557890][   T26] audit: type=1326 audit(1743726346.022:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  706.589022][ T4208] ath6kl: Failed to submit usb control message: -71
[  706.600261][ T4208] ath6kl: unable to send the bmi data to the device: -71
[  706.630262][ T4208] ath6kl: Unable to send get target info: -71
[  706.649540][T10058] loop1: detected capacity change from 0 to 512
[  706.670375][ T4208] ath6kl: Failed to init ath6kl core: -71
[  706.676299][   T26] audit: type=1326 audit(1743726346.022:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10028 comm="syz.4.1644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f23c8492359 code=0x7ffc0000
[  706.838019][ T4208] ath6kl_usb: probe of 4-1:0.0 failed with error -71
[  707.317895][T10058] EXT4-fs (loop1): Ignoring removed nobh option
[  707.349486][T10058] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  707.666221][ T4208] usb 4-1: USB disconnect, device number 47
[  707.742713][T10058] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1651: invalid indirect mapped block 256 (level 2)
[  707.811638][T10058] EXT4-fs (loop1): 2 truncates cleaned up
[  707.818972][T10058] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,nojournal_checksum,dioread_nolock,bsdgroups,,errors=continue. Quota mode: writeback.
[  709.850993][T10085] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1659'.
[  709.860036][T10085] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1659'.
[  710.027375][ T4237] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  710.036654][T10096] loop1: detected capacity change from 0 to 256
[  711.047431][T10096] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  711.068649][T10096] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  711.142385][T10096] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  711.203673][T10096] exFAT-fs (loop1): failed to exfat_utf8_to_utf16 (estr:ENAMETOOLONG) nls len : 501, unilen : 257 > 255
[  711.382398][T10104] loop3: detected capacity change from 0 to 512
[  711.399817][ T4237] usb 6-1: config 0 has no interfaces?
[  711.487488][T10104] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  711.602998][T10108] loop1: detected capacity change from 0 to 1024
[  711.654084][T10108] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  711.695616][T10104] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  711.761178][T10104] EXT4-fs (loop3): orphan cleanup on readonly fs
[  711.780484][T10108] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,noquota,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  711.850398][T10104] EXT4-fs warning (device loop3): ext4_enable_quotas:6432: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  712.089958][T10104] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  712.105587][T10104] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #13: comm syz.3.1665: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  712.471127][T10104] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1665: couldn't read orphan inode 13 (err -117)
[  712.513342][   T26] kauditd_printk_skb: 59 callbacks suppressed
[  712.513361][   T26] audit: type=1800 audit(1743726353.462:94): pid=10108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1667" name="file1" dev="loop1" ino=15 res=0 errno=0
[  712.547949][T10104] EXT4-fs (loop3): mounted filesystem without journal. Opts: noquota,noblock_validity,jqfmt=vfsv0,grpquota,debug,debug,grpid,,errors=continue. Quota mode: writeback.
[  712.670638][   T26] audit: type=1800 audit(1743726353.512:95): pid=10108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1667" name="file1" dev="loop1" ino=15 res=0 errno=0
[  712.937516][ T9230] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  713.267731][ T9230] usb 4-1: Using ep0 maxpacket: 32
[  713.357718][ T4237] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  713.366848][ T4237] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  713.407468][ T9230] usb 4-1: config index 0 descriptor too short (expected 26980, got 36)
[  713.492859][ T9230] usb 4-1: config 121 has too many interfaces: 116, using maximum allowed: 32
[  713.529264][ T4237] usb 6-1: Product: syz
[  713.534719][ T9230] usb 4-1: config 121 has an invalid descriptor of length 102, skipping remainder of the config
[  714.384728][ T4237] usb 6-1: config 0 descriptor??
[  714.398019][ T9230] usb 4-1: config 121 has 0 interfaces, different from the descriptor's value: 116
[  714.407725][ T9230] usb 4-1: New USB device found, idVendor=056a, idProduct=00b7, bcdDevice= 0.00
[  714.416784][ T9230] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  714.425052][ T4237] usb 6-1: can't set config #0, error -71
[  714.573784][T10141] loop5: detected capacity change from 0 to 512
[  714.660804][ T4237] usb 6-1: USB disconnect, device number 55
[  714.677454][ T9230] usb 4-1: can't set config #121, error -71
[  714.692480][T10141] EXT4-fs (loop5): Ignoring removed orlov option
[  714.704664][T10141] EXT4-fs (loop5): can't mount with journal_async_commit, fs mounted w/o journal
[  714.734243][ T9230] usb 4-1: USB disconnect, device number 48
[  715.433744][T10146] loop1: detected capacity change from 0 to 2048
[  715.830768][T10146] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  716.302479][T10150] loop3: detected capacity change from 0 to 16
[  716.389673][ T4324] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  716.393170][T10150] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 16700)
[  716.428914][   T26] audit: type=1326 audit(1743726357.382:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10145 comm="syz.1.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  716.483412][   T26] audit: type=1326 audit(1743726357.402:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10145 comm="syz.1.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  717.074285][ T4324] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 70 with error 28
[  719.000074][ T4324] EXT4-fs (loop1): This should not happen!! Data will be lost
[  719.000074][ T4324] 
[  719.017809][ T4324] EXT4-fs (loop1): Total free blocks count 0
[  719.024053][ T4324] EXT4-fs (loop1): Free/Dirty block details
[  719.163061][ T4324] EXT4-fs (loop1): free_blocks=2415919104
[  719.193483][ T4324] EXT4-fs (loop1): dirty_blocks=192
[  719.207028][ T4324] EXT4-fs (loop1): Block reservation details
[  719.232110][ T4324] EXT4-fs (loop1): i_reserved_data_blocks=12
[  719.440607][ T9230] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  719.626651][ T9230] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  719.787349][ T5524] usb 1-1: new full-speed USB device number 57 using dummy_hcd
[  719.885886][ T6555] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  719.967516][T10191] loop4: detected capacity change from 0 to 512
[  720.146357][T10191] EXT4-fs (loop4): Unrecognized mount option "defcontext=sysadm_u" or missing value
[  720.288928][ T6555] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  720.744997][ T6555] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.933011][ T6555] usb 2-1: config 0 descriptor??
[  720.987610][ T5524] usb 1-1: config 0 has no interfaces?
[  721.187881][ T5524] usb 1-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=87.c0
[  721.263718][ T5524] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  721.351751][ T5524] usb 1-1: Product: syz
[  721.399753][ T5524] usb 1-1: Manufacturer: syz
[  722.546174][ T5524] usb 1-1: SerialNumber: syz
[  722.556842][ T5524] usb 1-1: config 0 descriptor??
[  722.559258][ T6555] ath6kl: Failed to submit usb control message: -71
[  722.585795][ T5524] usb 1-1: can't set config #0, error -71
[  722.587378][ T6555] ath6kl: unable to send the bmi data to the device: -71
[  722.743326][ T6555] ath6kl: Unable to send get target info: -71
[  722.784130][ T5524] usb 1-1: USB disconnect, device number 57
[  723.642127][ T6555] ath6kl: Failed to init ath6kl core: -71
[  723.723795][ T6555] ath6kl_usb: probe of 2-1:0.0 failed with error -71
[  723.751267][ T6555] usb 2-1: USB disconnect, device number 55
[  727.550614][T10236] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  728.273189][ T9230] Bluetooth: hci3: command 0x1003 tx timeout
[  728.395099][T10233] Bluetooth: hci3: sending frame failed (-49)
[  729.347743][ T4203] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  729.367380][ T9601] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  730.341532][T10268] loop5: detected capacity change from 0 to 512
[  730.397427][ T4203] usb 4-1: Using ep0 maxpacket: 16
[  730.932686][ T9230] Bluetooth: hci3: command 0x1001 tx timeout
[  730.959368][T10233] Bluetooth: hci3: sending frame failed (-49)
[  730.977897][ T4203] usb 4-1: config 0 has no interfaces?
[  730.993593][T10268] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  731.013086][T10268] ext4 filesystem being mounted at /222/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  731.072526][   T26] audit: type=1800 audit(1743726372.022:98): pid=10267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1716" name="file1" dev="loop5" ino=15 res=0 errno=0
[  731.116449][   T26] audit: type=1800 audit(1743726372.042:99): pid=10267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1716" name="file2" dev="loop5" ino=16 res=0 errno=0
[  731.161428][ T4203] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  731.174734][ T4203] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.183059][ T4203] usb 4-1: Product: syz
[  731.202274][ T4203] usb 4-1: Manufacturer: syz
[  731.215679][ T4203] usb 4-1: SerialNumber: syz
[  731.242487][ T4203] usb 4-1: config 0 descriptor??
[  731.268479][ T9601] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  731.277851][ T9601] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.295709][ T9601] usb 2-1: config 0 descriptor??
[  731.501198][T10277] loop5: detected capacity change from 0 to 256
[  731.650913][T10277] exfat: Unknown parameter 'keep_last_dots'
[  731.793224][T10277] loop5: detected capacity change from 0 to 1024
[  731.848856][ T9601] ath6kl: Failed to submit usb control message: -71
[  731.855526][ T9601] ath6kl: unable to send the bmi data to the device: -71
[  731.870390][ T9601] ath6kl: Unable to send get target info: -71
[  731.941279][ T9601] ath6kl: Failed to init ath6kl core: -71
[  731.965075][ T9601] ath6kl_usb: probe of 2-1:0.0 failed with error -71
[  731.981181][ T9601] usb 2-1: USB disconnect, device number 56
[  732.547717][   T26] audit: type=1326 audit(1743726373.492:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  732.631219][   T26] audit: type=1326 audit(1743726373.502:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  732.869092][   T26] audit: type=1326 audit(1743726373.532:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  732.933363][   T26] audit: type=1326 audit(1743726373.622:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  733.027362][ T9230] Bluetooth: hci3: command 0x1009 tx timeout
[  733.069486][   T26] audit: type=1326 audit(1743726373.622:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  733.113982][   T26] audit: type=1326 audit(1743726373.662:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  733.258638][   T26] audit: type=1326 audit(1743726373.672:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  733.347097][ T9601] usb 4-1: USB disconnect, device number 49
[  733.499137][   T26] audit: type=1326 audit(1743726373.672:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10287 comm="syz.1.1722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2bf93b169 code=0x7ffc0000
[  734.667357][ T6555] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  734.838473][T10316] chnl_net:caif_netlink_parms(): no params data found
[  735.101529][T10316] bridge0: port 1(bridge_slave_0) entered blocking state
[  735.127757][ T6555] usb 2-1: config 0 has no interfaces?
[  735.151175][T10316] bridge0: port 1(bridge_slave_0) entered disabled state
[  735.217039][T10316] device bridge_slave_0 entered promiscuous mode
[  735.276445][T10316] bridge0: port 2(bridge_slave_1) entered blocking state
[  735.288273][ T6555] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  735.314764][ T6555] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  735.315077][T10332] loop0: detected capacity change from 0 to 128
[  735.349721][T10316] bridge0: port 2(bridge_slave_1) entered disabled state
[  735.369842][ T6555] usb 2-1: Product: syz
[  735.387823][ T6555] usb 2-1: Manufacturer: syz
[  735.393835][T10316] device bridge_slave_1 entered promiscuous mode
[  735.413984][ T6555] usb 2-1: SerialNumber: syz
[  735.619332][ T6555] usb 2-1: config 0 descriptor??
[  735.637546][T10332] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  735.669635][T10316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  735.679959][T10332] ext4 filesystem being mounted at /334/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  735.891613][T10316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  735.914047][T10314] loop6: detected capacity change from 0 to 64
[  736.627728][ T5524] Bluetooth: hci5: command 0x0409 tx timeout
[  736.675942][T10316] team0: Port device team_slave_0 added
[  736.695250][T10316] team0: Port device team_slave_1 added
[  736.754353][T10316] batman_adv: batadv0: Adding interface: batadv_slave_0
[  736.771749][T10316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  736.840006][T10316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  736.870031][T10316] batman_adv: batadv0: Adding interface: batadv_slave_1
[  736.907399][ T9601] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  736.919111][T10316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  737.037195][T10316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  737.156178][T10316] device hsr_slave_0 entered promiscuous mode
[  737.187358][ T9601] usb 4-1: Using ep0 maxpacket: 16
[  737.258362][T10316] device hsr_slave_1 entered promiscuous mode
[  737.268810][T10316] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  737.286788][T10316] Cannot create hsr debugfs directory
[  737.419565][ T9601] usb 4-1: config 0 has no interfaces?
[  738.370494][T10354] loop0: detected capacity change from 0 to 1024
[  738.385409][ T6555] usb 2-1: USB disconnect, device number 57
[  738.397951][ T9601] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  738.407966][ T9601] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  738.419971][T10356] loop1: detected capacity change from 0 to 512
[  738.429808][ T9601] usb 4-1: Product: syz
[  738.451301][T10354] EXT4-fs (loop0): Mount option "norecovery" incompatible with ext2
[  738.457426][ T9601] usb 4-1: Manufacturer: syz
[  738.479329][ T9601] usb 4-1: SerialNumber: syz
[  738.495302][ T9601] usb 4-1: config 0 descriptor??
[  738.526731][T10356] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  739.311160][T10356] ext4 filesystem being mounted at /356/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  739.563864][T10316] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  739.564366][ T5524] Bluetooth: hci5: command 0x041b tx timeout
[  739.726394][T10316] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  739.744308][T10356] EXT4-fs error (device loop1): ext4_dx_csum_verify:502: inode #2: comm syz.1.1743: dir seems corrupt?  Run e2fsck -D.
[  739.768315][ T5524] usb 4-1: USB disconnect, device number 50
[  739.770549][T10316] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  739.801326][T10316] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  739.834289][T10356] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.1743: Directory index failed checksum
[  740.047770][ T9601] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  740.143995][T10316] 8021q: adding VLAN 0 to HW filter on device bond0
[  740.447329][ T9601] usb 1-1: Using ep0 maxpacket: 32
[  741.667472][ T9601] usb 1-1: device descriptor read/all, error -71
[  741.966456][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  742.065712][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  742.247779][T10316] 8021q: adding VLAN 0 to HW filter on device team0
[  742.307338][T10377] Bluetooth: hci3: command 0x1003 tx timeout
[  742.314103][T10318] Bluetooth: hci3: sending frame failed (-49)
[  742.573313][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  742.644136][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  742.732884][  T161] bridge0: port 1(bridge_slave_0) entered blocking state
[  742.740180][  T161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  742.815052][ T5524] Bluetooth: hci5: command 0x040f tx timeout
[  742.838772][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  742.902174][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  742.924115][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  742.974833][  T161] bridge0: port 2(bridge_slave_1) entered blocking state
[  742.982048][  T161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  742.995294][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  743.004435][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  743.034009][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  743.069000][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  743.108249][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  743.159488][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  743.196632][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  743.226111][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  743.241305][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  743.268754][T10316] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  743.283027][T10316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  743.296250][ T4219] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  743.306321][ T4219] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  743.392172][T10384] kvm [10383]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x0
[  743.418003][T10384] kvm [10383]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x800
[  743.496984][T10386] loop1: detected capacity change from 0 to 512
[  743.526780][T10384] kvm [10383]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x800
[  743.546767][T10384] kvm [10383]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x0
[  743.589422][T10384] kvm [10383]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x187 data 0x800
[  743.634649][ T4219] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  743.650035][ T4219] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  743.672481][T10386] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  743.697100][T10316] 8021q: adding VLAN 0 to HW filter on device batadv0
[  743.726782][T10384] kvm [10383]: vcpu0, guest rIP: 0x18e ignored wrmsr: 0x11e data 0x0
[  743.746319][T10386] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,stripe=0x00000000000000c4,dioread_nolock,mblk_io_submit,nogrpid,usrjquota=,,errors=continue. Quota mode: none.
[  745.839188][ T4321] Bluetooth: hci3: command 0x1001 tx timeout
[  745.845338][ T4321] Bluetooth: hci5: command 0x0419 tx timeout
[  745.845350][T10233] Bluetooth: hci3: sending frame failed (-49)
[  746.014627][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  746.034345][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  746.075823][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  746.100823][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  746.238699][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  746.252081][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  746.844503][T10316] device veth0_vlan entered promiscuous mode
[  746.877358][T10316] device veth1_vlan entered promiscuous mode
[  746.942247][T10316] device veth0_macvtap entered promiscuous mode
[  746.978789][T10316] device veth1_macvtap entered promiscuous mode
[  747.038735][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  747.062935][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  747.207838][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  748.576836][   T13] Bluetooth: hci3: command 0x1009 tx timeout
[  748.582140][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  748.602644][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  748.633538][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  748.658461][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  748.703481][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  748.737288][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  748.767306][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  748.785536][T10421] loop0: detected capacity change from 0 to 512
[  748.806548][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  748.822156][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  748.836056][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  748.855773][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  748.867024][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  748.887144][T10316] batman_adv: batadv0: Interface activated: batadv_slave_0
[  748.896539][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  748.937127][ T5271] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  748.949340][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  748.965943][T10421] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  748.981797][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  748.996143][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  749.018211][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  749.029239][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  749.040015][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  749.048685][T10421] EXT4-fs (loop0): 1 truncate cleaned up
[  749.052243][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  749.056143][T10421] EXT4-fs (loop0): mounted filesystem without journal. Opts: minixdf,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,debug_want_extra_isize=0x0000000000000006,,errors=continue. Quota mode: none.
[  749.066312][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  749.066359][T10316] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  749.066378][T10316] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  749.068243][T10316] batman_adv: batadv0: Interface activated: batadv_slave_1
[  749.136901][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  749.155560][  T161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  749.198887][T10316] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  749.241813][T10316] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  749.261890][T10316] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  749.596680][   T13] Bluetooth: hci5: command 0x0407 tx timeout
[  749.667027][T10316] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  749.912571][T10421] EXT4-fs error (device loop0): ext4_find_dest_de:2115: inode #2: block 13: comm syz.0.1757: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  750.191334][ T4324] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  750.217536][ T4324] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  750.268619][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  750.268815][  T161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  750.302045][  T161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  750.331544][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  750.503801][T10430] loop3: detected capacity change from 0 to 8
[  750.624536][T10434] loop0: detected capacity change from 0 to 1024
[  752.278665][   T26] audit: type=1800 audit(1743726393.232:108): pid=10448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1762" name="file1" dev="loop0" ino=20 res=0 errno=0
[  752.600472][T10455] loop4: detected capacity change from 0 to 128
[  752.615277][T10451] loop3: detected capacity change from 0 to 8
[  752.679319][T10455] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  754.781898][T10455] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  754.834331][ T5524] Bluetooth: hci3: command 0x1003 tx timeout
[  754.895198][T10464] loop0: detected capacity change from 0 to 4096
[  755.022545][T10464] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  755.057832][T10464] UDF-fs: Scanning with blocksize 512 failed
[  755.295371][T10464] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  756.459965][T10464] UDF-fs: error (device loop0): udf_fiiter_advance_blk: extent after position 0 not allocated in directory (ino 1328)
[  756.473177][ T4237] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  756.567774][T10464] UDF-fs: error (device loop0): udf_verify_fi: directory (ino 1328) has too big (2088) entry at pos 0
[  757.392243][ T5524] Bluetooth: hci3: command 0x1001 tx timeout
[  757.398489][ T9601] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  757.407092][T10233] Bluetooth: hci3: sending frame failed (-49)
[  758.207420][ T9601] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  758.218101][ T9601] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  758.354094][ T9601] usb 5-1: config 0 descriptor??
[  758.396819][T10490] loop3: detected capacity change from 0 to 512
[  759.450065][T10490] EXT4-fs (loop3): orphan cleanup on readonly fs
[  759.468060][    T7] Bluetooth: hci3: command 0x1009 tx timeout
[  759.474275][T10490] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  759.947699][ T9601] ath6kl: Failed to submit usb control message: -110
[  760.237701][ T9601] ath6kl: unable to send the bmi data to the device: -110
[  760.245560][T10490] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  760.272255][ T9601] ath6kl: Unable to send get target info: -110
[  760.328101][T10490] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.1777: attempt to clear invalid blocks 2 len 1
[  760.402597][T10490] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1777: invalid indirect mapped block 1819239214 (level 0)
[  760.441543][ T9601] ath6kl: Failed to init ath6kl core: -110
[  760.458007][T10490] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1777: invalid indirect mapped block 1819239214 (level 1)
[  760.493196][T10490] EXT4-fs (loop3): 1 truncate cleaned up
[  760.513497][ T9601] ath6kl_usb: probe of 5-1:0.0 failed with error -110
[  760.527737][T10490] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,jqfmt=vfsv0,abort,bsddf,noquota,usrjquota=..,errors=continue. Quota mode: writeback.
[  760.545760][ T9601] usb 5-1: USB disconnect, device number 54
[  760.660278][T10490] EXT4-fs error (device loop3): ext4_lookup:1855: inode #2: comm syz.3.1777: 'file1' linked to parent dir
[  760.741376][T10502] loop0: detected capacity change from 0 to 256
[  760.997868][ T4237] usb 2-1: device descriptor read/all, error -71
[  761.035415][T10502] loop0: detected capacity change from 0 to 512
[  762.267321][ T4208] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  763.367645][ T9601] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  765.127677][ T9601] usb 4-1: New USB device found, idVendor=0930, idProduct=0215, bcdDevice= 8.78
[  765.151302][ T9601] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  765.207872][ T9601] usb 4-1: config 0 descriptor??
[  765.259336][ T9601] usb 4-1: can't set config #0, error -71
[  765.284868][ T9601] usb 4-1: USB disconnect, device number 51
[  765.313231][T10550] loop3: detected capacity change from 0 to 8
[  765.337635][T10377] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  765.710033][T10377] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  765.744654][T10377] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  765.811590][T10377] usb 2-1: config 0 descriptor??
[  765.880694][T10555] loop3: detected capacity change from 0 to 512
[  766.047516][T10555] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.1797: casefold flag without casefold feature
[  766.060481][ T4208] usb 5-1: device descriptor read/all, error -71
[  766.149997][T10555] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1797: couldn't read orphan inode 15 (err -117)
[  766.231629][T10555] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  767.117803][T10377] ath6kl: Failed to submit usb control message: -110
[  767.124609][T10377] ath6kl: unable to send the bmi data to the device: -110
[  767.141819][T10377] ath6kl: Unable to send get target info: -110
[  767.852682][ T4293] Bluetooth: Error in BCSP hdr checksum
[  767.980464][T10377] ath6kl: Failed to init ath6kl core: -110
[  769.605322][ T4208] Bluetooth: hci3: command 0x1003 tx timeout
[  769.617871][T10377] ath6kl_usb: probe of 2-1:0.0 failed with error -110
[  769.652496][T10233] Bluetooth: hci3: sending frame failed (-49)
[  769.655173][T10377] usb 2-1: USB disconnect, device number 60
[  770.942038][T10581] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1803'.
[  772.172025][    T7] Bluetooth: hci3: command 0x1001 tx timeout
[  772.180896][T10233] Bluetooth: hci3: sending frame failed (-49)
[  772.337559][T10588] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  772.344128][T10588] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  772.363857][T10588] vhci_hcd vhci_hcd.0: Device attached
[  772.388049][T10592] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(10)
[  772.394702][T10592] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  772.417499][T10592] vhci_hcd vhci_hcd.0: Device attached
[  772.442725][T10588] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(12)
[  772.449383][T10588] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  772.463888][T10588] vhci_hcd vhci_hcd.0: Device attached
[  772.510583][T10592] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(16)
[  772.517237][T10592] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  772.528460][T10588] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  772.555948][T10592] vhci_hcd vhci_hcd.0: Device attached
[  772.562736][T10377] vhci_hcd: vhci_device speed not set
[  772.605736][T10588] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  772.615464][T10588] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  772.637443][T10377] usb 41-1: new full-speed USB device number 4 using vhci_hcd
[  772.655483][T10588] vhci_hcd vhci_hcd.0: pdev(4) rhport(7) sockfd(23)
[  772.662134][T10588] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  772.697399][T10588] vhci_hcd vhci_hcd.0: Device attached
[  772.705016][T10606] vhci_hcd: connection closed
[  772.705419][ T4270] vhci_hcd: stop threads
[  772.738202][T10602] vhci_hcd: connection closed
[  772.738721][T10597] vhci_hcd: connection closed
[  772.738819][T10593] vhci_hcd: connection closed
[  772.747832][ T4270] vhci_hcd: release socket
[  772.748838][T10590] vhci_hcd: connection reset by peer
[  772.765837][ T4270] vhci_hcd: disconnect device
[  772.795786][ T4270] vhci_hcd: stop threads
[  772.815637][ T4270] vhci_hcd: release socket
[  772.827666][ T4270] vhci_hcd: disconnect device
[  772.853186][ T4270] vhci_hcd: stop threads
[  772.877464][ T4270] vhci_hcd: release socket
[  772.887857][ T4270] vhci_hcd: disconnect device
[  772.917602][ T4270] vhci_hcd: stop threads
[  772.921961][ T4270] vhci_hcd: release socket
[  772.948813][ T4270] vhci_hcd: disconnect device
[  772.974394][ T4270] vhci_hcd: stop threads
[  772.995108][ T4270] vhci_hcd: release socket
[  773.007804][ T4270] vhci_hcd: disconnect device
[  773.347380][T10610] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1807'.
[  774.728738][    T7] Bluetooth: hci3: command 0x1009 tx timeout
[  775.609350][    T7] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  775.646184][T10636] loop1: detected capacity change from 0 to 1024
[  775.717742][T10636] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  775.737930][T10636] EXT4-fs (loop1): Ignoring removed nobh option
[  775.747664][T10636] EXT4-fs (loop1): Ignoring removed bh option
[  775.753825][T10636] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  775.892575][T10636] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrjquota=,mblk_io_submit,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  776.038305][    T7] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  776.051758][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.097365][ T9230] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  776.122224][    T7] usb 4-1: config 0 descriptor??
[  776.447416][ T5524] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  776.487686][ T9230] usb 5-1: config 0 has no interfaces?
[  776.687639][ T9230] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  776.710485][ T9230] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  776.769198][ T9230] usb 5-1: Product: syz
[  776.779341][    T7] ath6kl: Failed to submit usb control message: -71
[  776.786731][    T7] ath6kl: unable to send the bmi data to the device: -71
[  776.810004][ T9230] usb 5-1: Manufacturer: syz
[  776.815963][    T7] ath6kl: Unable to send get target info: -71
[  776.826186][ T9230] usb 5-1: SerialNumber: syz
[  776.837563][ T5524] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  776.888573][ T9230] usb 5-1: config 0 descriptor??
[  776.893679][ T5524] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.912011][ T5524] usb 2-1: config 0 descriptor??
[  776.924240][    T7] ath6kl: Failed to init ath6kl core: -71
[  776.958595][ T5524] cp210x 2-1:0.0: cp210x converter detected
[  776.973187][    T7] ath6kl_usb: probe of 4-1:0.0 failed with error -71
[  777.013120][    T7] usb 4-1: USB disconnect, device number 52
[  777.174666][T10655] loop0: detected capacity change from 0 to 512
[  777.284152][T10655] EXT4-fs (loop0): 1 orphan inode deleted
[  777.290113][T10655] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  777.301928][T10655] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  777.390700][T10648] loop1: detected capacity change from 0 to 128
[  777.407456][ T5524] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  777.548213][T10661] loop3: detected capacity change from 0 to 2048
[  777.630329][ T5524] usb 2-1: cp210x converter now attached to ttyUSB0
[  777.650064][T10661] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  777.747726][T10377] vhci_hcd: vhci_device speed not set
[  777.862695][T10648] loop1: detected capacity change from 0 to 1024
[  778.078867][T10648] hfsplus: unable to parse mount options
[  779.335862][ T4237] usb 2-1: USB disconnect, device number 61
[  779.344539][ T4237] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  779.363673][T10673] loop6: detected capacity change from 0 to 512
[  779.384409][ T4237] cp210x 2-1:0.0: device disconnected
[  779.476182][ T5524] usb 5-1: USB disconnect, device number 57
[  780.897342][T10377] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  781.007287][ T4237] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  781.287407][T10377] usb 7-1: config 0 has no interfaces?
[  781.643204][T10709] loop0: detected capacity change from 0 to 1024
[  783.000979][T10708] loop4: detected capacity change from 0 to 512
[  783.132417][T10709] hfsplus: failed to load root directory
[  783.167461][ T4237] usb 2-1: config 0 has no interfaces?
[  783.324884][T10715] netlink: 'syz.3.1837': attribute type 3 has an invalid length.
[  783.446107][T10708] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  783.936129][T10708] EXT4-fs (loop4): 1 truncate cleaned up
[  783.948515][T10708] EXT4-fs (loop4): mounted filesystem without journal. Opts: minixdf,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,debug_want_extra_isize=0x0000000000000006,,errors=continue. Quota mode: none.
[  784.678753][T10720] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #2: block 13: comm syz.4.1836: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  785.348460][T10732] dvmrp1: tun_chr_ioctl cmd 1074025677
[  785.367808][T10732] dvmrp1: linktype set to 768
[  786.047664][T10377] usb 7-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  786.099520][T10377] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.139716][T10377] usb 7-1: Product: syz
[  786.296004][T10377] usb 7-1: config 0 descriptor??
[  787.290139][T10377] usb 7-1: can't set config #0, error -71
[  787.441414][T10377] usb 7-1: USB disconnect, device number 2
[  788.327469][ T4237] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  788.457803][ T4237] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  788.468474][ T4237] usb 2-1: config 0 descriptor??
[  788.497428][ T4237] usb 2-1: can't set config #0, error -71
[  789.039408][T10768] loop4: detected capacity change from 0 to 8
[  789.113539][ T4237] usb 2-1: USB disconnect, device number 62
[  789.229633][  T154] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  789.441671][  T154] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  789.512855][T10774] loop3: detected capacity change from 0 to 512
[  791.282263][T10776] ALSA: mixer_oss: invalid OSS volume 'u'
[  791.294461][  T154] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  791.515578][T10774] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  791.535186][T10774] ext4 filesystem being mounted at /379/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  791.731140][   T26] audit: type=1800 audit(1743726432.552:109): pid=10773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1855" name="file1" dev="loop3" ino=15 res=0 errno=0
[  792.509109][   T26] audit: type=1800 audit(1743726432.682:110): pid=10774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1855" name="file2" dev="loop3" ino=16 res=0 errno=0
[  792.555531][  T154] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  794.180800][T10807] loop4: detected capacity change from 0 to 8
[  794.195797][T10809] loop0: detected capacity change from 0 to 1024
[  794.375977][T10809] EXT4-fs (loop0): Mount option "norecovery" incompatible with ext2
[  794.767317][ T9230] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  795.803147][T10829] loop1: detected capacity change from 0 to 512
[  796.021381][T10829] EXT4-fs error (device loop1): ext4_fill_super:4841: inode #2: comm syz.1.1872: casefold flag without casefold feature
[  796.034439][ T9230] usb 4-1: config 0 has no interfaces?
[  796.477551][T10829] EXT4-fs (loop1): get root inode failed
[  796.516820][T10829] EXT4-fs (loop1): mount failed
[  796.807123][T10845] loop1: detected capacity change from 0 to 512
[  796.907538][ T9230] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  796.937387][ T9230] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.117592][T10845] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  797.712020][ T9230] usb 4-1: Product: syz
[  797.716236][ T9230] usb 4-1: Manufacturer: syz
[  797.720942][ T9230] usb 4-1: SerialNumber: syz
[  797.732519][ T9230] usb 4-1: config 0 descriptor??
[  797.836904][T10845] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1872: invalid indirect mapped block 10 (level 1)
[  797.852427][T10845] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1872: invalid indirect mapped block 8 (level 1)
[  797.866926][T10845] EXT4-fs (loop1): 1 truncate cleaned up
[  797.872677][T10845] EXT4-fs (loop1): mounted filesystem without journal. Opts: mblk_io_submit,resuid=0x000000000000ee00,,errors=continue. Quota mode: none.
[  797.935954][T10854] loop0: detected capacity change from 0 to 128
[  798.092180][T10856] loop6: detected capacity change from 0 to 512
[  798.102990][T10854] FAT-fs (loop0): bogus number of reserved sectors
[  798.122788][T10858] loop1: detected capacity change from 0 to 8
[  798.129435][T10854] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  798.174584][T10854] FAT-fs (loop0): Can't find a valid FAT filesystem
[  798.211309][T10856] EXT4-fs (loop6): orphan cleanup on readonly fs
[  798.513775][T10856] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1879: bg 0: block 248: padding at end of block bitmap is not set
[  798.581952][T10856] Quota error (device loop6): write_blk: dquota write failed
[  798.623372][T10856] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  798.678029][T10856] EXT4-fs error (device loop6): ext4_acquire_dquot:6197: comm syz.6.1879: Failed to acquire dquot type 1
[  798.777066][  T154] device hsr_slave_0 left promiscuous mode
[  798.873780][T10856] EXT4-fs (loop6): 1 truncate cleaned up
[  798.917983][T10856] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,max_dir_size_kb=0x0000000000000002,nolazytime,stripe=0x00000000000000ff,grpjquota=,dioread_lock,noblock_validity,noload,noload,,errors=continue. Quota mode: writeback.
[  798.969014][  T154] device hsr_slave_1 left promiscuous mode
[  798.975982][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  799.066956][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[  799.165104][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  799.203953][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  799.257822][T10872] loop0: detected capacity change from 0 to 1024
[  799.304326][  T154] device bridge_slave_1 left promiscuous mode
[  799.319301][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[  799.402392][T10872] EXT4-fs (loop0): Ignoring removed oldalloc option
[  799.583393][T10872] EXT4-fs (loop0): Ignoring removed bh option
[  799.587559][  T154] device bridge_slave_0 left promiscuous mode
[  799.590114][ T9230] usb 4-1: can't set config #0, error -71
[  799.595973][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[  799.832737][T10872] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  800.477562][ T9230] usb 4-1: USB disconnect, device number 53
[  800.521944][T10872] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,i_version,oldalloc,grpid,data_err=ignore,mb_optimize_scan=0x0000000000000001,errors=remount-ro,bsdgroups,noquota,user_xattr,bh,dioread_nolock,. Quota mode: none.
[  800.600689][  T154] device veth1_macvtap left promiscuous mode
[  801.487868][  T154] device veth0_macvtap left promiscuous mode
[  801.511274][T10903] loop3: detected capacity change from 0 to 1024
[  801.521838][  T154] device veth1_vlan left promiscuous mode
[  801.544327][  T154] device veth0_vlan left promiscuous mode
[  801.864266][T10907] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  801.884058][T10907] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  802.247462][ T9230] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  802.677503][ T9230] usb 4-1: config 0 has no interfaces?
[  802.858056][ T9230] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  802.881393][ T9230] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  802.910572][ T9230] usb 4-1: Product: syz
[  802.927591][ T9230] usb 4-1: Manufacturer: syz
[  802.945905][ T9230] usb 4-1: SerialNumber: syz
[  802.976268][ T9230] usb 4-1: config 0 descriptor??
[  803.048630][  T154] team0 (unregistering): Port device team_slave_1 removed
[  803.086635][  T154] team0 (unregistering): Port device team_slave_0 removed
[  803.125912][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.179256][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.323404][T10913] udc-core: couldn't find an available UDC or it's busy
[  803.332467][T10913] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  803.561466][  T154] bond0 (unregistering): Released all slaves
[  803.592045][T10928] loop1: detected capacity change from 0 to 1024
[  803.674254][T10928] EXT4-fs (loop1): Ignoring removed orlov option
[  803.709265][T10928] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  803.831016][T10928] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,min_batch_time=0x00000000000000c0,delalloc,orlov,debug_want_extra_isize=0x0000000000000080,nouid32,resgid=0x0000000000000000,nomblk_io_submit,sysvgroups,,errors=continue. Quota mode: none.
[  804.104260][T10934] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1895'.
[  804.113672][T10934] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1895'.
[  804.958193][T10953] loop4: detected capacity change from 0 to 512
[  805.147509][ T4208] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  805.189320][ T4205] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  805.242040][T10953] EXT4-fs (loop4): 1 orphan inode deleted
[  805.308985][T10953] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  805.397874][T10953] ext4 filesystem being mounted at /418/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  805.557528][ T4208] usb 7-1: config 0 has no interfaces?
[  805.607717][ T4205] usb 2-1: config 0 has no interfaces?
[  805.717422][ T4208] usb 7-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  805.772947][ T4208] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.787776][ T4205] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  805.797318][ T5524] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  805.815573][ T4208] usb 7-1: Product: syz
[  805.830325][ T4205] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.931734][ T4205] usb 2-1: Product: syz
[  806.363525][ T4205] usb 2-1: Manufacturer: syz
[  806.376541][ T4205] usb 2-1: SerialNumber: syz
[  806.388274][ T4205] usb 2-1: config 0 descriptor??
[  806.410492][ T4208] usb 7-1: Manufacturer: syz
[  806.434146][ T4208] usb 7-1: SerialNumber: syz
[  806.495546][ T4208] usb 7-1: config 0 descriptor??
[  806.500707][ T5524] usb 5-1: Using ep0 maxpacket: 32
[  806.591427][T10974] loop0: detected capacity change from 0 to 1024
[  806.627536][ T5524] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  806.713971][ T5524] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  806.794238][ T4205] usb 4-1: USB disconnect, device number 54
[  806.808826][ T5524] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  806.848309][ T5524] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  806.978414][ T5524] hub 5-1:4.0: USB hub found
[  807.188518][T10988] loop0: detected capacity change from 0 to 164
[  807.197517][ T5524] hub 5-1:4.0: 2 ports detected
[  807.417487][ T5524] hub 5-1:4.0: hub_hub_status failed (err = -71)
[  807.427412][ T5524] hub 5-1:4.0: config failed, can't get hub status (err -71)
[  807.538088][ T5524] usb 5-1: USB disconnect, device number 58
[  807.842281][T10995] loop3: detected capacity change from 0 to 512
[  808.005441][T10995] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1908: invalid indirect mapped block 10 (level 1)
[  808.019711][T10995] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1908: invalid indirect mapped block 8 (level 1)
[  808.078860][T10995] EXT4-fs (loop3): 1 truncate cleaned up
[  808.084558][T10995] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  808.639911][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  809.392140][ T9601] usb 2-1: USB disconnect, device number 63
[  809.605777][ T5524] usb 7-1: USB disconnect, device number 3
[  810.012281][ T9601] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  810.071777][ T5524] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  810.234624][T11015] chnl_net:caif_netlink_parms(): no params data found
[  810.417435][ T9601] usb 2-1: config 0 has no interfaces?
[  810.457391][ T5524] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  810.506520][T11048] loop4: detected capacity change from 0 to 512
[  810.517983][ T5524] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  810.597513][ T9601] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  810.627882][ T5524] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  810.638821][T11015] bridge0: port 1(bridge_slave_0) entered blocking state
[  810.653078][ T9601] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  810.666723][T11015] bridge0: port 1(bridge_slave_0) entered disabled state
[  810.670409][ T5524] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  810.692151][ T9601] usb 2-1: Product: syz
[  810.694869][T11015] device bridge_slave_0 entered promiscuous mode
[  810.696375][ T9601] usb 2-1: Manufacturer: syz
[  810.719119][ T5524] usb 7-1: SerialNumber: syz
[  810.743833][T11048] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2766: inode #11: comm syz.4.1919: corrupted xattr block 95
[  810.747364][ T9601] usb 2-1: SerialNumber: syz
[  810.772518][ T9601] usb 2-1: config 0 descriptor??
[  810.800089][T11048] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.1919: bg 0: block 7: invalid block bitmap
[  810.822620][T11015] bridge0: port 2(bridge_slave_1) entered blocking state
[  810.830180][T11015] bridge0: port 2(bridge_slave_1) entered disabled state
[  810.837356][T11048] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  810.848000][T11015] device bridge_slave_1 entered promiscuous mode
[  810.876974][T11048] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2932: inode #11: comm syz.4.1919: corrupted xattr block 95
[  810.912794][T11048] EXT4-fs warning (device loop4): ext4_evict_inode:302: xattr delete (err -117)
[  810.939642][T11048] EXT4-fs (loop4): 1 orphan inode deleted
[  810.945540][T11048] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  810.960514][T11015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  811.010262][ T5524] usb 7-1: 0:2 : does not exist
[  811.179529][T11015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  811.210610][ T5524] usb 7-1: USB disconnect, device number 4
[  812.006743][T11030] udc-core: couldn't find an available UDC or it's busy
[  812.025489][T11030] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  812.064019][ T9601] Bluetooth: hci0: command 0x0409 tx timeout
[  812.237810][T11015] team0: Port device team_slave_0 added
[  812.279416][T10843] udevd[10843]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  812.316618][T11015] team0: Port device team_slave_1 added
[  812.950793][T11079] loop6: detected capacity change from 0 to 2048
[  814.812105][ T4208] Bluetooth: hci0: command 0x041b tx timeout
[  814.843191][T11081] Alternate GPT is invalid, using primary GPT.
[  814.850363][T11081]  loop6: p1 p2 p3
[  814.904483][T11079] Alternate GPT is invalid, using primary GPT.
[  814.910759][T11079]  loop6: p1 p2 p3
[  814.965722][T11015] batman_adv: batadv0: Adding interface: batadv_slave_0
[  814.972875][ T9230] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  815.005908][T10844] udevd[10844]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  815.055569][T11015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  815.093252][T11015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  815.109647][ T6224] udevd[6224]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  815.122825][ T4435] udevd[4435]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  815.162635][T11015] batman_adv: batadv0: Adding interface: batadv_slave_1
[  815.200522][T11015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  815.239806][ T6224] udevd[6224]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  815.253232][T10844] udevd[10844]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  815.266767][T10843] udevd[10843]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  815.387407][T11015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  815.477366][ T9230] usb 4-1: config 0 has no interfaces?
[  815.559950][  T154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  815.657393][ T9230] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  815.673381][T11015] device hsr_slave_0 entered promiscuous mode
[  815.686944][ T9230] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  815.717473][ T9230] usb 4-1: Product: syz
[  815.736582][ T9230] usb 4-1: Manufacturer: syz
[  815.759843][ T9230] usb 4-1: SerialNumber: syz
[  815.773939][ T9230] usb 4-1: config 0 descriptor??
[  815.837782][T11015] device hsr_slave_1 entered promiscuous mode
[  815.865365][T11015] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  815.915295][T11015] Cannot create hsr debugfs directory
[  815.951328][  T154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  816.088959][ T4205] usb 2-1: USB disconnect, device number 64
[  816.144026][  T154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  816.391123][  T154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  817.395346][ T9230] Bluetooth: hci0: command 0x040f tx timeout
[  818.057765][T11015] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  818.185295][T11116] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  818.191870][T11116] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  818.210118][T11122] loop6: detected capacity change from 0 to 1024
[  818.248467][T11116] vhci_hcd vhci_hcd.0: Device attached
[  818.300868][T11116] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  818.341422][T11125] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(9)
[  818.347989][T11125] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  818.384546][ T4907] usb 4-1: USB disconnect, device number 55
[  818.391914][T11125] vhci_hcd vhci_hcd.0: Device attached
[  818.421069][T11116] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(14)
[  818.427720][T11116] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  818.447606][T10377] vhci_hcd: vhci_device speed not set
[  818.463601][T11116] vhci_hcd vhci_hcd.0: Device attached
[  818.501211][T11015] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  818.578789][T11125] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  818.591741][T10377] usb 35-1: new full-speed USB device number 3 using vhci_hcd
[  818.599941][T11116] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  818.641190][T11015] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  818.644468][T11116] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  818.852942][T11015] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  818.874535][T11133] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(18)
[  818.881183][T11133] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  819.749872][T11133] vhci_hcd vhci_hcd.0: Device attached
[  819.837550][T11125] vhci_hcd vhci_hcd.0: port 0 already used
[  819.849296][T11140] vhci_hcd: connection closed
[  819.849828][ T4293] vhci_hcd: stop threads
[  819.867719][T11128] vhci_hcd: connection closed
[  819.870715][T11127] vhci_hcd: connection closed
[  819.875838][T11119] vhci_hcd: connection reset by peer
[  819.893213][ T4293] vhci_hcd: release socket
[  819.911481][ T4293] vhci_hcd: disconnect device
[  819.939632][ T4293] vhci_hcd: stop threads
[  819.951156][ T4293] vhci_hcd: release socket
[  819.979851][ T4293] vhci_hcd: disconnect device
[  819.996510][ T4293] vhci_hcd: stop threads
[  820.010556][ T4293] vhci_hcd: release socket
[  820.044543][ T4293] vhci_hcd: disconnect device
[  820.069536][ T4293] vhci_hcd: stop threads
[  820.074990][T11015] 8021q: adding VLAN 0 to HW filter on device bond0
[  820.082320][    T7] Bluetooth: hci0: command 0x0419 tx timeout
[  820.114957][ T4293] vhci_hcd: release socket
[  820.143197][ T4293] vhci_hcd: disconnect device
[  820.278856][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  820.328168][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  820.355110][T11015] 8021q: adding VLAN 0 to HW filter on device team0
[  822.229083][T11170] xt_TCPMSS: Only works on TCP SYN packets
[  822.506937][T11015] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  822.709836][T11171] loop3: detected capacity change from 0 to 512
[  822.761017][T11015] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  823.449017][ T4907] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  823.500306][T11171] EXT4-fs (loop3): Ignoring removed oldalloc option
[  823.507012][T11171] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  823.577738][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  823.596511][T11171] EXT4-fs (loop3): 1 truncate cleaned up
[  823.601359][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  823.602545][T11171] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,oldalloc,barrier=0x0000000000000003,quota,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  823.830984][ T4270] bridge0: port 1(bridge_slave_0) entered blocking state
[  823.838149][ T4270] bridge0: port 1(bridge_slave_0) entered forwarding state
[  823.848603][T10377] vhci_hcd: vhci_device speed not set
[  824.340109][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  824.467382][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  824.803311][ T4170] EXT4-fs error (device loop3): mb_free_blocks:1865: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt.
[  824.847149][ T4270] bridge0: port 2(bridge_slave_1) entered blocking state
[  824.854333][ T4270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  824.944719][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  824.999585][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  825.018613][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  825.064295][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  825.086695][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  825.114637][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  825.150756][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  825.181093][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  825.206300][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  825.236017][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  825.266480][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  825.285829][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  825.315939][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  825.426443][T11197] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1948'.
[  825.435615][T11197] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1948'.
[  826.391832][T11212] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  826.398395][T11212] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  826.549014][T11212] vhci_hcd vhci_hcd.0: Device attached
[  826.606714][T11223] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(8)
[  826.613035][T11212] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  826.613280][T11223] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  826.628478][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  826.636438][T11223] vhci_hcd vhci_hcd.0: Device attached
[  826.663053][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  827.747310][ T4205] vhci_hcd: vhci_device speed not set
[  827.787454][T11015] 8021q: adding VLAN 0 to HW filter on device batadv0
[  827.800393][T11229] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  827.828409][T11229] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  827.847475][ T4205] usb 41-1: new full-speed USB device number 5 using vhci_hcd
[  827.914433][T11212] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(10)
[  827.921088][T11212] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  827.934799][T11223] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(16)
[  827.941442][T11223] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  827.991282][T11212] vhci_hcd vhci_hcd.0: Device attached
[  828.033516][T11229] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  829.703029][T11223] vhci_hcd vhci_hcd.0: Device attached
[  829.746644][T11247] loop3: detected capacity change from 0 to 1024
[  830.098641][T11228] vhci_hcd: connection closed
[  830.099051][ T4270] vhci_hcd: stop threads
[  830.099802][T11215] vhci_hcd: connection reset by peer
[  830.103773][ T4270] vhci_hcd: release socket
[  830.118928][T11227] vhci_hcd: connection closed
[  830.119143][T11224] vhci_hcd: connection closed
[  830.175521][T11212] vhci_hcd vhci_hcd.0: port 0 already used
[  830.416357][ T4270] vhci_hcd: disconnect device
[  830.437486][ T4270] vhci_hcd: stop threads
[  830.441780][ T4270] vhci_hcd: release socket
[  831.147605][ T4270] vhci_hcd: disconnect device
[  831.260816][T11262] loop1: detected capacity change from 0 to 512
[  831.289743][ T4170] hfsplus: node 4:3 still has 1 user(s)!
[  831.309462][ T4270] vhci_hcd: stop threads
[  831.318440][ T4270] vhci_hcd: release socket
[  831.350493][ T4270] vhci_hcd: disconnect device
[  831.369081][ T4270] vhci_hcd: stop threads
[  831.391107][ T4270] vhci_hcd: release socket
[  832.282436][ T4270] vhci_hcd: disconnect device
[  832.947395][ T4205] vhci_hcd: vhci_device speed not set
[  835.028300][ T5524] Bluetooth: hci3: command 0x1003 tx timeout
[  835.057095][  T146] Bluetooth: hci3: sending frame failed (-49)
[  835.268292][T11280] loop3: detected capacity change from 0 to 2048
[  835.300101][ T4219] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  835.318680][ T4219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  835.375612][T11280] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  835.486969][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  835.512011][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  835.558763][T11015] device veth0_vlan entered promiscuous mode
[  836.770266][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  836.830876][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  836.894184][T11296] loop4: detected capacity change from 0 to 2048
[  836.926910][T11015] device veth1_vlan entered promiscuous mode
[  837.081214][T11296] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  837.107987][ T5524] Bluetooth: hci3: command 0x1001 tx timeout
[  837.126864][  T146] Bluetooth: hci3: sending frame failed (-49)
[  837.165428][T11015] device veth0_macvtap entered promiscuous mode
[  837.211731][   T26] audit: type=1800 audit(1743726478.156:111): pid=11296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1966" name="file1" dev="loop4" ino=1415 res=0 errno=0
[  837.266415][T11015] device veth1_macvtap entered promiscuous mode
[  837.325332][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  837.348373][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  837.361810][T11305] loop1: detected capacity change from 0 to 512
[  837.374536][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  837.390817][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  837.509747][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  837.551060][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.563816][T11305] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  837.571886][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  837.591442][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.601663][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  837.610084][T11305] ext4 filesystem being mounted at /403/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  837.612697][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.653158][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  837.767932][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.974366][T11015] batman_adv: batadv0: Interface activated: batadv_slave_0
[  838.336393][ T9601] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  838.359259][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  838.389013][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  838.421010][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  838.442784][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  838.454421][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  838.475665][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  838.485929][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  838.511289][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  838.534128][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  838.554626][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  838.577760][T11015] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  838.597434][T11015] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  838.639283][T11015] batman_adv: batadv0: Interface activated: batadv_slave_1
[  838.665275][T11015] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  838.740563][T11015] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  838.749506][T11015] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  838.758697][T11015] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  838.817143][  T154] device hsr_slave_0 left promiscuous mode
[  838.818334][ T9601] usb 4-1: config 0 has no interfaces?
[  839.692787][ T4238] Bluetooth: hci3: command 0x1009 tx timeout
[  839.702299][  T154] device hsr_slave_1 left promiscuous mode
[  839.710461][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  839.721762][  T154] batman_adv: batadv0: Removing interface: batadv_slave_0
[  839.741522][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  839.759666][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  839.769162][  T154] device bridge_slave_1 left promiscuous mode
[  839.775482][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[  839.837501][  T154] device bridge_slave_0 left promiscuous mode
[  839.847088][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[  839.869009][ T9601] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  839.888323][ T9601] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  839.936856][ T9601] usb 4-1: Product: syz
[  839.946397][ T9601] usb 4-1: Manufacturer: syz
[  839.960130][ T9601] usb 4-1: SerialNumber: syz
[  840.269139][ T9601] usb 4-1: config 0 descriptor??
[  840.855746][  T154] device veth1_macvtap left promiscuous mode
[  840.867751][  T154] device veth0_macvtap left promiscuous mode
[  840.885118][  T154] device veth1_vlan left promiscuous mode
[  840.901149][  T154] device veth0_vlan left promiscuous mode
[  841.438023][ T9601] usb 4-1: can't set config #0, error -71
[  841.460877][ T9601] usb 4-1: USB disconnect, device number 57
[  842.325463][T11354] loop3: detected capacity change from 0 to 256
[  842.386569][T11354] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  842.413368][T11354] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  842.435609][T11354] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  843.297242][  T154] team0 (unregistering): Port device team_slave_1 removed
[  843.343818][  T154] team0 (unregistering): Port device team_slave_0 removed
[  843.376463][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  843.404890][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  843.516527][  T154] bond0 (unregistering): Released all slaves
[  843.630367][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  843.640031][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  843.648418][T11361] loop6: detected capacity change from 0 to 512
[  844.784489][ T4270] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  844.792993][ T4270] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  844.843562][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  844.876347][ T6320] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  844.896786][ T6320] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  844.918257][ T4322] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  845.287448][   T23] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  845.829912][T11395] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1911'.
[  845.839168][T11395] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1911'.
[  846.457358][   T23] usb 7-1: config 0 has no interfaces?
[  846.717396][   T23] usb 7-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  846.740435][   T23] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.782746][   T23] usb 7-1: Product: syz
[  846.786984][   T23] usb 7-1: Manufacturer: syz
[  846.811351][   T23] usb 7-1: SerialNumber: syz
[  846.846453][   T23] usb 7-1: config 0 descriptor??
[  846.948143][   T23] Bluetooth: hci2: command 0x1003 tx timeout
[  846.954641][  T146] Bluetooth: hci2: sending frame failed (-49)
[  847.068038][T11389] chnl_net:caif_netlink_parms(): no params data found
[  847.503772][T11389] bridge0: port 1(bridge_slave_0) entered blocking state
[  847.547760][T11389] bridge0: port 1(bridge_slave_0) entered disabled state
[  847.576620][T11389] device bridge_slave_0 entered promiscuous mode
[  847.638229][T11389] bridge0: port 2(bridge_slave_1) entered blocking state
[  847.659909][T11389] bridge0: port 2(bridge_slave_1) entered disabled state
[  847.705994][T11389] device bridge_slave_1 entered promiscuous mode
[  847.885529][T11389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  847.907821][ T4205] Bluetooth: hci3: command 0x0409 tx timeout
[  847.964492][T11389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  848.165851][T11389] team0: Port device team_slave_0 added
[  848.229112][T11389] team0: Port device team_slave_1 added
[  848.408496][T11389] batman_adv: batadv0: Adding interface: batadv_slave_0
[  848.425877][T11389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  848.495776][T11389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  848.543057][T11389] batman_adv: batadv0: Adding interface: batadv_slave_1
[  848.607298][T11389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  848.745015][T11389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  849.027431][   T23] Bluetooth: hci2: command 0x1001 tx timeout
[  849.320685][T11438] loop7: detected capacity change from 0 to 512
[  849.343999][  T146] Bluetooth: hci2: sending frame failed (-49)
[  849.922463][ T4203] usb 7-1: USB disconnect, device number 5
[  849.980033][T11389] device hsr_slave_0 entered promiscuous mode
[  849.992978][   T23] Bluetooth: hci3: command 0x041b tx timeout
[  850.142898][T11389] device hsr_slave_1 entered promiscuous mode
[  850.180384][T11438] EXT4-fs (loop7): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  850.199400][T11438] ext4 filesystem being mounted at /1/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  850.662492][   T26] audit: type=1800 audit(1743726491.606:112): pid=11436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1993" name="file2" dev="loop7" ino=16 res=0 errno=0
[  850.700281][T11389] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  850.718423][T11389] Cannot create hsr debugfs directory
[  850.916262][   T26] audit: type=1800 audit(1743726491.606:113): pid=11435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1993" name="file1" dev="loop7" ino=15 res=0 errno=0
[  850.965589][T11455] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  851.159845][T11460] loop7: detected capacity change from 0 to 512
[  851.404109][T11389] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  851.427286][ T4203] Bluetooth: hci2: command 0x1009 tx timeout
[  851.570226][T11389] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  851.577824][T11469] loop6: detected capacity change from 0 to 1024
[  852.172885][T11469] EXT4-fs (loop6): Mount option "norecovery" incompatible with ext2
[  852.204881][   T23] Bluetooth: hci3: command 0x040f tx timeout
[  852.224034][T11475] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2000'.
[  852.234494][T11475] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2000'.
[  852.250051][T11389] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  852.284450][T11389] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  853.092663][T11480] loop6: detected capacity change from 0 to 512
[  853.602465][T11480] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  853.629077][T11480] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  853.638061][T11480] EXT4-fs (loop6): orphan cleanup on readonly fs
[  853.645273][T11480] EXT4-fs warning (device loop6): ext4_enable_quotas:6432: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  853.660284][T11480] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  853.669393][T11480] EXT4-fs error (device loop6): ext4_ext_check_inode:501: inode #13: comm syz.6.1998: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  853.688428][T11480] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.1998: couldn't read orphan inode 13 (err -117)
[  853.701173][T11480] EXT4-fs (loop6): mounted filesystem without journal. Opts: noquota,noblock_validity,jqfmt=vfsv0,grpquota,debug,debug,grpid,,errors=continue. Quota mode: writeback.
[  853.737910][T11469] EXT4-fs error (device loop6): ext4_lookup:1858: comm syz.6.1998: inode #15: comm syz.6.1998: iget: illegal inode #
[  853.927132][T11389] 8021q: adding VLAN 0 to HW filter on device bond0
[  854.137945][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  854.146206][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  854.259300][T11389] 8021q: adding VLAN 0 to HW filter on device team0
[  854.327073][   T23] Bluetooth: hci3: command 0x0419 tx timeout
[  855.088389][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  855.118774][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  855.141321][ T4270] bridge0: port 1(bridge_slave_0) entered blocking state
[  855.148491][ T4270] bridge0: port 1(bridge_slave_0) entered forwarding state
[  855.177031][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  855.217918][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  855.254511][ T4270] bridge0: port 2(bridge_slave_1) entered blocking state
[  855.261694][ T4270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  855.290580][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  855.398557][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  855.412273][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  855.448476][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  855.826707][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  856.598822][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  856.632161][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  856.653066][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  856.694222][T11516] loop7: detected capacity change from 0 to 1024
[  856.701498][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  856.724155][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  856.756360][T11389] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  856.872562][T11522] loop4: detected capacity change from 0 to 128
[  856.918089][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  856.936465][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  856.972126][  T154] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  856.986376][T11516] EXT4-fs (loop7): Ignoring removed nobh option
[  857.047753][T11516] EXT4-fs error (device loop7): ext4_ext_check_inode:501: inode #11: comm syz.7.2007: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  857.191137][T11516] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.2007: couldn't read orphan inode 11 (err -117)
[  857.219789][  T154] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.258031][T11516] EXT4-fs (loop7): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[  857.292805][T11522] EXT4-fs (loop4): Test dummy encryption mode enabled
[  857.321213][T11522] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: none.
[  857.373901][T11522] ext4 filesystem being mounted at /448/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  857.374344][  T154] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.568387][T11544] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.2007: bg 0: block 10: padding at end of block bitmap is not set
[  858.432288][T11389] 8021q: adding VLAN 0 to HW filter on device batadv0
[  858.451208][T11542] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2002'.
[  858.460376][T11542] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2002'.
[  858.879590][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  858.899435][T11546] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  858.913981][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  858.955996][T11545] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2011'.
[  858.965326][T11545] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2011'.
[  859.082206][  T154] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.225347][T11560] loop3: detected capacity change from 0 to 1024
[  859.447282][T11560] EXT4-fs (loop3): Mount option "norecovery" incompatible with ext2
[  860.386343][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  861.181419][T11574] loop3: detected capacity change from 0 to 512
[  861.472615][ T4324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  861.506687][T11574] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  861.737865][T11574] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  861.746638][T11574] EXT4-fs (loop3): orphan cleanup on readonly fs
[  861.755137][T11574] EXT4-fs warning (device loop3): ext4_enable_quotas:6432: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  861.769885][T11574] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  861.776968][T11574] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #13: comm syz.3.2012: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  861.838047][T11574] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.2012: couldn't read orphan inode 13 (err -117)
[  861.868028][T11574] EXT4-fs (loop3): mounted filesystem without journal. Opts: noquota,noblock_validity,jqfmt=vfsv0,grpquota,debug,debug,grpid,,errors=continue. Quota mode: writeback.
[  861.890166][T11560] EXT4-fs error (device loop3): ext4_lookup:1858: comm syz.3.2012: inode #15: comm syz.3.2012: iget: illegal inode #
[  862.005671][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  862.019475][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  862.049967][T11389] device veth0_vlan entered promiscuous mode
[  862.190593][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  862.226972][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  862.231700][T11583] loop4: detected capacity change from 0 to 2048
[  862.263571][T11389] device veth1_vlan entered promiscuous mode
[  862.420703][T11583] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  862.450886][T11583] UDF-fs: Scanning with blocksize 512 failed
[  862.587885][T11583] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  862.952459][T11389] device veth0_macvtap entered promiscuous mode
[  862.966849][T11389] device veth1_macvtap entered promiscuous mode
[  862.985010][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  862.995677][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  863.006269][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  863.016990][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  863.027800][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  863.038584][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  863.049095][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  863.060157][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  863.075525][T11389] batman_adv: batadv0: Interface activated: batadv_slave_0
[  863.223314][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  863.234524][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  863.274158][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  863.343486][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  864.262306][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  864.317508][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  864.365520][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  864.407443][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  864.448163][T11389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  864.497330][T11389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  864.590757][T11389] batman_adv: batadv0: Interface activated: batadv_slave_1
[  864.620168][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  864.638442][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  864.680021][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  864.728867][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  864.768196][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  864.800157][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  864.829932][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  864.860324][ T4293] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  864.953897][T11389] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  864.978277][T11389] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  864.997447][T11389] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  865.006191][T11389] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  865.077310][ T4237] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  865.270693][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  865.290985][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  865.336014][T11608] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2021'.
[  865.427967][T11608] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2021'.
[  865.487450][ T4237] usb 5-1: config 0 has no interfaces?
[  865.490252][ T6320] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  865.493075][ T4237] usb 5-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  865.525033][ T6320] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  865.556452][ T6320] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  865.563122][ T4237] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  865.601533][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  865.636267][ T4237] usb 5-1: config 0 descriptor??
[  865.829428][T11620] loop8: detected capacity change from 0 to 512
[  865.932097][T11603] udc-core: couldn't find an available UDC or it's busy
[  865.953865][T11620] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  865.957328][T11603] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  866.570939][T11620] EXT4-fs (loop8): 1 truncate cleaned up
[  866.605719][  T154] device hsr_slave_0 left promiscuous mode
[  866.613992][T11620] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  866.651929][  T154] device hsr_slave_1 left promiscuous mode
[  866.665080][  T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  866.719587][  T154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  866.744911][  T154] device bridge_slave_1 left promiscuous mode
[  866.769956][  T154] bridge0: port 2(bridge_slave_1) entered disabled state
[  866.777782][T11620] loop_set_status: loop8 () has still dirty pages (nrpages=3)
[  866.820551][  T154] bridge0: port 1(bridge_slave_0) entered disabled state
[  866.896529][  T154] device veth1_macvtap left promiscuous mode
[  866.935042][  T154] device veth1_vlan left promiscuous mode
[  866.941120][T11389] EXT4-fs error (device loop8): mb_free_blocks:1865: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt.
[  866.955305][  T154] device veth0_vlan left promiscuous mode
[  868.670744][T11604] udc-core: couldn't find an available UDC or it's busy
[  868.677852][T11604] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  868.711996][ T4321] usb 5-1: USB disconnect, device number 59
[  869.423750][T11657] loop8: detected capacity change from 0 to 512
[  870.036480][T11657] EXT4-fs (loop8): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  870.055919][T11657] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  870.070298][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  870.084827][   T26] audit: type=1800 audit(1743726511.026:114): pid=11654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2027" name="file1" dev="loop8" ino=15 res=0 errno=0
[  870.166968][   T26] audit: type=1800 audit(1743726511.056:115): pid=11654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2027" name="file2" dev="loop8" ino=16 res=0 errno=0
[  870.459543][  T154] team0 (unregistering): Port device team_slave_1 removed
[  870.504278][  T154] team0 (unregistering): Port device team_slave_0 removed
[  870.543468][  T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  870.594741][  T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  870.704674][  T154] bond0 (unregistering): Released all slaves
[  870.755886][T11630] netlink: 'syz.3.2022': attribute type 3 has an invalid length.
[  870.793548][T11662] netlink: 'syz.6.2028': attribute type 3 has an invalid length.
[  871.227526][T11677] loop7: detected capacity change from 0 to 256
[  871.393134][T11685] loop4: detected capacity change from 0 to 512
[  872.212822][T11684] loop6: detected capacity change from 0 to 2048
[  872.415952][T11693] loop8: detected capacity change from 0 to 256
[  872.630316][T11684] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  872.667656][T11677] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 196)
[  872.928985][   T26] audit: type=1800 audit(1743726513.846:116): pid=11689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2034" name="file1" dev="loop7" ino=1048616 res=0 errno=0
[  873.001253][T11015] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 196)
[  873.136449][T11703] loop4: detected capacity change from 0 to 4096
[  874.131946][T11703] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  874.192264][T11726] loop8: detected capacity change from 0 to 1024
[  874.262180][T11703] EXT4-fs (loop4): shut down requested (2)
[  874.523719][T11730] loop7: detected capacity change from 0 to 512
[  875.363833][T11726] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  875.408505][T11730] EXT4-fs (loop7): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  875.427461][T11730] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  875.451372][   T26] audit: type=1800 audit(1743726516.396:117): pid=11727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2040" name="file1" dev="loop7" ino=15 res=0 errno=0
[  876.047648][T11745] loop4: detected capacity change from 0 to 512
[  877.190317][T11745] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  877.209054][T11745] ext4 filesystem being mounted at /455/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  877.228288][   T26] audit: type=1800 audit(1743726518.176:118): pid=11743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2043" name="file1" dev="loop4" ino=15 res=0 errno=0
[  877.459308][   T26] audit: type=1800 audit(1743726518.206:119): pid=11743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2043" name="file2" dev="loop4" ino=16 res=0 errno=0
[  878.575634][T11775] loop6: detected capacity change from 0 to 512
[  878.875584][ T1111] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  880.887388][ T1111] usb 5-1: config 0 has no interfaces?
[  883.337766][T11809] loop6: detected capacity change from 0 to 256
[  885.760721][T11833] loop8: detected capacity change from 0 to 512
[  885.867437][ T1111] usb 5-1: string descriptor 0 read error: -71
[  885.873748][ T1111] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  886.094229][ T1111] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  886.149288][ T1111] usb 5-1: config 0 descriptor??
[  886.700252][ T1111] usb 5-1: can't set config #0, error -71
[  886.778339][ T1111] usb 5-1: USB disconnect, device number 60
[  890.037757][T11878] loop7: detected capacity change from 0 to 1024
[  890.412809][T11878] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  890.454271][T11877] loop4: detected capacity change from 0 to 2048
[  890.564047][T11890] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  891.432411][T11877] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  892.431826][   T26] audit: type=1326 audit(1743726533.376:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11874 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23c84f6169 code=0x7ffc0000
[  892.562396][   T26] audit: type=1326 audit(1743726533.406:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11874 comm="syz.4.2072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f23c84f6169 code=0x7ffc0000
[  893.619559][T11904] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  893.827990][T11904] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 384 with error 28
[  893.867984][T11904] EXT4-fs (loop4): This should not happen!! Data will be lost
[  893.867984][T11904] 
[  894.260395][T11904] EXT4-fs (loop4): Total free blocks count 0
[  894.301140][T11904] EXT4-fs (loop4): Free/Dirty block details
[  894.760288][T11904] EXT4-fs (loop4): free_blocks=2415919104
[  894.766107][T11904] EXT4-fs (loop4): dirty_blocks=384
[  894.850063][T11904] EXT4-fs (loop4): Block reservation details
[  894.887313][T11904] EXT4-fs (loop4): i_reserved_data_blocks=24
[  896.584897][T11937] loop4: detected capacity change from 0 to 512
[  896.664495][T11937] EXT4-fs (loop4): Ignoring removed nobh option
[  896.695206][T11937] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  896.746255][T11943] loop6: detected capacity change from 0 to 256
[  896.846835][T11937] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.2084: invalid indirect mapped block 256 (level 2)
[  896.897701][T11937] EXT4-fs (loop4): 2 truncates cleaned up
[  896.903566][T11937] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,nojournal_checksum,dioread_nolock,bsdgroups,,errors=continue. Quota mode: writeback.
[  897.032570][T11951] loop8: detected capacity change from 0 to 512
[  897.850126][T11951] EXT4-fs (loop8): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  897.869196][T11951] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  897.898254][   T26] audit: type=1800 audit(1743726538.836:122): pid=11950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2086" name="file2" dev="loop8" ino=16 res=0 errno=0
[  898.196234][T11966] loop7: detected capacity change from 0 to 256
[  899.438864][T11977] loop4: detected capacity change from 0 to 512
[  902.692971][T12014] loop4: detected capacity change from 0 to 512
[  902.935386][T12018] loop8: detected capacity change from 0 to 512
[  903.269456][T12014] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  903.378664][T12018] EXT4-fs (loop8): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  903.397654][T12018] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  903.442879][   T26] audit: type=1800 audit(1743726544.386:123): pid=12016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2099" name="file2" dev="loop8" ino=16 res=0 errno=0
[  903.528051][   T26] audit: type=1800 audit(1743726544.476:124): pid=12014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2100" name="file1" dev="loop4" ino=15 res=0 errno=0
[  903.793302][T12036] loop6: detected capacity change from 0 to 1024
[  903.914457][T12036] EXT4-fs (loop6): Ignoring removed nobh option
[  904.137373][T12036] EXT4-fs (loop6): Ignoring removed bh option
[  904.358454][T12036] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  906.558154][T12036] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,nouid32,max_dir_size_kb=0x00000000004007b1,noblock_validity,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  906.909994][T12054] loop8: detected capacity change from 0 to 512
[  909.061931][ T4237] usb 7-1: new low-speed USB device number 6 using dummy_hcd
[  911.147582][ T4237] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  911.167635][ T4237] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  911.202906][ T4237] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  911.239965][T12104] loop7: detected capacity change from 0 to 512
[  911.252002][ T4237] usb 7-1: New USB device found, idVendor=056a, idProduct=0326, bcdDevice= 0.00
[  911.277555][ T4205] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  911.291806][ T4237] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  911.317850][ T4237] usb 7-1: config 0 descriptor??
[  911.367360][ T4237] usb 7-1: can't set config #0, error -71
[  911.374521][ T4237] usb 7-1: USB disconnect, device number 6
[  912.231388][T12108] loop6: detected capacity change from 0 to 128
[  912.386063][T12108] attempt to access beyond end of device
[  912.386063][T12108] loop6: rw=2049, want=1041, limit=128
[  912.402876][ T4205] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  912.437369][ T4205] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  912.511067][ T4205] usb 4-1: config 0 descriptor??
[  912.668111][T12107] attempt to access beyond end of device
[  912.668111][T12107] loop6: rw=524288, want=369, limit=128
[  912.805987][T12108] attempt to access beyond end of device
[  912.805987][T12108] loop6: rw=0, want=153, limit=128
[  912.817016][T12108] attempt to access beyond end of device
[  912.817016][T12108] loop6: rw=0, want=153, limit=128
[  912.830615][T12108] attempt to access beyond end of device
[  912.830615][T12108] loop6: rw=0, want=153, limit=128
[  912.841407][T12108] attempt to access beyond end of device
[  912.841407][T12108] loop6: rw=0, want=153, limit=128
[  914.022971][T12134] loop6: detected capacity change from 0 to 512
[  914.141951][T12134] EXT4-fs (loop6): Ignoring removed bh option
[  914.245620][T12134] EXT4-fs (loop6): mounted filesystem without journal. Opts: resuid=0x0000000000000000,bh,resgid=0x0000000000000000,,errors=continue. Quota mode: writeback.
[  914.278864][T12134] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  916.328583][ T4205] usb 4-1: Cannot set autoneg
[  916.333410][ T4205] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71
[  916.356682][ T4205] usb 4-1: USB disconnect, device number 58
[  916.610820][T12167] loop7: detected capacity change from 0 to 256
[  916.648525][T12166] loop4: detected capacity change from 0 to 512
[  916.736378][   T26] audit: type=1326 audit(1743726557.676:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12168 comm="syz.6.2131" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f074fcaa169 code=0x0
[  917.686220][T12179] loop4: detected capacity change from 0 to 256
[  919.080383][T12179] loop4: detected capacity change from 0 to 512
[  919.256303][T12202] loop7: detected capacity change from 0 to 512
[  921.184870][T12202] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  921.240814][T12202] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  922.219509][T12230] loop4: detected capacity change from 0 to 512
[  922.253783][T12232] loop3: detected capacity change from 0 to 512
[  922.273056][T12195] ------------[ cut here ]------------
[  922.287761][T12195] WARNING: CPU: 1 PID: 12195 at arch/x86/kvm/x86.c:10346 kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  922.318761][T12195] Modules linked in:
[  922.322919][T12195] CPU: 1 PID: 12195 Comm: syz.7.2139 Not tainted 5.15.179-syzkaller #0
[  922.386361][T12195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  922.401538][T12232] EXT4-fs (loop3): quotafile must be on filesystem root
[  922.573563][T12195] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  922.581243][T12195] Code: df e8 51 e8 ba 00 e9 e5 fa ff ff 89 d9 80 e1 07 38 c1 0f 8c 26 fb ff ff 48 89 df e8 37 e8 ba 00 e9 19 fb ff ff e8 0d f6 70 00 <0f> 0b e9 e0 fb ff ff 89 d9 80 e1 07 38 c1 0f 8c 63 fb ff ff 48 89
[  922.614657][T12195] RSP: 0018:ffffc9000306fc60 EFLAGS: 00010287
[  922.643394][T12195] RAX: ffffffff810fa6b3 RBX: 0000000000000000 RCX: 0000000000080000
[  922.734335][T12195] RDX: ffffc90005aa1000 RSI: 00000000000003fb RDI: 00000000000003fc
[  922.767451][T12195] RBP: dffffc0000000000 R08: ffffffff8116c692 R09: fffffbfff1c153f6
[  922.817484][T12195] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88802150d940
[  922.825660][T12195] R13: ffff88805e38c000 R14: ffff88805e38c0f0 R15: ffff888064382000
[  922.988726][T12224] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2145'.
[  923.227737][T12195] FS:  00007ff0783336c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  923.271083][T12224] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2145'.
[  923.387277][T12195] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  923.398995][T12195] CR2: 00007f074dad0f98 CR3: 000000007844c000 CR4: 00000000003526e0
[  923.444492][T12195] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  923.479762][T12195] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  923.520716][T12195] Call Trace:
[  923.535781][T12195]  <TASK>
[  923.562835][T12195]  ? __warn+0x15b/0x300
[  923.616512][T12195]  ? kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  923.657376][T12195]  ? report_bug+0x1b7/0x2e0
[  923.684674][T12195]  ? handle_bug+0x3d/0x70
[  923.715596][T12195]  ? exc_invalid_op+0x16/0x40
[  923.749787][T12195]  ? asm_exc_invalid_op+0x16/0x20
[  923.785431][T12195]  ? kvm_lapic_hv_timer_in_use+0x62/0xc0
[  923.810860][T12195]  ? kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  923.835933][T12195]  ? kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  923.892153][T12195]  kvm_vcpu_ioctl+0x7f0/0xcf0
[  923.935738][T12195]  ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0
[  923.977083][T12195]  ? __fget_files+0x413/0x480
[  924.006459][T12195]  ? bpf_lsm_file_ioctl+0x5/0x10
[  924.045419][T12195]  ? security_file_ioctl+0x7d/0xa0
[  924.070590][T12195]  ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0
[  924.099010][T12195]  __se_sys_ioctl+0xf1/0x160
[  924.121122][T12195]  do_syscall_64+0x3b/0xb0
[  924.138209][T12195]  ? clear_bhb_loop+0x15/0x70
[  924.158888][T12195]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  924.194300][T12195] RIP: 0033:0x7ff07a4ca169
[  924.215701][T12195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  924.329771][T12195] RSP: 002b:00007ff078333038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  924.372132][T12195] RAX: ffffffffffffffda RBX: 00007ff07a6e2fa0 RCX: 00007ff07a4ca169
[  924.413925][T12195] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  924.455208][T12195] RBP: 00007ff07a54b2a0 R08: 0000000000000000 R09: 0000000000000000
[  924.472113][T12195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  924.482741][T12195] R13: 0000000000000000 R14: 00007ff07a6e2fa0 R15: 00007ffc08ef0268
[  924.514661][T12195]  </TASK>
[  924.520700][T12195] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  924.528021][T12195] CPU: 0 PID: 12195 Comm: syz.7.2139 Not tainted 5.15.179-syzkaller #0
[  924.536285][T12195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  924.546358][T12195] Call Trace:
[  924.549635][T12195]  <TASK>
[  924.552584][T12195]  dump_stack_lvl+0x1e3/0x2d0
[  924.557277][T12195]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  924.562952][T12195]  ? panic+0x860/0x860
[  924.567017][T12195]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  924.572654][T12195]  ? kvm_arch_vcpu_ioctl_run+0x1cb0/0x1f80
[  924.578458][T12195]  ? kvm_arch_vcpu_ioctl_run+0x1cb0/0x1f80
[  924.584285][T12195]  panic+0x318/0x860
[  924.588182][T12195]  ? __warn+0x16a/0x300
[  924.592337][T12195]  ? fb_is_primary_device+0xd0/0xd0
[  924.597544][T12195]  ? kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  924.603364][T12195]  __warn+0x2b2/0x300
[  924.607345][T12195]  ? kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  924.613141][T12195]  report_bug+0x1b7/0x2e0
[  924.617478][T12195]  handle_bug+0x3d/0x70
[  924.621668][T12195]  exc_invalid_op+0x16/0x40
[  924.626172][T12195]  asm_exc_invalid_op+0x16/0x20
[  924.631021][T12195] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  924.637435][T12195] Code: df e8 51 e8 ba 00 e9 e5 fa ff ff 89 d9 80 e1 07 38 c1 0f 8c 26 fb ff ff 48 89 df e8 37 e8 ba 00 e9 19 fb ff ff e8 0d f6 70 00 <0f> 0b e9 e0 fb ff ff 89 d9 80 e1 07 38 c1 0f 8c 63 fb ff ff 48 89
[  924.657058][T12195] RSP: 0018:ffffc9000306fc60 EFLAGS: 00010287
[  924.663153][T12195] RAX: ffffffff810fa6b3 RBX: 0000000000000000 RCX: 0000000000080000
[  924.671124][T12195] RDX: ffffc90005aa1000 RSI: 00000000000003fb RDI: 00000000000003fc
[  924.679121][T12195] RBP: dffffc0000000000 R08: ffffffff8116c692 R09: fffffbfff1c153f6
[  924.687092][T12195] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88802150d940
[  924.695079][T12195] R13: ffff88805e38c000 R14: ffff88805e38c0f0 R15: ffff888064382000
[  924.703073][T12195]  ? kvm_lapic_hv_timer_in_use+0x62/0xc0
[  924.708728][T12195]  ? kvm_arch_vcpu_ioctl_run+0x1d63/0x1f80
[  924.714552][T12195]  kvm_vcpu_ioctl+0x7f0/0xcf0
[  924.719231][T12195]  ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0
[  924.724890][T12195]  ? __fget_files+0x413/0x480
[  924.729571][T12195]  ? bpf_lsm_file_ioctl+0x5/0x10
[  924.734510][T12195]  ? security_file_ioctl+0x7d/0xa0
[  924.739620][T12195]  ? kvm_clear_stat_per_vcpu+0x1f0/0x1f0
[  924.745250][T12195]  __se_sys_ioctl+0xf1/0x160
[  924.749845][T12195]  do_syscall_64+0x3b/0xb0
[  924.754281][T12195]  ? clear_bhb_loop+0x15/0x70
[  924.758955][T12195]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  924.764843][T12195] RIP: 0033:0x7ff07a4ca169
[  924.769252][T12195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  924.788851][T12195] RSP: 002b:00007ff078333038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  924.797266][T12195] RAX: ffffffffffffffda RBX: 00007ff07a6e2fa0 RCX: 00007ff07a4ca169
[  924.805247][T12195] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  924.813211][T12195] RBP: 00007ff07a54b2a0 R08: 0000000000000000 R09: 0000000000000000
[  924.821174][T12195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  924.829144][T12195] R13: 0000000000000000 R14: 00007ff07a6e2fa0 R15: 00007ffc08ef0268
[  924.837128][T12195]  </TASK>
[  924.840483][T12195] Kernel Offset: disabled
[  924.845155][T12195] Rebooting in 86400 seconds..