last executing test programs:

14.842323582s ago: executing program 2 (id=832):
r0 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x3)
r1 = syz_io_uring_setup(0xf02, &(0x7f0000000080), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x1c3c, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r4, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)

14.736091361s ago: executing program 2 (id=833):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="7c00000010000104000000000081000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000005c0012800b00010067656e65766500004c0002800400060005000a000100000005000c00010000000500090001000000050009000100000014000700fc"], 0x7c}}, 0x0)

12.89928091s ago: executing program 2 (id=838):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000003c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYRESOCT=r0, @ANYRES8=r0, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16=0x0, @ANYBLOB="4599"], 0x1, 0x701, &(0x7f00000009c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeeF1uOF6/lIClFNqVR+rj3kFNP6UG30ENJ74b23BAo6VHHQCGXnHRTmdmZ3Vlptbuy9Yrz+4mZ+Wa+x3zzn52ZfSC+AL6xlmej+iSSWJ59czNd39leaI1tL0zm2a2ImIiISkQ1Ikk3JauR5d7Kp/h25Dml5QEfNpfe/vyrnS/aa9V8yspXBtXrY+Lgpq18inpEjOXLg8YPafGT/bvvae/2oe2NKukcYRqwa0Xg4i/P1Co8s70Dtjp5H/8nm3fK9Kl+lOsWOKeS9nMz173UZyKmI2Iqov3Uz+8OldPv4fHaOusOAAAAwFHVjl7lhd3Yjc24cBLdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdVPv5/kk+VIl2PpBj/fyLfFnn6HBo+EOJnk+3lk5PvDAAAAAAAAACcuFd3Yzc240Kxvpdkv/m/VvqN/1vxXqzHSqzF9diMRmzERqzFfETMlBqa2GxsbKzNZzUjLg2oeTM+7VPz5uF9vNW7mhzHcQMAAAAAAADAOTY1JP/++MFtv4/l7u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHiQRY+1FNl0q0jNRqUbEVFFuK+LTiJg4294eSdJv45PT7wcAAAA8k6ne1WRqhDovvB+7sRkXivW9JPvMfyX7vDwV78VqbEQzNqIVK3En/wydfuqv7GwvtHa2Fx6k08F2f/rlkbqetRjt7x767/nlrEQt7kYz23I9bkcSe5lK3srLO9sL6fJB/359kPYp+UluQG/GSuk76ezqJ1n6z73fIlSPdIgj2t9o5dCSM1nueCcic3nf0hoXiwj0j8TQs1MduKf5qHS++bk0eE/9Y/7B4L1P7yvV95ubM7E/Ejej0jlDVwZHIuK7//j41/daq/fv3V2fPT+H1Nf7Q0vsj8RCKRJXn6NIDDeXReJyZ305fhG/itn4cvKtWItm/CYasREr9SK/kb+e0/nM4Eh9Nl1ee2tYT9Jrst65f/XrUz16+hT1+HmWasRr2Tm9EM1I4mFErMQb2d/NmO/cDbpn+PIIV31lhDttybXvZYtOmKJ2eNm/jdbkcUnjerEU1/I9dybLK2/pRunFvlEqnnWjP49Kqt/JE2kLfxj4fDht+yMxX4rES4e9Xtoh/eteOl9vrd5fu9d4d8T9vZ4v0+voTwOeEifymB4oPcMvxlR+cBezeZJdU3NZ3kudXhXx+m8zYj7Lu9RppfeJm+Zd7tRrX6m/jIdxp+dK/WEsxmIsZaWvZKXHDzyx0ryrnZZ67+FpXvpOq9r5Yaf8futhtNrvhyK2vva3bYDn2fT3pydq/6v9u/ZR7Y+1e7U3p342+aPJVyZi/F/jP67Ojb1eeSX5e3wUv+t+/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7e+qPH9xut1spa/0Slf1YyuFajtVcMJDagTE8iyYfKGaFwsv7o8d7QBgcnJvPuPWX140wUozUOL1w/wW4kW/vP19Twc1GM8jTCLpJ8mMrSSysinrrPxZ67W8bPwancn6gfuVb9wHHlieIFWyp89Fdvrd/5GouIfoWH3DjGjuHmA5ypGxsP3r2x/ujxD5oPGu+svLOyOr64uDS3tPjGwo27zdbKXHteqnD6o+oBJ6T8dqJjIiJeHV53wECtAAAAAAAAAAAAwAk6jf+FOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7elmej+iSSmJ+7Ppeu72wvtNKpSHdLViOiEhHJbyOSf0bcivYUM6XmksP282Fz6e3Pv9r5ottWtShfidg6tN6gNru28inqETGWL59BT3u3h7c30U1O9slOOkeRBuxaETg4a/8PAAD//9qm8z8=")
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socketpair(0x15, 0x0, 0x20, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x5)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0xf}}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000004c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f00000001c0)=""/100)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20})
ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000000308010800000000000000000000000006000240000000001400048008000a400000000008000940000000000500030006020000"], 0x38}}, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000080)=0xffffffffffffffff, 0x12)
clock_adjtime(0x0, 0x0)

10.128497866s ago: executing program 2 (id=846):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x91905a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000dc0)='./file0/file0\x00', 0x0, 0x1145d10, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000340), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r1, &(0x7f0000000600)={0x2020}, 0xffffffb5)

9.859170448s ago: executing program 2 (id=850):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
prlimit64(0x0, 0x2, &(0x7f0000000040), 0x0)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x8012, r0, 0x0)

7.379492989s ago: executing program 2 (id=861):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x655e, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x3c}, [@initr0]}, 0x0}, 0x90)
r1 = dup2(r0, r0)
setsockopt$inet6_int(r1, 0x29, 0x4a, &(0x7f0000000580)=0x7ff, 0x4)
write$tun(r1, &(0x7f0000000040)=ANY=[], 0x46)
recvmmsg(r1, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}], 0x1, 0x2000, 0x0)

4.081661858s ago: executing program 0 (id=885):
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000580)={'#! ', './file0', [{0x20, '/proc/sys/net/ipv4/vs/cache_bypass\x00'}], 0xa, "15bf3158f3b4c5beaa8a9ea511953cef08b81dedc6989a86c441759f9143160456a26319d35748b0fa16e646523ab5bd24785a1acbae1d23a93b9e51"}, 0x6b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020000000900010073797a3000000000aa000300"], 0x1e4}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x7fff, 0x0)

3.925514351s ago: executing program 0 (id=886):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d4c0ff000000000000290000003e000000", 0xfe60)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000280)='2', 0x1}], 0x1)

3.827147399s ago: executing program 0 (id=887):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x0, &(0x7f0000001000)=ANY=[@ANYRES16=0x0, @ANYBLOB="5df049e7c8fb4977eb885edfaf66b1bbdfa4f8b352df455d6fb7d69d490db6a85f6671040c16e22d769bbad51f865f49094613f7c4572d008311fc7c6596fe3e8d315e45ad342f2a054f70eac0e46c703017033489750102c2f4872e0d60af224c98d13b3edf114d046e23ff412edfae9f3518ef6a28a37a7823e1355dc335", @ANYBLOB="d0f840cc8c1c1e310d6e393531bdcbb4adb9bec0f219963d340de5fac104e89fef4ae6c9a02d4bd8bf2e9f2f733bfb4b5045b2472c9f55f1c1c3e60e717b034250633ba6d3abdfc29926321ccd43a34040f4c7f7ebaba751f610dbed1b20b1900c707d9325fe69a61237d31512e0b4644c76e89ec3a5c3db005794aa9b7a810117c82e43c66757d0f9398274c1f1473f4fd0b85144d6bd41996e7c28725e421b75a4d806e1e1ada5f717e8e7aed946a8e44d3124641ec785bfe07fbbdf8de2011588af5bbedba7034ff9e2164ab2be5224acb0fb4b35105620111e6b22ba02775f4a848f762c165c702b8cddb4ecc1278604b55f81be43b56429da93a8982182387d8c658b971e619cd6b69299c8bddb23c94de26c54a68e4ab113a3492e700ae9efae2f7885ea863281b43c5443a44e9098640b2a8a7267b2edb0e56df7effd0d762a0e87b5e357b8d7c0b88b4ca1859c00d1dd061b2b73bdbeae7be52456452e47819047d79893c4bb669d6982565eac923631257858ede56727a44b1a33217a1fef8cb9c71b36031d7bfe4b67ad76a23368c4a519ceb9d765d5407cf49f1474d46c2bb3b61362927e52462549f6ca3e18525997c01673d2007c942274c355ad425fad20ea555fddbb8abb1975ade23695820472e53fcefe594ada89271a46bd1d2051c7302b35cc348fe629d69c027da005305d2b12f3b2a75904f1fa0c6974f60d70d899f9df3cbd7a838708086ce054490b82014206eae26a31f46189f3b2222ad6d2c1a52e16c4103edc282afb2b92461f8cb87a21bdc0da13b6666210026c0cb1fa5ceca44341aa3d522c94992c1b1c909c3c9e46c034a3160f9d1e727dddcc5df9244d38e2f6f4e038b1d803ffed0773a9de14cca0aab627a2512245a9925cd65f7151181c85969ae0476683672c661b2b0fb9dcf9ea2bec7a4ea9fed9deda3c7085db68df0982a2841f34df083ccb57d65a0809736d6b6d67d6d9033abbab7758006629aba6168f74d7d810cb95e12352e3c555b7716526369b77c5aa65d8496ccab5380780cd0ccbd0666916756e64278471c5a3495d02446cf112a755a6e7120ad1090a9b8e07de37a3f0b7a61a718e9f1fb9bfbb7859106a091ef48faf08e6290491ffccf9b4e3b3b3aea0621e750be318c540353032f9df9f8a45af22bc4ca214eb4c499e8f00778de914b8cb8d703d1150ce1dd453d573afcc17b981a728bb9e3a1d76c73ddecc78423ccabf39b2a0b398eaf69a3e0ea8bcc2f3ad1d80f99464474e54e70a6b46a0b3de0d9d8661d1d80305cc6a0391cf4573f9913beed00f6771b4baa3b6391cd446feabbbe0589cf899268e8468c7db65632789cc132e6feeccc4da0ad4f0bd35859571edd1f0b1ed4c91d34b61a9a7f95330bb219aeb6d19c9723370b18de31119f913297e623b838c9edcc14a006ae5db3d82a0221b3be70343f58f824b3b37302af9af3da8297ea409872fb07ca28d503317533a5ce3fffd744a7792cfbd4c40b3779422ed26f803ea4aa682dcfef970cbc0b3e5a63618e5fad01b5a0996e11d2a4be07fe85e96c692a64d8f890ce101df2228a327691d4d0d48a05c5bdee08f2060c504a86ac2881d87a7bb9e68c02a6466a092fb57ceca5dfa34766638a3e75539cda93874b5220828689d70cd56a31febbf98e24d751c44b00abc302569728e1622d72a6e5627a558d0b254588e5123cb08b505a5d4db901a6ebd19a0de64502ffd75f1433b8e777a01ad261303de17f2484c4241ca0ad1276d2ba90f2b608097d64da9a44a13b49e1feaff37e1ebf8d34f9a033ea36396207f466a354aed1709da777d23445a70ae62f659243e72ecd671083e0f532a4a1f16a48854b258e6143ba61e2139b76eda70ad2d4783f6a58cc000eca35eff84b856725342670fe63a24db6a17fbbb2e58d25fc6fba88872d133f38ab967a16221ad2bc72cfd98a7fa93b7434723dc0986a2b1c665fdd41ed069ac2dadfcc154163c8b6e5216608d82dcac75141c0fff8d2d2d5505c2e99777f6194c4d5f026ba6b86914fdb76b5bea792fd5f49d43391903e030e0f2802c10bd4b93c9a9749e6c95ae7ecc9aca1ce305ba55b93dbfd12a587c65d563d2116daff60a568b89e35e846cf3c6c6e1ecb578a91d1b44cfd63c2bfffbee8225f2bb85a75d1015ffcd57555907d47ee096b3b4a736fcd7c9f11b894721cf987177e31c08e66bf009357b8353b48eaad4e3d9a761b92c5be4fd9581c04c81a8e31308ae261437ebabeadf8bfe903e617c0acf0a223c702ffddc450257dd381ea592875d4016521b3fb1beda1e9bfd2cd382220fdb1c085e712891d22acd547c31b0fb34f09a434498268018716f12a5b14cb3f256d226b0e70cfb99188967c3e121416882e38df917df1ae737c43722ed3578f6de77e214f2a8b9364176f5ff968d848ea099f341ab8cda755ebe107012e0f11465b65552c7fb452834163ff7ff31bd75001224839aba06a1bfb509bdb80bde17e86abf7893b24cfcf53a4a6ae5cdab4d5bf79237897fe1f85c256460113c1593b016b438bb579d09a9b19525a2ac9e69ba4d0bd767e45fd8a3e80033e8a174590d4c21f967843628aa66b76dc2c62c25eaa283362d0c6bc12bcf78e2287aea5558ca5f4b9f4a0aca8b357229594f596a0d60dfd3c51e5c8c6c8c282635ae6cfeda635bad8bee13b53443d96f18a9f32a4dea7033a9913e365a7f80ad6245eba25212d4fbb373972d45b9f2094b3d0db3def93025349f636eec5af177a91c461cd39ade48276fb17aad326cc095be686b8098df83761356e5fe6d748ea790213bd2e7bdd04a312e8c3bc3bce58fe24a9d4213b217a7dd37d196862ca084820d69ea152f338227e734f7c478f2542f02f76335c9c2e43a6ab511f2f1b6c5d046db234f94d671a282c2283d18e48c22f9602679bf28d627ed4c88764c604285b159bf738acaa9923ddc3d784bd24556506a6363d7abddc609a31c702c9959773fd64206e6530d69386bbc19529dd5e30091b368df5e18f69f64d160b453bf0d0301a00a38a9c4e1a7a3ae3b249a9d19cb75e5465364e206716769c3edad53f15054e4794654303f13fe82dc2764c06af411b68afd7fe692fe95be841a6e131b4830ef4e292e027aa1ba4b2579960a3079863325b51ef9e54acf15aa5f3f42b8cd448889f650ac08e680b352eaa53ea3c511d6152c55f6ca49a0fb4e696d3142d4a06f68c39a24a2764f5bfe4a0ec2c6ea904c780e46139d0f1ef82ee76527cd26e06f454abc6b9e71ab2c06f28843495ee67516913f624c17e18139ad2ac57e375f177ccc86241b502263c86d4b92fffbb16be3f72585af33fc92473603de246d39d423dc6a5e29c3fede67da126705c59bcdd53d70d3ee629491207a64daea77b0a768a09ab6b6004915678556ff5e76bd4eace1a08d24b94a8bae6f0d3b1172d9c2073fbae8192f1bcd2130af737f173af668b073619b003ecefabe4fdfabc04cdc15d59dcaf05c8acb31ad73bd6d855590cf22ef4c5e070d46734bae45772f54e98ed2400c0d9a7e12ee1977e835e21a2ef8bca0e2eb3e400034ff4deb29451823aa11dfc88ef88f59ed57b5aa3ef6b39aa08ef839871163aa4c76f42b08e2be2a2bc036b6c517bc5164ee7d239039a7784ec9c0d0c1846f19a0949919658530ce32e6dc7191d853a53d1e3c0d0f1b7972c99373645bede7a88f68f2cda068e6c69b177a4c6ce32ac10a398b33e01cd06e9ee5c1a4c8dfd4f1cf1da0e2ade1e9ea62acaf1256b18ad1a9040786d34b9d2a679076c2a30288bf62c7c8dcb0b83531d9778b32ca01f7c3d681b4638c7bd63d99b21d81f2bc4c8cfabb8927b2565a40ddbbbddd9907bc5821989333df3c74b5bb74ee9469542dea7f846d80c16f265fc978e7d0f301b5496b0ee8c711ec159a3cf3b5477d740442009c6d693989c694754deddff6eac11d2798c0b8df3bfba3212af771c723b613735b6bd0f26ee601c3ce9072db425c8824e38025a58e16e3df49ba1c01952d67b0a43035f0d4c1316f9f75c9b64237c10446d33ddf765b46fa87dda7bb32d3a10faa507ee1b08be23564b716dbab48e5f39e2ab8b830b55ed5e12a175c8bdc58a86f61585ac18b16b85a515f15740cdae35861ea419456007ca20ffb2a3732c47fd3ca85bd326219f7edb49213c566502dad59c7d862241928fefc3a66c6943ef9da5fd8d1c550fa1904104744f09bb3670c228fed4d23307e4d8eac3f2e98ddd385727eaa90e4dc56562aa494b26a9570d684ccf77ebdd24169050b893d8d63b87849f93aeaae1cdaf7dcce7799422572b00fec8074802f44e9ae89e035b8bbdb77786b792c171179bef4e8ce52eee7c1e719d95548ffb524b21aef79e889d0d4d229f754f977a4b62055c8b77fa71b81278d65180b03baee0f816007f7436cc15131fc82f79a0657da506b9f4a8bc0f9c4558f74954a2b712d9d3f273e56955be7ca339b765be01f0b98f02f19dc40472693f291013ad9df792a13e3858ead6f7d71c66f726388e65813a0d37ddd6fe2bbe0d9a137a42cad6a521080fa6ef6b91f7bf930be29bf31a24b691e90879e78850d40f5a234efe0daa8d92718e26bd007efcf70d63886dc2e60e55dca0041e1db0b46ca48bb4b6dcd19cda71c72cc5c38b334852daf9649cc9cd00d800164e46ddcd575112748cff778ce8bc3263ce0fcd7c242dbb55dea02c648909c8dd9546faa58a8eee2d28567525e3dfc3d6e6c2f67da487ba8c92d0b820ef12e32f4debc9a3be46a93b4976c68d33dbbc1a8b7ee91c6efdf9f7808dbef774bc8146a05810a11377e9bbb304e4c178f565eff1c659447fe5a970dfa02a0788183c77a79dc0c6fc1b1593a29da2799855c808de5775b83c65333a9785542e1551b4692f342ba503dcbb85e10c400ced2a71fec19323ac28a2c19da9065802dbcc8df6194e4d8332ae51cffa15cbaa7f4fae9300edadd680180b8ed49313abe4e33f3c5c331f23064c7d6b528eb298a1c8f8e7f14ac61c9782c61b23921602c930e6d9f7ab6008b97a946d89546070397a2bffb3e4445ad9bc50b414ce03ebdbf26768d49038bc510660b34ab79ae05762879615fc6ed55e88cca3829af0ce611a791ae45f0fb5f58054ee93333170c4c7e92ea6c28b6d52593866dac733adf6c80e13458c7db123a6f0ee462b764cfac0384efe17ded833e4e8f147a25361a6a7e3d1fe6353eea90fe10bbc014f11a610a549b4da3d461683956105b7fa3df192c7702b572dd748ec90e21b9fab64ad8988707e4253f3d48d8d1103860309f195e6819b16ec2ae57d4588b082ea4a76c135e3b495f1774a985c63c0a394ce9c0d13b3156a1cc6f693b5a986674441e44dce0634335f861a2c74fbd0e3c8cfd08fafe713bf58602001d590f1c8b32e026020426bff5b03149c169777ae0af26931e4137804c843b50cfb5eb1cf5b965d5a192479538d3fc9b49ece7620b5e0cd076695b3c6a0db79da4d83806437db4038374eee6f825808c089c98b6d004248c4de2775748fd2be64ddb55652541c6a292bcc23030891eedefcdf9e628fff46c3addd85f8cd595712021157ccd837316a7eda94e4e10866638c73ec64223e24993fe3358e8deb8cbfceeed7cc352e09adbd52ff04638cd532e4217fca9720113ec038c89ee3677bbe494025f8478bff5775d847f46b6c009eee2528da9a6262b338dd81855ced92603c0f01632d2d145415e21a8b22592c39ce5d3eea9559a398a6ed4a6fe8536", @ANYRES32=0x0, @ANYRES8], 0x5, 0x7e1, &(0x7f00000004c0)="$eJzs3U1oHOf5APBnFNmRlf/fhLS4xjjOxEnBBkdZyY6CyCHZrEbyJKtdsbsKNqUkppaDsZyEuIFahzq+tLS0hJ56THLopT2VXloKLbTQ9lRor70FAj0kLS300BJQmZmVJVlf/pA/SH8/Yc07M+/M+7zvrufZkTQzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABE0pis1UaTaOatuVPp5hqTnfbMFuuX9/frNZMt2o1Iin8xNBT7q0X7v7iyel/x7XAcrOYOxlAxGYrFh/Y9/NwXBgeWt98ioJ02uNHCS5cXL5xZWJh/+y4Gcgd895drZn80HDc4stNZK++285n6dJbm3XY6MT5ee/rkVDedyptZ93S3l82kjU5W77U76ZHG0XR0YuJ4mo2cbs+1pifrzSwdrBY++9RYrTaevjQym9U73Xbr6ZdGuo2TebOZt6bLDYvVRZ1nizfiy3kv7WX1mTQ9d35h/vjakPasC7KoNLpmyWdLq+cOPvnwx+989M/z82PbdXesNjY2Ojo2NjqeREStNriy4JmJZ56t1QZr14l1Ne7qm5b70A4fweHWDfTzfzQjj1bMxalIN/xqxGR0oh0zsfIGXr2+bzn/f/npv/1xq3bfW5X/qyw/cHD/yuoDUeb/Q9Xcoc3yf9X27gc3iflOfa30/1JcjsW4EGdiIRZiPt6+I+0lO7evgZ2NbDqyaEUe3WhHHjNRL5ek/SVpTMR4jEctXo2TMRXdSGMq8mhGFt04Hd3oRVa+oxrRiSzq0Yt2dCKNI9GIo5HGaEzERByPNLIYidPRjrloxXRMRr3cy7k4X4778evi2vfN137x+p8+fr98tZYrjW41xO9GlJX+sUWldclc/uemRcRvd+rwDbdlaTn/AwAAAJ9bSfnT9+L8f1c8Wpam8mb2lW22Giy+vXt3IgQAAABuV/mb/4PFZFdRejSS4vy/trbST3bdm+AAAACAHZGU19glETEcj1Wl5culavc6NgAAAGBnlL//P1RMhiOulAuc/wMAAMDnzCs/6xeuv8f+R8v32B2YfTD51d+j09mVnPjg1JPJxXpRr37xgWq7/uSVa3vsTR1Ion9DwXJf44OLDxXzg43sYLJ889zPHqymn5bfDwxe23xtHC/sqZYmSVIEcHV20wBiTQB7+724FkA5F9+Lx6s6j5+tpmeX11S9HZ7Km9lIo918bjTq9b0DvexU7503zn8jyu5/pzWzN4lz5xfmR7725sLZMparxV6uXuz3d919FLeIZak/AvHo+rsbF7vaVV6I0W93uGq3trr/A5f2FoWBm2jzW3H4/8o6h4erusNr+z9UtDk6slnvh6v+ja7r+eD6N1YVxen+3HVRPFEtfeLIE9VkgyjGtoqiGIux1VH0B+HmxmLDKOLhiHj/8Sun/vW7dpId3y6K47cZBcC9cq6860+Rhap0VGWh/yxVivzf6ezaHWvyTrXBjR7lkrKVbZ7kc+PZ/d9LWxzRj1R1jlSfJwYPbJBXahsc0d86/9bv+0f0Ez/+4QdfPfSHn95yXh9arrJnufDIbx4aiDKKPf0oFvtrOruS71/LJFVW/bBY/uGm7XabY0kxhA98/eJbse/S5cWnzl888/r86/NvjI0dH6+dqNWeSZL+i7dUfmKQewDYwOE4VCXyTZ+xs8lTeMoPAFXuPrHVWfUDkTxy7U8Kipz4ZizE2ThWXm0QEY9t3O7wqj9DOBaH+8FufNY6vOoJL8e2ObfcHdGvO7Zt3eFVj5dZ8aUf3MnXAwDuhsPb5OFN8/+qc/dj25x3r83lR6u6R5cj2DyXR8Tzd3c0AOB/Q9b5NBnufTvpdPLZV0cnJkbrvZNZ2mk3Xk47+eR0luatXtaJwXprOktnO+1eu9FuFoVX8smsm3bnZmfbnV461e6ks+1ufqp88nvaf/R7N5upt3p5ozvbzOrdLG20W716o5dO5t1GOjv3YjPvnsw65cbd2ayRT+WNei9vt9Jue67TyEbStJtlqyrmk1mrl0/lRbGVznbymXrnakQ052aydDLrNjr5bK9d7XC5rbw11e7MlLv96957PdoAcH+4dHnxwpmFhfm3b63wlxupvHnrQ24sDAD3wEqW/uT/r1/nh+8AAAAAAAAAAAAAAHB/uM3r/9YX9uzsDoe2qrN0JWL9qmRpaekmmtgT29TZ3R+qHR6ou1K4uiP7GYiNxvn+KSSbr3rt+ecvbLb5i1f2n7yxJrb9nzIYEf1LXd/9ZPfP36tWvXBL3Rm4+a3+HBG30NZSskWde3tcAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICN/DcAAP//jRtoaA==")
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[@ANYBLOB="20000000020000001d"], 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000180)={0x0, 0x0, 0x14, 0x10, 0x1ba, 0x0})
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x6000, 0x0)
r3 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_RESET(r3, 0x80044d76, 0x1000000000000)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @remote}, r2}}, 0x48)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21}, {0xa, 0x0, 0x0, @mcast2}, r5}}, 0x48)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000001400791048000000000079003000000000009500f400"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x21)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90424fc60100c034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)

3.143504944s ago: executing program 1 (id=889):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000000)="480000001400190d09004beafd0d36020a8429000b4e230f00000000a2bc5603ca00000f7f89004e002050da742dac0000000101ff05020003000200000000000100000000005839", 0x48}], 0x1)

2.405284864s ago: executing program 1 (id=891):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000023000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xb, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.33068395s ago: executing program 1 (id=892):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000003c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYRESOCT=r0, @ANYRES8=r0, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16=0x0, @ANYBLOB="4599"], 0x1, 0x701, &(0x7f00000009c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeeF1uOF6/lIClFNqVR+rj3kFNP6UG30ENJ74b23BAo6VHHQCGXnHRTmdmZ3Vlptbuy9Yrz+4mZ+Wa+x3zzn52ZfSC+AL6xlmej+iSSWJ59czNd39leaI1tL0zm2a2ImIiISkQ1Ikk3JauR5d7Kp/h25Dml5QEfNpfe/vyrnS/aa9V8yspXBtXrY+Lgpq18inpEjOXLg8YPafGT/bvvae/2oe2NKukcYRqwa0Xg4i/P1Co8s70Dtjp5H/8nm3fK9Kl+lOsWOKeS9nMz173UZyKmI2Iqov3Uz+8OldPv4fHaOusOAAAAwFHVjl7lhd3Yjc24cBLdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdVPv5/kk+VIl2PpBj/fyLfFnn6HBo+EOJnk+3lk5PvDAAAAAAAAACcuFd3Yzc240Kxvpdkv/m/VvqN/1vxXqzHSqzF9diMRmzERqzFfETMlBqa2GxsbKzNZzUjLg2oeTM+7VPz5uF9vNW7mhzHcQMAAAAAAADAOTY1JP/++MFtv4/l7u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHiQRY+1FNl0q0jNRqUbEVFFuK+LTiJg4294eSdJv45PT7wcAAAA8k6ne1WRqhDovvB+7sRkXivW9JPvMfyX7vDwV78VqbEQzNqIVK3En/wydfuqv7GwvtHa2Fx6k08F2f/rlkbqetRjt7x767/nlrEQt7kYz23I9bkcSe5lK3srLO9sL6fJB/359kPYp+UluQG/GSuk76ezqJ1n6z73fIlSPdIgj2t9o5dCSM1nueCcic3nf0hoXiwj0j8TQs1MduKf5qHS++bk0eE/9Y/7B4L1P7yvV95ubM7E/Ejej0jlDVwZHIuK7//j41/daq/fv3V2fPT+H1Nf7Q0vsj8RCKRJXn6NIDDeXReJyZ305fhG/itn4cvKtWItm/CYasREr9SK/kb+e0/nM4Eh9Nl1ee2tYT9Jrst65f/XrUz16+hT1+HmWasRr2Tm9EM1I4mFErMQb2d/NmO/cDbpn+PIIV31lhDttybXvZYtOmKJ2eNm/jdbkcUnjerEU1/I9dybLK2/pRunFvlEqnnWjP49Kqt/JE2kLfxj4fDht+yMxX4rES4e9Xtoh/eteOl9vrd5fu9d4d8T9vZ4v0+voTwOeEifymB4oPcMvxlR+cBezeZJdU3NZ3kudXhXx+m8zYj7Lu9RppfeJm+Zd7tRrX6m/jIdxp+dK/WEsxmIsZaWvZKXHDzyx0ryrnZZ67+FpXvpOq9r5Yaf8futhtNrvhyK2vva3bYDn2fT3pydq/6v9u/ZR7Y+1e7U3p342+aPJVyZi/F/jP67Ojb1eeSX5e3wUv+t+/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7e+qPH9xut1spa/0Slf1YyuFajtVcMJDagTE8iyYfKGaFwsv7o8d7QBgcnJvPuPWX140wUozUOL1w/wW4kW/vP19Twc1GM8jTCLpJ8mMrSSysinrrPxZ67W8bPwancn6gfuVb9wHHlieIFWyp89Fdvrd/5GouIfoWH3DjGjuHmA5ypGxsP3r2x/ujxD5oPGu+svLOyOr64uDS3tPjGwo27zdbKXHteqnD6o+oBJ6T8dqJjIiJeHV53wECtAAAAAAAAAAAAwAk6jf+FOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7elmej+iSSmJ+7Ppeu72wvtNKpSHdLViOiEhHJbyOSf0bcivYUM6XmksP282Fz6e3Pv9r5ottWtShfidg6tN6gNru28inqETGWL59BT3u3h7c30U1O9slOOkeRBuxaETg4a/8PAAD//9qm8z8=")
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socketpair(0x15, 0x0, 0x20, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x5)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0xf}}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000004c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f00000001c0)=""/100)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20})
ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000000308010800000000000000000000000006000240000000001400048008000a400000000008000940000000000500030006020000"], 0x38}}, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000080)=0xffffffffffffffff, 0x12)
clock_adjtime(0x0, 0x0)

2.201009901s ago: executing program 4 (id=893):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0x0, 0x80020000, 0x4, {0x5, @raw_data="439e73c82bad769c1516d4c77a5c5885be9b70b538ec45e7ba36827b0dcf53cc22c46c7ddae950c8f87629ac052d399516111996f2d568d4314f1a6a19db3bdb291cb1a830152d32b2ad880e24ae29ce49a0ba071236284d59f28276b7b6325b4fb369c2aab53751ce9ef9dea4663ae9ce4c521f2918fad161726fe27dd15cc6520d466d80c07cd248fcf58332bf0ee0e5061d4377b24a0c253e86d27c5edcd2ae36ce31344898571a1a4f7f4af1de4747103ee0bb34830f53b67d1578af4dab6f19403d8c88fd8e"}})
ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c8e1f48"}, 0x0, 0x2})

2.067548562s ago: executing program 3 (id=894):
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x2000c8, &(0x7f00000006c0)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000940)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x26)
r2 = openat(r0, &(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r2, 0x40047211, &(0x7f0000000000))

1.488894359s ago: executing program 4 (id=895):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="a44361154f3caaaaaaaaaaaa84cd6000000000283a00be80000001000000000000ffffffffffffffff0000000000000040"], 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="18"], 0x18}], 0x1}, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd3000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000640)=0x1)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.424404734s ago: executing program 0 (id=896):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d4c0ff000000000000290000003e000000", 0xfe60)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000280)='2', 0x1}], 0x1)

1.419814505s ago: executing program 3 (id=897):
syz_mount_image$nilfs2(&(0x7f0000000a00), &(0x7f0000000a40)='./file2\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0001413b6bbd9ccfa4f408c462944b1fbae1e513d8eb9dd5d9347c94eef39da916206f8793c7464fb236376d80"], 0x1, 0xa04, &(0x7f00000014c0)="$eJzs3U9sXEcdAOB56/916qyhgGloYqBAKqiT2laVXBIbyrVSb0WcqpCGCDeFhEurSqRIFTcUVPXYA1UPuSBaxKUHpApURC+RWu4oFCpVRUatQEiAUlexZ9a7Y7/uem2vvX7fJ/08+3Zm38zzrvfNPs/OBKCyaqs/5+enihBeeO35h3721kvfKUIIxxol6k3l1raGQghFy+PX3YwZtz585txmaRFmV3+m7fDwcuOx4yGEq2E6vB7qYe79R2feWFx88fqNRy5PPnfm7V06fAAAqJQfvXXr1fvee/Mbk//79dGFMNK4P/XP63F7PPb7T8b+fd7/L5rSomk7Gc7KDcTIPz8MZOUGs3oGS+obyvYzVFJuuE19A033bXacAHAQrF/XK2ozLdu12szM2nn/tpsjw8XMpYtLj1/Zo4YCADvm32dDCAtCCCGEqFKsHN7rHggAUHX5eOENruYjC7ansbfRzupfXqxt/njYAb1+/au/v+p/+VnvOOycg/pqSseV/o7SOIZ8HOFA9rit/v3Xsv0MbrGdZeMK+2W8YVk789/rflXW/q0+j3ulrP35eNj9qqz9+Tjd/aqs/SM9bke3yto/2uN2dKus/WM9bke/uiem6fd4NMtvPn/m7+n98h4PALT6r/F/QgghROXiJ3vdAQEA9p18fpyVKOXn8/Hk+fk8PHl+Pi9Qnj/SJn+0TT4AsNHcby/86lqx/n/+7Y6HS+Mu7ojp+Bbbk49H3Gr92x33tN36+2XcEgDV9uTP57/95sLiwNr8v+vnso+y+X/TXL3X4nYaL3go227M/TvdWk+tpNyh3TgoAOATpfNv2fy/d8btqTBUPH5x6fzJuD0R0z+NDI3cvv+BHrcbAOhep/P/T4XW+f9jv2Hw9kOa+wWHG+XX+gsPNPbXev9syf1zcXsypt8fGVu9f+bck0vf2/GjB4Bq+sM3D73ywR8vhbXr/+v//07X/9Nl/Hoca/dBLJD6Cen6wIbr/8db65koK3eytdzhsnKnWsvVs3JDMfJ5N/LxgWPZ49I4hTTuIfV30rjGybL2ZBNkDGflBmPcmbVnImvPhuM92dqefB6aVH89uz8f95DKTQYA2OjKU0//4LGlpfOX3XDDDTcaN/b6nQnYbSd+/MQPT1x56un7Lz7x2IXzF85fmpufPX36wfnZ+QdPrF7XP9F8dR8AOAjWO/173RIAAAAAAAAAAAAAAKBML75OvNfHCAC0+ufZEMKCEEIIIaoUKyv5ir8AAL211fX2t6uxtziff1r3IKWH7v/z5O1IxZYXW/tL1i9mJ/X69a/+/qr/5Wd3tv7G+iIdvf8NNK1UEk13V+/N35w61Vz/3YOd1B/Ccn78x7ur/69Z/V8LndW/8sus/i6nxn0nq/+ODuvfcPynuqv/b7H+u+L28S93Wn/r85/W20nL4YxlxzNeUv/fs+NPa/tt+fhHOzrchfyOd2P9AFBFtb1uwE47u5akXkLqR6d+SPP6fKFpnb2Qle+0/1/L9pOv19ettN/UD/pi3E7dnbRuYL7e4Vbbn9YnnMj2W3TYry17/fTLf5XK2r9Tz+NuK2t/vh7kflXW/uEet6NbZe3P/y73q7L2d/axau+VtX+sx+3oV0diWnY+TOefiZiXtuvZ9vgmz8WB61sAwAHxrTM37r329cHvrq3/P7zhc2f6GDgeP1Nfj9v5595kLOs7Fln5L8X0pzF9Kaa/j+k72f52979tAFBN7/n+nxBCCHEQ49VffEJ+1b//5/oCVVb113/Vj7/a7/6e/3bS6yO/jp8MtskfapM/3CZ/JMvPn6/RNvl3ZftdiVL+Z9rkf7ZN/ufa5E+1yT/cJv/uNvlH2uR/oU3+0Tb5x9rkA9CfPh9T7+8AUB3pe1/O/wBQHWliHed/AKiOT8W07Px/T5t8AKD/fDqmzu8AUCHF6KYT9W133p5N9cukmFAxaX7p9HcelwMJ98b0KzH9akzTeildLr8C7AP//8/v/nGtWJ/v70iW3+l88kWt9Zt3+fo/93XYnvz7e1udz77eYT27Vf/kNusHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoLdqqz/n56eKEF547fmH/nX6L+8WIYRjjRL1pnJrW0NN29Mt+wnhlWItvfXhM+ea049iWoTZUISicX94eLlR03gI4WqYDq+Heph7/9GZNxYXX7x+45HLk8+deXsXfwUAAABw4H0cAAD//0fSPJI=")
r0 = creat(&(0x7f0000000f40)='./file0\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f00000004c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78)
fadvise64(r0, 0x0, 0x0, 0x4)

1.267826567s ago: executing program 1 (id=898):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000003c0)={0x18, 0x0, 0x3, 0x301, 0x0, 0x0, {}, [@generic="d8"]}, 0x18}}, 0x0)

1.244676629s ago: executing program 0 (id=899):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x2c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0xc, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "c4"}]}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELRULE={0x20, 0x8, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb4}}, 0x0)

1.121432839s ago: executing program 1 (id=900):
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

991.83694ms ago: executing program 0 (id=901):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x26, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f00000008c0)={'team0\x00', 0xe761})

857.26087ms ago: executing program 3 (id=902):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000023000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xb, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)

825.427903ms ago: executing program 4 (id=903):
r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000180)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-camellia-aesni-avx2\x00'}})
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$reiserfs(&(0x7f0000001100), &(0x7f0000000040)='./bus\x00', 0x2, &(0x7f0000000280)={[{@jqfmt_vfsold}, {@usrjquota_file, 0x4}, {@acl}, {@data_journal}, {@usrjquota, 0x3d}, {@data_journal}]}, 0x2, 0x110f, &(0x7f0000001140)="$eJzs2LFqFEEYB/D/7B2Y7mTTL4IWFhISzs4qRYRrrW0kpDJVrooI4rv4OJLKPuQBLAKWwshusp5IIGAuhoPfD2Z3+OabmW/KmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCVV/1nu0naMdIkKUnXnS0uknRj/PHXSZOSN0eL5cHJ/PUyyWRIL33rZ/XT0u493Wrn7bzda19u7z9rl6cf3r87Pj46uV6mpMv55foPUq7rudHW+vcDAACATVHvbPb3ktP/uz8AAABwm7U+JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8gzpb9dskP2utaZKUpOvOFhdJuocsEAAAALizkiZvZzfFMzwDrLzIt1kZ4mP7Ufqc3XwZ5j9apR429184AAAAbJTprRnlj/v480xTa/00jj3JNDs7V/3+1w98308mpwfZ/X0n/zx8zy8/Ho6t1Mk9nQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAXO3BAAgAAACDo/+t2BAoAAAAAAAAAAAAAAAAAAAAAAB8FAAD//6zC3aE=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./bus\x00', 0x0)

678.471185ms ago: executing program 3 (id=904):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0x0, 0x80020000, 0x4, {0x5, @raw_data="439e73c82bad769c1516d4c77a5c5885be9b70b538ec45e7ba36827b0dcf53cc22c46c7ddae950c8f87629ac052d399516111996f2d568d4314f1a6a19db3bdb291cb1a830152d32b2ad880e24ae29ce49a0ba071236284d59f28276b7b6325b4fb369c2aab53751ce9ef9dea4663ae9ce4c521f2918fad161726fe27dd15cc6520d466d80c07cd248fcf58332bf0ee0e5061d4377b24a0c253e86d27c5edcd2ae36ce31344898571a1a4f7f4af1de4747103ee0bb34830f53b67d1578af4dab6f19403d8c88fd8e"}})
ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "1c8e1f48"}, 0x0, 0x2})

632.542598ms ago: executing program 3 (id=905):
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0x8a)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = socket(0x1e, 0x2, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000180), 0x4)
sendfile(r1, r3, 0x0, 0x200fc0)
recvmmsg(r2, &(0x7f00000076c0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000001c0)=""/181, 0xb5}], 0x1, &(0x7f0000007940)=""/135, 0x87}}], 0x1, 0x0, 0x0)

544.631245ms ago: executing program 3 (id=906):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x0, &(0x7f0000001000)=ANY=[@ANYRES16=0x0, @ANYBLOB="5df049e7c8fb4977eb885edfaf66b1bbdfa4f8b352df455d6fb7d69d490db6a85f6671040c16e22d769bbad51f865f49094613f7c4572d008311fc7c6596fe3e8d315e45ad342f2a054f70eac0e46c703017033489750102c2f4872e0d60af224c98d13b3edf114d046e23ff412edfae9f3518ef6a28a37a7823e1355dc335", @ANYBLOB="d0f840cc8c1c1e310d6e393531bdcbb4adb9bec0f219963d340de5fac104e89fef4ae6c9a02d4bd8bf2e9f2f733bfb4b5045b2472c9f55f1c1c3e60e717b034250633ba6d3abdfc29926321ccd43a34040f4c7f7ebaba751f610dbed1b20b1900c707d9325fe69a61237d31512e0b4644c76e89ec3a5c3db005794aa9b7a810117c82e43c66757d0f9398274c1f1473f4fd0b85144d6bd41996e7c28725e421b75a4d806e1e1ada5f717e8e7aed946a8e44d3124641ec785bfe07fbbdf8de2011588af5bbedba7034ff9e2164ab2be5224acb0fb4b35105620111e6b22ba02775f4a848f762c165c702b8cddb4ecc1278604b55f81be43b56429da93a8982182387d8c658b971e619cd6b69299c8bddb23c94de26c54a68e4ab113a3492e700ae9efae2f7885ea863281b43c5443a44e9098640b2a8a7267b2edb0e56df7effd0d762a0e87b5e357b8d7c0b88b4ca1859c00d1dd061b2b73bdbeae7be52456452e47819047d79893c4bb669d6982565eac923631257858ede56727a44b1a33217a1fef8cb9c71b36031d7bfe4b67ad76a23368c4a519ceb9d765d5407cf49f1474d46c2bb3b61362927e52462549f6ca3e18525997c01673d2007c942274c355ad425fad20ea555fddbb8abb1975ade23695820472e53fcefe594ada89271a46bd1d2051c7302b35cc348fe629d69c027da005305d2b12f3b2a75904f1fa0c6974f60d70d899f9df3cbd7a838708086ce054490b82014206eae26a31f46189f3b2222ad6d2c1a52e16c4103edc282afb2b92461f8cb87a21bdc0da13b6666210026c0cb1fa5ceca44341aa3d522c94992c1b1c909c3c9e46c034a3160f9d1e727dddcc5df9244d38e2f6f4e038b1d803ffed0773a9de14cca0aab627a2512245a9925cd65f7151181c85969ae0476683672c661b2b0fb9dcf9ea2bec7a4ea9fed9deda3c7085db68df0982a2841f34df083ccb57d65a0809736d6b6d67d6d9033abbab7758006629aba6168f74d7d810cb95e12352e3c555b7716526369b77c5aa65d8496ccab5380780cd0ccbd0666916756e64278471c5a3495d02446cf112a755a6e7120ad1090a9b8e07de37a3f0b7a61a718e9f1fb9bfbb7859106a091ef48faf08e6290491ffccf9b4e3b3b3aea0621e750be318c540353032f9df9f8a45af22bc4ca214eb4c499e8f00778de914b8cb8d703d1150ce1dd453d573afcc17b981a728bb9e3a1d76c73ddecc78423ccabf39b2a0b398eaf69a3e0ea8bcc2f3ad1d80f99464474e54e70a6b46a0b3de0d9d8661d1d80305cc6a0391cf4573f9913beed00f6771b4baa3b6391cd446feabbbe0589cf899268e8468c7db65632789cc132e6feeccc4da0ad4f0bd35859571edd1f0b1ed4c91d34b61a9a7f95330bb219aeb6d19c9723370b18de31119f913297e623b838c9edcc14a006ae5db3d82a0221b3be70343f58f824b3b37302af9af3da8297ea409872fb07ca28d503317533a5ce3fffd744a7792cfbd4c40b3779422ed26f803ea4aa682dcfef970cbc0b3e5a63618e5fad01b5a0996e11d2a4be07fe85e96c692a64d8f890ce101df2228a327691d4d0d48a05c5bdee08f2060c504a86ac2881d87a7bb9e68c02a6466a092fb57ceca5dfa34766638a3e75539cda93874b5220828689d70cd56a31febbf98e24d751c44b00abc302569728e1622d72a6e5627a558d0b254588e5123cb08b505a5d4db901a6ebd19a0de64502ffd75f1433b8e777a01ad261303de17f2484c4241ca0ad1276d2ba90f2b608097d64da9a44a13b49e1feaff37e1ebf8d34f9a033ea36396207f466a354aed1709da777d23445a70ae62f659243e72ecd671083e0f532a4a1f16a48854b258e6143ba61e2139b76eda70ad2d4783f6a58cc000eca35eff84b856725342670fe63a24db6a17fbbb2e58d25fc6fba88872d133f38ab967a16221ad2bc72cfd98a7fa93b7434723dc0986a2b1c665fdd41ed069ac2dadfcc154163c8b6e5216608d82dcac75141c0fff8d2d2d5505c2e99777f6194c4d5f026ba6b86914fdb76b5bea792fd5f49d43391903e030e0f2802c10bd4b93c9a9749e6c95ae7ecc9aca1ce305ba55b93dbfd12a587c65d563d2116daff60a568b89e35e846cf3c6c6e1ecb578a91d1b44cfd63c2bfffbee8225f2bb85a75d1015ffcd57555907d47ee096b3b4a736fcd7c9f11b894721cf987177e31c08e66bf009357b8353b48eaad4e3d9a761b92c5be4fd9581c04c81a8e31308ae261437ebabeadf8bfe903e617c0acf0a223c702ffddc450257dd381ea592875d4016521b3fb1beda1e9bfd2cd382220fdb1c085e712891d22acd547c31b0fb34f09a434498268018716f12a5b14cb3f256d226b0e70cfb99188967c3e121416882e38df917df1ae737c43722ed3578f6de77e214f2a8b9364176f5ff968d848ea099f341ab8cda755ebe107012e0f11465b65552c7fb452834163ff7ff31bd75001224839aba06a1bfb509bdb80bde17e86abf7893b24cfcf53a4a6ae5cdab4d5bf79237897fe1f85c256460113c1593b016b438bb579d09a9b19525a2ac9e69ba4d0bd767e45fd8a3e80033e8a174590d4c21f967843628aa66b76dc2c62c25eaa283362d0c6bc12bcf78e2287aea5558ca5f4b9f4a0aca8b357229594f596a0d60dfd3c51e5c8c6c8c282635ae6cfeda635bad8bee13b53443d96f18a9f32a4dea7033a9913e365a7f80ad6245eba25212d4fbb373972d45b9f2094b3d0db3def93025349f636eec5af177a91c461cd39ade48276fb17aad326cc095be686b8098df83761356e5fe6d748ea790213bd2e7bdd04a312e8c3bc3bce58fe24a9d4213b217a7dd37d196862ca084820d69ea152f338227e734f7c478f2542f02f76335c9c2e43a6ab511f2f1b6c5d046db234f94d671a282c2283d18e48c22f9602679bf28d627ed4c88764c604285b159bf738acaa9923ddc3d784bd24556506a6363d7abddc609a31c702c9959773fd64206e6530d69386bbc19529dd5e30091b368df5e18f69f64d160b453bf0d0301a00a38a9c4e1a7a3ae3b249a9d19cb75e5465364e206716769c3edad53f15054e4794654303f13fe82dc2764c06af411b68afd7fe692fe95be841a6e131b4830ef4e292e027aa1ba4b2579960a3079863325b51ef9e54acf15aa5f3f42b8cd448889f650ac08e680b352eaa53ea3c511d6152c55f6ca49a0fb4e696d3142d4a06f68c39a24a2764f5bfe4a0ec2c6ea904c780e46139d0f1ef82ee76527cd26e06f454abc6b9e71ab2c06f28843495ee67516913f624c17e18139ad2ac57e375f177ccc86241b502263c86d4b92fffbb16be3f72585af33fc92473603de246d39d423dc6a5e29c3fede67da126705c59bcdd53d70d3ee629491207a64daea77b0a768a09ab6b6004915678556ff5e76bd4eace1a08d24b94a8bae6f0d3b1172d9c2073fbae8192f1bcd2130af737f173af668b073619b003ecefabe4fdfabc04cdc15d59dcaf05c8acb31ad73bd6d855590cf22ef4c5e070d46734bae45772f54e98ed2400c0d9a7e12ee1977e835e21a2ef8bca0e2eb3e400034ff4deb29451823aa11dfc88ef88f59ed57b5aa3ef6b39aa08ef839871163aa4c76f42b08e2be2a2bc036b6c517bc5164ee7d239039a7784ec9c0d0c1846f19a0949919658530ce32e6dc7191d853a53d1e3c0d0f1b7972c99373645bede7a88f68f2cda068e6c69b177a4c6ce32ac10a398b33e01cd06e9ee5c1a4c8dfd4f1cf1da0e2ade1e9ea62acaf1256b18ad1a9040786d34b9d2a679076c2a30288bf62c7c8dcb0b83531d9778b32ca01f7c3d681b4638c7bd63d99b21d81f2bc4c8cfabb8927b2565a40ddbbbddd9907bc5821989333df3c74b5bb74ee9469542dea7f846d80c16f265fc978e7d0f301b5496b0ee8c711ec159a3cf3b5477d740442009c6d693989c694754deddff6eac11d2798c0b8df3bfba3212af771c723b613735b6bd0f26ee601c3ce9072db425c8824e38025a58e16e3df49ba1c01952d67b0a43035f0d4c1316f9f75c9b64237c10446d33ddf765b46fa87dda7bb32d3a10faa507ee1b08be23564b716dbab48e5f39e2ab8b830b55ed5e12a175c8bdc58a86f61585ac18b16b85a515f15740cdae35861ea419456007ca20ffb2a3732c47fd3ca85bd326219f7edb49213c566502dad59c7d862241928fefc3a66c6943ef9da5fd8d1c550fa1904104744f09bb3670c228fed4d23307e4d8eac3f2e98ddd385727eaa90e4dc56562aa494b26a9570d684ccf77ebdd24169050b893d8d63b87849f93aeaae1cdaf7dcce7799422572b00fec8074802f44e9ae89e035b8bbdb77786b792c171179bef4e8ce52eee7c1e719d95548ffb524b21aef79e889d0d4d229f754f977a4b62055c8b77fa71b81278d65180b03baee0f816007f7436cc15131fc82f79a0657da506b9f4a8bc0f9c4558f74954a2b712d9d3f273e56955be7ca339b765be01f0b98f02f19dc40472693f291013ad9df792a13e3858ead6f7d71c66f726388e65813a0d37ddd6fe2bbe0d9a137a42cad6a521080fa6ef6b91f7bf930be29bf31a24b691e90879e78850d40f5a234efe0daa8d92718e26bd007efcf70d63886dc2e60e55dca0041e1db0b46ca48bb4b6dcd19cda71c72cc5c38b334852daf9649cc9cd00d800164e46ddcd575112748cff778ce8bc3263ce0fcd7c242dbb55dea02c648909c8dd9546faa58a8eee2d28567525e3dfc3d6e6c2f67da487ba8c92d0b820ef12e32f4debc9a3be46a93b4976c68d33dbbc1a8b7ee91c6efdf9f7808dbef774bc8146a05810a11377e9bbb304e4c178f565eff1c659447fe5a970dfa02a0788183c77a79dc0c6fc1b1593a29da2799855c808de5775b83c65333a9785542e1551b4692f342ba503dcbb85e10c400ced2a71fec19323ac28a2c19da9065802dbcc8df6194e4d8332ae51cffa15cbaa7f4fae9300edadd680180b8ed49313abe4e33f3c5c331f23064c7d6b528eb298a1c8f8e7f14ac61c9782c61b23921602c930e6d9f7ab6008b97a946d89546070397a2bffb3e4445ad9bc50b414ce03ebdbf26768d49038bc510660b34ab79ae05762879615fc6ed55e88cca3829af0ce611a791ae45f0fb5f58054ee93333170c4c7e92ea6c28b6d52593866dac733adf6c80e13458c7db123a6f0ee462b764cfac0384efe17ded833e4e8f147a25361a6a7e3d1fe6353eea90fe10bbc014f11a610a549b4da3d461683956105b7fa3df192c7702b572dd748ec90e21b9fab64ad8988707e4253f3d48d8d1103860309f195e6819b16ec2ae57d4588b082ea4a76c135e3b495f1774a985c63c0a394ce9c0d13b3156a1cc6f693b5a986674441e44dce0634335f861a2c74fbd0e3c8cfd08fafe713bf58602001d590f1c8b32e026020426bff5b03149c169777ae0af26931e4137804c843b50cfb5eb1cf5b965d5a192479538d3fc9b49ece7620b5e0cd076695b3c6a0db79da4d83806437db4038374eee6f825808c089c98b6d004248c4de2775748fd2be64ddb55652541c6a292bcc23030891eedefcdf9e628fff46c3addd85f8cd595712021157ccd837316a7eda94e4e10866638c73ec64223e24993fe3358e8deb8cbfceeed7cc352e09adbd52ff04638cd532e4217fca9720113ec038c89ee3677bbe494025f8478bff5775d847f46b6c009eee2528da9a6262b338dd81855ced92603c0f01632d2d145415e21a8b22592c39ce5d3eea9559a398a6ed4a6fe8536", @ANYRES32=0x0, @ANYRES8], 0x5, 0x7e1, &(0x7f00000004c0)="$eJzs3U1oHOf5APBnFNmRlf/fhLS4xjjOxEnBBkdZyY6CyCHZrEbyJKtdsbsKNqUkppaDsZyEuIFahzq+tLS0hJ56THLopT2VXloKLbTQ9lRor70FAj0kLS300BJQmZmVJVlf/pA/SH8/Yc07M+/M+7zvrufZkTQzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABE0pis1UaTaOatuVPp5hqTnfbMFuuX9/frNZMt2o1Iin8xNBT7q0X7v7iyel/x7XAcrOYOxlAxGYrFh/Y9/NwXBgeWt98ioJ02uNHCS5cXL5xZWJh/+y4Gcgd895drZn80HDc4stNZK++285n6dJbm3XY6MT5ee/rkVDedyptZ93S3l82kjU5W77U76ZHG0XR0YuJ4mo2cbs+1pifrzSwdrBY++9RYrTaevjQym9U73Xbr6ZdGuo2TebOZt6bLDYvVRZ1nizfiy3kv7WX1mTQ9d35h/vjakPasC7KoNLpmyWdLq+cOPvnwx+989M/z82PbdXesNjY2Ojo2NjqeREStNriy4JmJZ56t1QZr14l1Ne7qm5b70A4fweHWDfTzfzQjj1bMxalIN/xqxGR0oh0zsfIGXr2+bzn/f/npv/1xq3bfW5X/qyw/cHD/yuoDUeb/Q9Xcoc3yf9X27gc3iflOfa30/1JcjsW4EGdiIRZiPt6+I+0lO7evgZ2NbDqyaEUe3WhHHjNRL5ek/SVpTMR4jEctXo2TMRXdSGMq8mhGFt04Hd3oRVa+oxrRiSzq0Yt2dCKNI9GIo5HGaEzERByPNLIYidPRjrloxXRMRr3cy7k4X4778evi2vfN137x+p8+fr98tZYrjW41xO9GlJX+sUWldclc/uemRcRvd+rwDbdlaTn/AwAAAJ9bSfnT9+L8f1c8Wpam8mb2lW22Giy+vXt3IgQAAABuV/mb/4PFZFdRejSS4vy/trbST3bdm+AAAACAHZGU19glETEcj1Wl5culavc6NgAAAGBnlL//P1RMhiOulAuc/wMAAMDnzCs/6xeuv8f+R8v32B2YfTD51d+j09mVnPjg1JPJxXpRr37xgWq7/uSVa3vsTR1Ion9DwXJf44OLDxXzg43sYLJ889zPHqymn5bfDwxe23xtHC/sqZYmSVIEcHV20wBiTQB7+724FkA5F9+Lx6s6j5+tpmeX11S9HZ7Km9lIo918bjTq9b0DvexU7503zn8jyu5/pzWzN4lz5xfmR7725sLZMparxV6uXuz3d919FLeIZak/AvHo+rsbF7vaVV6I0W93uGq3trr/A5f2FoWBm2jzW3H4/8o6h4erusNr+z9UtDk6slnvh6v+ja7r+eD6N1YVxen+3HVRPFEtfeLIE9VkgyjGtoqiGIux1VH0B+HmxmLDKOLhiHj/8Sun/vW7dpId3y6K47cZBcC9cq6860+Rhap0VGWh/yxVivzf6ezaHWvyTrXBjR7lkrKVbZ7kc+PZ/d9LWxzRj1R1jlSfJwYPbJBXahsc0d86/9bv+0f0Ez/+4QdfPfSHn95yXh9arrJnufDIbx4aiDKKPf0oFvtrOruS71/LJFVW/bBY/uGm7XabY0kxhA98/eJbse/S5cWnzl888/r86/NvjI0dH6+dqNWeSZL+i7dUfmKQewDYwOE4VCXyTZ+xs8lTeMoPAFXuPrHVWfUDkTxy7U8Kipz4ZizE2ThWXm0QEY9t3O7wqj9DOBaH+8FufNY6vOoJL8e2ObfcHdGvO7Zt3eFVj5dZ8aUf3MnXAwDuhsPb5OFN8/+qc/dj25x3r83lR6u6R5cj2DyXR8Tzd3c0AOB/Q9b5NBnufTvpdPLZV0cnJkbrvZNZ2mk3Xk47+eR0luatXtaJwXprOktnO+1eu9FuFoVX8smsm3bnZmfbnV461e6ks+1ufqp88nvaf/R7N5upt3p5ozvbzOrdLG20W716o5dO5t1GOjv3YjPvnsw65cbd2ayRT+WNei9vt9Jue67TyEbStJtlqyrmk1mrl0/lRbGVznbymXrnakQ052aydDLrNjr5bK9d7XC5rbw11e7MlLv96957PdoAcH+4dHnxwpmFhfm3b63wlxupvHnrQ24sDAD3wEqW/uT/r1/nh+8AAAAAAAAAAAAAAHB/uM3r/9YX9uzsDoe2qrN0JWL9qmRpaekmmtgT29TZ3R+qHR6ou1K4uiP7GYiNxvn+KSSbr3rt+ecvbLb5i1f2n7yxJrb9nzIYEf1LXd/9ZPfP36tWvXBL3Rm4+a3+HBG30NZSskWde3tcAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICN/DcAAP//jRtoaA==")
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[@ANYBLOB="20000000020000001d"], 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000180)={0x0, 0x0, 0x14, 0x10, 0x1ba, 0x0})
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x6000, 0x0)
r3 = openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_RESET(r3, 0x80044d76, 0x1000000000000)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @remote}, r2}}, 0x48)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21}, {0xa, 0x0, 0x0, @mcast2}, r5}}, 0x48)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000001400791048000000000079003000000000009500f400"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x21)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90424fc60100c034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)

276.908638ms ago: executing program 4 (id=907):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000240)={0x0, 0xcb}, 0x8)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000340)='\x00', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYRES16], 0x8)

180.870225ms ago: executing program 1 (id=908):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000003c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESOCT, @ANYRESOCT, @ANYRES64=0x0, @ANYRESOCT=r0, @ANYRES8=r0, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16=0x0, @ANYBLOB="4599"], 0x1, 0x701, &(0x7f00000009c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeeF1uOF6/lIClFNqVR+rj3kFNP6UG30ENJ74b23BAo6VHHQCGXnHRTmdmZ3Vlptbuy9Yrz+4mZ+Wa+x3zzn52ZfSC+AL6xlmej+iSSWJ59czNd39leaI1tL0zm2a2ImIiISkQ1Ikk3JauR5d7Kp/h25Dml5QEfNpfe/vyrnS/aa9V8yspXBtXrY+Lgpq18inpEjOXLg8YPafGT/bvvae/2oe2NKukcYRqwa0Xg4i/P1Co8s70Dtjp5H/8nm3fK9Kl+lOsWOKeS9nMz173UZyKmI2Iqov3Uz+8OldPv4fHaOusOAAAAwFHVjl7lhd3Yjc24cBLdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdVPv5/kk+VIl2PpBj/fyLfFnn6HBo+EOJnk+3lk5PvDAAAAAAAAACcuFd3Yzc240Kxvpdkv/m/VvqN/1vxXqzHSqzF9diMRmzERqzFfETMlBqa2GxsbKzNZzUjLg2oeTM+7VPz5uF9vNW7mhzHcQMAAAAAAADAOTY1JP/++MFtv4/l7u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHiQRY+1FNl0q0jNRqUbEVFFuK+LTiJg4294eSdJv45PT7wcAAAA8k6ne1WRqhDovvB+7sRkXivW9JPvMfyX7vDwV78VqbEQzNqIVK3En/wydfuqv7GwvtHa2Fx6k08F2f/rlkbqetRjt7x767/nlrEQt7kYz23I9bkcSe5lK3srLO9sL6fJB/359kPYp+UluQG/GSuk76ezqJ1n6z73fIlSPdIgj2t9o5dCSM1nueCcic3nf0hoXiwj0j8TQs1MduKf5qHS++bk0eE/9Y/7B4L1P7yvV95ubM7E/Ejej0jlDVwZHIuK7//j41/daq/fv3V2fPT+H1Nf7Q0vsj8RCKRJXn6NIDDeXReJyZ305fhG/itn4cvKtWItm/CYasREr9SK/kb+e0/nM4Eh9Nl1ee2tYT9Jrst65f/XrUz16+hT1+HmWasRr2Tm9EM1I4mFErMQb2d/NmO/cDbpn+PIIV31lhDttybXvZYtOmKJ2eNm/jdbkcUnjerEU1/I9dybLK2/pRunFvlEqnnWjP49Kqt/JE2kLfxj4fDht+yMxX4rES4e9Xtoh/eteOl9vrd5fu9d4d8T9vZ4v0+voTwOeEifymB4oPcMvxlR+cBezeZJdU3NZ3kudXhXx+m8zYj7Lu9RppfeJm+Zd7tRrX6m/jIdxp+dK/WEsxmIsZaWvZKXHDzyx0ryrnZZ67+FpXvpOq9r5Yaf8futhtNrvhyK2vva3bYDn2fT3pydq/6v9u/ZR7Y+1e7U3p342+aPJVyZi/F/jP67Ojb1eeSX5e3wUv+t+/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7e+qPH9xut1spa/0Slf1YyuFajtVcMJDagTE8iyYfKGaFwsv7o8d7QBgcnJvPuPWX140wUozUOL1w/wW4kW/vP19Twc1GM8jTCLpJ8mMrSSysinrrPxZ67W8bPwancn6gfuVb9wHHlieIFWyp89Fdvrd/5GouIfoWH3DjGjuHmA5ypGxsP3r2x/ujxD5oPGu+svLOyOr64uDS3tPjGwo27zdbKXHteqnD6o+oBJ6T8dqJjIiJeHV53wECtAAAAAAAAAAAAwAk6jf+FOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7elmej+iSSmJ+7Ppeu72wvtNKpSHdLViOiEhHJbyOSf0bcivYUM6XmksP282Fz6e3Pv9r5ottWtShfidg6tN6gNru28inqETGWL59BT3u3h7c30U1O9slOOkeRBuxaETg4a/8PAAD//9qm8z8=")
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socketpair(0x15, 0x0, 0x20, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x5)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0xf}}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000004c0))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f00000001c0)=""/100)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000180)={0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20})
ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000000308010800000000000000000000000006000240000000001400048008000a400000000008000940000000000500030006020000"], 0x38}}, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000080)=0xffffffffffffffff, 0x12)
clock_adjtime(0x0, 0x0)

79.567753ms ago: executing program 4 (id=909):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000880)=0x1, 0x4)

0s ago: executing program 4 (id=910):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0x41}])

kernel console output (not intermixed with test programs):

could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.326774][ T5134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  143.399781][ T5104] loop1: detected capacity change from 0 to 16
[  143.406551][ T5134] device hsr_slave_0 entered promiscuous mode
[  143.413674][ T5134] device hsr_slave_1 entered promiscuous mode
[  143.422875][ T5104] erofs: (device loop1): mounted with root inode @ nid 36.
[  143.437551][ T5134] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  143.445407][ T5104] erofs: (device loop1): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 36
[  143.467896][ T5134] Cannot create hsr debugfs directory
[  143.476746][ T4572] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  143.486971][ T5104] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  143.556823][ T3975] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  143.563427][ T3975] cdc_ncm 2-1:1.0: dwNtbInMaxSize=3 is too small. Using 2048
[  143.585757][ T3975] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  143.608480][   T27] audit: type=1400 audit(1721191196.635:18): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=26260AE10CCA7C2B08C9DFF78977F306B457C51CCA93031D371D06D2E59E880583300E11E8 pid=5130 comm="syz.4.374"
[  143.632228][    C0] vkms_vblank_simulate: vblank timer overrun
[  143.825100][ T3975] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  143.876182][ T4065] gspca_nw80x: reg_r err -71
[  143.880944][ T4065] nw80x: probe of 5-1:0.0 failed with error -71
[  143.914366][ T3975] usb 2-1: USB disconnect, device number 3
[  143.934781][ T3975] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  143.953531][ T4065] usb 5-1: USB disconnect, device number 4
[  144.158422][ T5134] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.223462][ T5180] loop2: detected capacity change from 0 to 512
[  144.338462][ T5134] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.351369][ T5180] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #16: comm syz.2.383: iget: bad extended attribute block 128
[  144.394854][ T5180] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.383: couldn't read orphan inode 16 (err -117)
[  144.448755][ T5134] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.516454][ T3567] Bluetooth: hci7: command tx timeout
[  144.526566][ T5180] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  144.535586][ T5180] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038 (0x7fffffff)
[  144.836710][ T4572] EXT4-fs (loop2): unmounting filesystem.
[  144.891730][ T5134] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.178834][ T5196] netlink: 20 bytes leftover after parsing attributes in process `syz.3.385'.
[  145.338325][ T5187] loop4: detected capacity change from 0 to 32768
[  145.360061][ T5187] XFS: noikeep mount option is deprecated.
[  145.436044][ T3802] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  145.454963][ T5187] XFS (loop4): Mounting V5 Filesystem
[  145.546955][ T5187] XFS (loop4): Ending clean mount
[  145.562702][ T5187] XFS (loop4): Quotacheck needed: Please wait.
[  145.585411][ T5134] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  145.644864][ T5187] XFS (loop4): Quotacheck: Done.
[  145.654832][ T5134] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  145.696095][ T3802] usb 3-1: Using ep0 maxpacket: 16
[  145.729010][ T5134] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  145.904656][ T4368] XFS (loop4): Unmounting Filesystem
[  145.962827][ T5134] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  145.997062][ T3802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.319462][ T3802] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.448435][ T3802] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  146.724051][ T3567] Bluetooth: hci7: command tx timeout
[  146.776090][ T3802] usb 3-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  146.816104][ T3802] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.016936][ T3802] usb 3-1: config 0 descriptor??
[  147.818127][ T3802] ryos 0003:1E7D:31CE.0003: unknown main item tag 0x0
[  147.855698][ T3802] ryos 0003:1E7D:31CE.0003: unbalanced delimiter at end of report description
[  147.906977][ T3802] ryos 0003:1E7D:31CE.0003: parse failed
[  147.912716][ T3802] ryos: probe of 0003:1E7D:31CE.0003 failed with error -22
[  147.968514][ T5134] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.070339][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  148.089052][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  148.120812][ T5134] 8021q: adding VLAN 0 to HW filter on device team0
[  148.170934][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  148.187015][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  148.223190][ T3802] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.230427][ T3802] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.320880][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  148.329681][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  148.359889][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  148.390128][ T3629] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.397375][ T3629] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.431098][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  148.456542][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  148.465084][ T5259] capability: warning: `syz.4.399' uses deprecated v2 capabilities in a way that may be insecure
[  148.508959][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  148.523182][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  148.553685][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  148.582662][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  148.615888][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  148.632762][ T4985] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  148.660413][ T5134] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  148.676925][ T5134] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  148.697386][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  148.715157][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  148.715402][ T3975] usb 3-1: USB disconnect, device number 6
[  148.746143][ T3567] Bluetooth: hci7: command tx timeout
[  148.754013][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  149.070569][ T5276] loop2: detected capacity change from 0 to 512
[  149.090974][ T5276] EXT4-fs: Ignoring removed mblk_io_submit option
[  149.132440][ T5276] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  149.152682][ T5276] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[  149.169812][ T5276] System zones: 1-12
[  149.208160][ T5276] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz.2.405: corrupted in-inode xattr
[  149.258943][ T5276] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.405: couldn't read orphan inode 15 (err -117)
[  149.273212][ T5276] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  149.313438][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  149.337196][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  149.369084][ T5134] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.381304][ T5276] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz.2.405: Unrecognised inode hash code 4
[  149.437847][ T5276] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.405: Corrupt directory, running e2fsck is recommended
[  149.495864][ T5291] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz.2.405: Unrecognised inode hash code 4
[  149.498049][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  149.518470][ T5291] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.405: Corrupt directory, running e2fsck is recommended
[  149.554781][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  149.602456][   T27] audit: type=1800 audit(1721191202.625:19): pid=5288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.405" name="bus" dev="loop2" ino=20 res=0 errno=0
[  149.618305][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  149.657513][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  149.699323][ T5134] device veth0_vlan entered promiscuous mode
[  149.711644][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  149.720597][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  149.738646][ T4572] EXT4-fs (loop2): unmounting filesystem.
[  149.742090][ T5134] device veth1_vlan entered promiscuous mode
[  149.840630][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  149.855336][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  149.873313][  T120] block nbd3: Possible stuck request ffff88801f7b0000: control (read@0,4096B). Runtime 30 seconds
[  149.878988][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  149.947212][ T3629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  149.958490][ T5134] device veth0_macvtap entered promiscuous mode
[  149.977091][ T5134] device veth1_macvtap entered promiscuous mode
[  150.013236][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.034276][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.096063][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.123644][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.134733][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.145660][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.146194][ T3802] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  150.155598][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.173725][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.193048][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.226245][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.263706][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.284965][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.297161][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.324743][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.358547][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.381765][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.413682][ T5134] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.436517][ T3802] usb 2-1: Using ep0 maxpacket: 16
[  150.441949][ T4981] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  150.453003][ T4981] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  150.473145][ T4981] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  150.492346][ T4981] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  150.516308][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.538058][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.558568][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.569630][ T3802] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.588928][ T3802] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.604225][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.621074][ T3802] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  150.637612][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.649826][ T3802] usb 2-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  150.666524][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.683317][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.686037][ T3802] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.706089][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.725852][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.742764][ T3802] usb 2-1: config 0 descriptor??
[  150.756178][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.773587][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.809111][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.828900][ T5323] loop2: detected capacity change from 0 to 512
[  150.830423][ T3567] Bluetooth: hci7: command tx timeout
[  150.845527][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.872010][ T5323] EXT4-fs: quotafile must be on filesystem root
[  150.879584][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.891372][ T5134] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.902929][ T5134] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.911636][ T5326] loop3: detected capacity change from 0 to 512
[  150.923921][ T5134] batman_adv: batadv0: Interface activated: batadv_slave_1
[  150.935131][ T4981] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  150.945176][ T4981] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  150.945301][ T5326] EXT4-fs: Ignoring removed mblk_io_submit option
[  150.957901][ T5134] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.977337][ T3542] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  150.995737][ T5134] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.998265][ T5326] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  151.013122][ T5134] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.013158][ T5134] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.053772][ T5326] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[  151.093129][ T5326] System zones: 1-12
[  151.118467][ T5326] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.425: corrupted in-inode xattr
[  151.166929][ T5326] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.425: couldn't read orphan inode 15 (err -117)
[  151.207300][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.236209][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.242567][ T5326] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  151.273630][ T4981] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  151.283450][ T3802] ryos 0003:1E7D:31CE.0004: unknown main item tag 0x0
[  151.330141][ T3802] ryos 0003:1E7D:31CE.0004: unbalanced delimiter at end of report description
[  151.345712][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.357050][ T3802] ryos 0003:1E7D:31CE.0004: parse failed
[  151.364343][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.367733][ T5326] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz.3.425: Unrecognised inode hash code 4
[  151.373045][ T3802] ryos: probe of 0003:1E7D:31CE.0004 failed with error -22
[  151.399435][ T5326] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz.3.425: Corrupt directory, running e2fsck is recommended
[  151.503375][ T5326] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz.3.425: Unrecognised inode hash code 4
[  151.569942][ T5326] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz.3.425: Corrupt directory, running e2fsck is recommended
[  151.586601][ T3802] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  151.617375][ T5326] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz.3.425: Unrecognised inode hash code 4
[  151.643950][ T5326] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz.3.425: Corrupt directory, running e2fsck is recommended
[  151.827683][   T27] audit: type=1800 audit(1721191204.845:20): pid=5326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.425" name="bus" dev="loop3" ino=20 res=0 errno=0
[  152.538226][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  152.580117][ T5346] netlink: 20 bytes leftover after parsing attributes in process `syz.2.430'.
[  152.726694][ T5353] loop3: detected capacity change from 0 to 512
[  152.815361][ T5353] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #16: comm syz.3.431: iget: bad extended attribute block 128
[  152.850601][    T7] usb 2-1: USB disconnect, device number 4
[  152.908941][ T5353] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.431: couldn't read orphan inode 16 (err -117)
[  152.995582][ T5353] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  153.026312][ T5353] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038 (0x7fffffff)
[  153.271363][ T5359] kvm [5358]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x3
[  153.301294][ T5359] kvm [5358]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x4
[  153.322997][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  153.379492][ T5363] loop0: detected capacity change from 0 to 512
[  153.426325][ T5359] kvm [5358]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0xfe
[  153.435253][ T5359] kvm [5358]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0xff
[  153.486079][ T5363] EXT4-fs: quotafile must be on filesystem root
[  153.497498][ T5359] kvm [5358]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0x1
[  153.510641][ T5359] kvm [5358]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x1
[  153.519763][ T5359] kvm [5358]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x187 data 0x1
[  153.558166][ T5359] kvm [5358]: vcpu0, guest rIP: 0x1be vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x33, nop
[  153.703992][ T5376] loop3: detected capacity change from 0 to 512
[  153.727117][ T5376] EXT4-fs: Ignoring removed mblk_io_submit option
[  153.744494][ T5376] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  153.753238][    T7] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  153.799087][ T5376] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[  153.814710][ T5376] System zones: 1-12
[  153.825826][ T5376] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.442: corrupted in-inode xattr
[  153.841136][ T5376] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.442: couldn't read orphan inode 15 (err -117)
[  153.854285][ T5376] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  153.921158][ T5357] loop4: detected capacity change from 0 to 32768
[  153.928939][ T5357] XFS: noikeep mount option is deprecated.
[  153.942669][ T5376] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz.3.442: Unrecognised inode hash code 4
[  153.954669][ T5376] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz.3.442: Corrupt directory, running e2fsck is recommended
[  153.970923][ T5376] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz.3.442: Unrecognised inode hash code 4
[  153.987510][ T5376] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz.3.442: Corrupt directory, running e2fsck is recommended
[  154.006164][    T7] usb 3-1: Using ep0 maxpacket: 32
[  154.009648][ T5376] EXT4-fs warning (device loop3): dx_probe:832: inode #2: comm syz.3.442: Unrecognised inode hash code 4
[  154.030683][ T5376] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz.3.442: Corrupt directory, running e2fsck is recommended
[  154.047594][ T5357] XFS (loop4): Mounting V5 Filesystem
[  154.057244][   T27] audit: type=1800 audit(1721191207.085:21): pid=5376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.442" name="bus" dev="loop3" ino=20 res=0 errno=0
[  154.136449][    T7] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  154.152730][    T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.163299][ T5357] XFS (loop4): Ending clean mount
[  154.173932][ T5357] XFS (loop4): Quotacheck needed: Please wait.
[  154.198459][    T7] usb 3-1: config 0 descriptor??
[  154.212778][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  154.238673][    T7] gspca_main: nw80x-2.14.0 probing 055f:d001
[  154.276597][ T5357] XFS (loop4): Quotacheck: Done.
[  155.144634][   T27] audit: type=1400 audit(1721191208.165:22): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=26260AE10CCA7C2B08C9DFF78977F306B457C51CCA93031D371D06D2E59E880583300E11E8 pid=5369 comm="syz.2.440"
[  155.230957][ T4368] XFS (loop4): Unmounting Filesystem
[  155.355495][ T5406] loop3: detected capacity change from 0 to 512
[  155.393482][ T5406] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #16: comm syz.3.449: iget: bad extended attribute block 128
[  155.424683][ T5406] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.449: couldn't read orphan inode 16 (err -117)
[  155.440392][ T5406] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  155.451223][ T5406] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038 (0x7fffffff)
[  155.546341][ T5415] loop0: detected capacity change from 0 to 512
[  155.565458][    T7] gspca_nw80x: reg_r err -32
[  155.602165][    T7] nw80x: probe of 3-1:0.0 failed with error -32
[  155.757111][    T7] usb 3-1: USB disconnect, device number 7
[  156.250171][   T52] block nbd1: Possible stuck request ffff88801f720000: control (read@0,4096B). Runtime 60 seconds
[  156.257867][ T5415] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  156.271736][ T5415] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038 (0x7fffffff)
[  156.324412][ T5414] EXT4-fs error (device loop0): ext4_do_update_inode:5210: inode #2: comm syz.0.451: corrupted inode contents
[  156.341969][ T5414] EXT4-fs error (device loop0): ext4_dirty_inode:6072: inode #2: comm syz.0.451: mark_inode_dirty error
[  156.354443][ T5414] EXT4-fs error (device loop0): ext4_do_update_inode:5210: inode #2: comm syz.0.451: corrupted inode contents
[  156.367948][ T5414] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.451: mark_inode_dirty error
[  156.576376][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  156.684568][ T5134] EXT4-fs (loop0): unmounting filesystem.
[  156.924660][ T5441] netlink: 'syz.3.462': attribute type 1 has an invalid length.
[  156.932959][ T5441] netlink: 4 bytes leftover after parsing attributes in process `syz.3.462'.
[  157.122749][ T5452] loop0: detected capacity change from 0 to 512
[  157.123094][ T5451] loop2: detected capacity change from 0 to 512
[  157.177456][ T5454] loop4: detected capacity change from 0 to 512
[  157.203221][ T5452] EXT4-fs: Ignoring removed bh option
[  157.208607][ T5451] EXT4-fs: Ignoring removed mblk_io_submit option
[  157.222708][ T5451] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  157.251136][ T5454] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #16: comm syz.4.467: iget: bad extended attribute block 128
[  157.278432][ T5451] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b002c118, mo2=0002]
[  157.285403][ T5454] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.467: couldn't read orphan inode 16 (err -117)
[  157.316436][ T5454] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  157.317351][ T5451] System zones: 1-12
[  157.345829][ T5454] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038 (0x7fffffff)
[  157.349855][ T5451] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz.2.466: corrupted in-inode xattr
[  157.366299][ T5452] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #16: comm syz.0.465: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 19200(19200)
[  157.376256][ T5451] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.466: couldn't read orphan inode 15 (err -117)
[  157.402311][ T5451] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  157.529731][ T5452] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.465: couldn't read orphan inode 16 (err -117)
[  157.565312][ T5451] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz.2.466: Unrecognised inode hash code 4
[  157.610277][ T5451] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.466: Corrupt directory, running e2fsck is recommended
[  157.610470][ T5452] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  157.659169][ T5467] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz.2.466: Unrecognised inode hash code 4
[  157.683308][ T5467] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.466: Corrupt directory, running e2fsck is recommended
[  157.690860][ T5452] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038 (0x7fffffff)
[  157.711261][ T4368] EXT4-fs (loop4): unmounting filesystem.
[  157.714940][ T5467] EXT4-fs warning (device loop2): dx_probe:832: inode #2: comm syz.2.466: Unrecognised inode hash code 4
[  157.803749][ T5467] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.466: Corrupt directory, running e2fsck is recommended
[  157.808294][ T5444] loop1: detected capacity change from 0 to 32768
[  157.864074][   T27] audit: type=1800 audit(1721191210.885:23): pid=5467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.466" name="bus" dev="loop2" ino=20 res=0 errno=0
[  157.891729][ T5469] loop4: detected capacity change from 0 to 256
[  157.901362][ T4572] EXT4-fs (loop2): unmounting filesystem.
[  157.916784][ T5444] XFS: noikeep mount option is deprecated.
[  157.922118][ T5469] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  157.956121][ T5134] EXT4-fs (loop0): unmounting filesystem.
[  158.087183][ T5444] XFS (loop1): Mounting V5 Filesystem
[  158.483466][ T5487] syz.2.473 uses obsolete (PF_INET,SOCK_PACKET)
[  158.843168][ T5444] XFS (loop1): Ending clean mount
[  158.860238][ T5444] XFS (loop1): Quotacheck needed: Please wait.
[  158.991265][ T5444] XFS (loop1): Quotacheck: Done.
[  159.019906][ T5483] kvm [5477]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc1 data 0x3
[  159.063113][ T5483] kvm [5477]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc1 data 0x4
[  159.148242][ T5483] kvm [5477]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x4
[  159.168345][ T5483] kvm [5477]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x5
[  159.230700][ T5491] loop0: detected capacity change from 0 to 512
[  159.270329][ T5483] kvm [5477]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0x1
[  159.297068][ T4526] XFS (loop1): Unmounting Filesystem
[  159.316681][ T5491] EXT4-fs: quotafile must be on filesystem root
[  159.363375][ T5483] kvm [5477]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x186 data 0x1
[  159.373008][ T5502] netlink: 'syz.2.479': attribute type 1 has an invalid length.
[  159.380774][ T5502] netlink: 4 bytes leftover after parsing attributes in process `syz.2.479'.
[  159.446464][ T5483] kvm [5477]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x187 data 0x1
[  159.497681][ T5507] loop3: detected capacity change from 0 to 512
[  159.516812][ T5507] EXT4-fs: Ignoring removed bh option
[  159.545481][ T5507] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #16: comm syz.3.484: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 19200(19200)
[  159.621951][ T5483] kvm [5477]: vcpu0, guest rIP: 0x1be vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x33, nop
[  159.640498][ T5507] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.484: couldn't read orphan inode 16 (err -117)
[  159.652713][ T5507] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  159.662253][ T5507] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038 (0x7fffffff)
[  160.692479][ T5522] loop2: detected capacity change from 0 to 256
[  160.732703][ T5522] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  160.748236][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  161.890963][ T5549] netlink: 'syz.3.496': attribute type 1 has an invalid length.
[  161.898759][ T5549] netlink: 4 bytes leftover after parsing attributes in process `syz.3.496'.
[  163.167888][ T5566] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  163.355969][    C0] sched: RT throttling activated
[  163.599096][ T5536] loop0: detected capacity change from 0 to 32768
[  163.667339][ T5536] XFS: noikeep mount option is deprecated.
[  163.832820][ T5536] XFS (loop0): Mounting V5 Filesystem
[  163.920078][ T5582] loop3: detected capacity change from 0 to 512
[  164.224111][ T5587] loop2: detected capacity change from 0 to 512
[  164.466619][ T5536] XFS (loop0): Ending clean mount
[  164.500362][ T5582] EXT4-fs: Ignoring removed nomblk_io_submit option
[  164.530044][ T5587] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  164.539479][ T5587] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038 (0x7fffffff)
[  164.622694][ T5587] EXT4-fs error (device loop2): ext4_do_update_inode:5210: inode #2: comm syz.2.506: corrupted inode contents
[  164.648571][ T5587] EXT4-fs error (device loop2): ext4_dirty_inode:6072: inode #2: comm syz.2.506: mark_inode_dirty error
[  164.666029][ T5587] EXT4-fs error (device loop2): ext4_do_update_inode:5210: inode #2: comm syz.2.506: corrupted inode contents
[  164.679493][ T5587] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.506: mark_inode_dirty error
[  164.899589][ T5536] XFS (loop0): Quotacheck needed: Please wait.
[  165.103075][ T5582] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  165.135899][ T5582] EXT4-fs (loop3): 1 truncate cleaned up
[  165.190563][ T5536] XFS (loop0): Quotacheck: Done.
[  165.194572][ T5582] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  165.225381][ T4572] EXT4-fs (loop2): unmounting filesystem.
[  165.246990][   T27] audit: type=1800 audit(1721191218.265:24): pid=5582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.507" name="memory.events" dev="loop3" ino=18 res=0 errno=0
[  165.283292][ T5134] XFS (loop0): Unmounting Filesystem
[  165.346742][   T27] audit: type=1804 audit(1721191218.265:25): pid=5582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.507" name="/newroot/53/file0/memory.events" dev="loop3" ino=18 res=1 errno=0
[  165.381537][   T27] audit: type=1804 audit(1721191218.265:26): pid=5582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.507" name="/newroot/53/file0/memory.events" dev="loop3" ino=18 res=1 errno=0
[  165.449157][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  165.618473][ T5611] netlink: 4 bytes leftover after parsing attributes in process `syz.3.513'.
[  165.619071][ T5607] loop2: detected capacity change from 0 to 1024
[  165.646875][ T5607] ext3: Bad value for 'max_dir_size_kb'
[  165.743678][ T5618] loop3: detected capacity change from 0 to 256
[  165.807084][ T5618] exfat: Unknown parameter '184467440737095516150x0000000000000000'
[  165.895638][ T5620] netlink: 'syz.1.519': attribute type 1 has an invalid length.
[  166.141371][ T5630] loop3: detected capacity change from 0 to 512
[  166.176902][ T5630] EXT4-fs: Ignoring removed nomblk_io_submit option
[  166.222473][ T5630] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  166.271272][ T5630] EXT4-fs (loop3): 1 truncate cleaned up
[  166.288522][ T5630] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  166.320434][   T27] audit: type=1800 audit(1721191219.345:27): pid=5630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.523" name="memory.events" dev="loop3" ino=18 res=0 errno=0
[  166.397722][   T27] audit: type=1804 audit(1721191219.375:28): pid=5630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.523" name="/newroot/56/file0/memory.events" dev="loop3" ino=18 res=1 errno=0
[  166.421859][   T27] audit: type=1804 audit(1721191219.375:29): pid=5630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.523" name="/newroot/56/file0/memory.events" dev="loop3" ino=18 res=1 errno=0
[  166.443424][    C1] vkms_vblank_simulate: vblank timer overrun
[  166.475398][ T5645] loop2: detected capacity change from 0 to 2048
[  166.507156][  T120] block nbd0: Possible stuck request ffff88801f6c0000: control (read@0,4096B). Runtime 60 seconds
[  166.535029][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  166.547391][ T5645] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  166.606193][ T5645] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038 (0x7fffffff)
[  166.683532][ T5655] netlink: 'syz.1.533': attribute type 1 has an invalid length.
[  166.743482][ T5658] loop3: detected capacity change from 0 to 1024
[  166.769812][ T5658] ext3: Bad value for 'max_dir_size_kb'
[  166.933885][ T5661] loop1: detected capacity change from 0 to 256
[  166.947523][ T5661] exfat: Unknown parameter '184467440737095516150x0000000000000000'
[  167.023227][ T5662] fs-verity: sha512 using implementation "sha512-avx2"
[  167.046507][ T5662] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.530: bg 0: block 288: padding at end of block bitmap is not set
[  167.067928][ T5662] fs-verity (loop2, inode 13): ext4_end_enable_verity() failed with err -117
[  167.394366][ T5662] syz.2.530 (5662) used greatest stack depth: 19520 bytes left
[  167.535476][ T5664] loop3: detected capacity change from 0 to 64
[  167.638370][ T4572] EXT4-fs (loop2): unmounting filesystem.
[  167.960879][ T5676] loop2: detected capacity change from 0 to 64
[  168.031377][ T5644] loop0: detected capacity change from 0 to 40427
[  168.065250][ T5644] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  168.090168][ T5644] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  168.184995][ T5644] F2FS-fs (loop0): Found nat_bits in checkpoint
[  168.344913][ T5690] loop3: detected capacity change from 0 to 1024
[  168.365767][ T5690] ext3: Bad value for 'max_dir_size_kb'
[  168.395672][ T5644] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  168.402993][ T3564] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  168.433799][ T5644] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  168.452129][ T3542] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  168.575715][ T5644] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  168.575797][ T5644] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  168.605055][ T5644] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  168.624979][ T5644] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  168.646088][ T5644] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  168.654186][ T5705] loop1: detected capacity change from 0 to 64
[  168.656637][ T3564] usb 5-1: Using ep0 maxpacket: 32
[  168.695076][ T5644] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  168.695101][ T5644] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  168.757677][ T3542] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  168.796185][ T3564] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  168.833426][ T3564] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  168.862949][ T3564] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  168.976300][ T4981] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  169.046362][ T3564] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  169.062729][ T3564] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.078263][ T5715] netlink: 'syz.1.557': attribute type 1 has an invalid length.
[  169.084915][ T3564] usb 5-1: Product: syz
[  169.091316][ T3564] usb 5-1: Manufacturer: syz
[  169.114680][ T3564] usb 5-1: SerialNumber: syz
[  169.157322][ T3564] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  169.170321][ T3564] cdc_ncm 5-1:1.0: bind() failure
[  169.227948][ T4981] usb 4-1: Using ep0 maxpacket: 32
[  169.356255][ T4981] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  169.537050][ T4981] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  169.566368][ T4981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.607071][ T4981] usb 4-1: Product: syz
[  169.611305][ T4981] usb 4-1: Manufacturer: syz
[  169.633978][ T4981] usb 4-1: SerialNumber: syz
[  169.643333][ T5736] loop1: detected capacity change from 0 to 128
[  169.671021][ T4981] usb 4-1: config 0 descriptor??
[  169.719945][ T4981] hub 4-1:0.0: bad descriptor, ignoring hub
[  169.732975][ T4981] hub: probe of 4-1:0.0 failed with error -5
[  169.736567][ T5732] loop5: detected capacity change from 0 to 7
[  169.790727][ T4981] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input10
[  169.806163][ T5732] Dev loop5: unable to read RDB block 7
[  169.832660][ T5732]  loop5: unable to read partition table
[  169.860412][ T4981] usbtouchscreen 4-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8
[  169.883248][ T5732] loop5: partition table beyond EOD, truncated
[  169.899002][   T27] audit: type=1804 audit(1721191222.925:30): pid=5736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.562" name="/newroot/74/file0/file1" dev="loop1" ino=1048621 res=1 errno=0
[  169.948288][ T5732] loop_reread_partitions: partition scan of loop5 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  169.948288][ T5732] 
) failed (rc=-5)
[  169.961844][ T5736] capability: warning: `syz.1.562' uses 32-bit capabilities (legacy support in use)
[  169.977028][ T4981] usbtouchscreen: probe of 4-1:0.0 failed with error -8
[  170.022146][ T5748] loop2: detected capacity change from 0 to 64
[  170.038399][ T4981] usb 4-1: USB disconnect, device number 3
[  170.116384][ T5749] loop0: detected capacity change from 0 to 512
[  170.139659][ T5749] EXT4-fs: Ignoring removed nomblk_io_submit option
[  170.169935][ T5749] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  170.306609][ T5749] EXT4-fs (loop0): 1 truncate cleaned up
[  170.312322][ T5749] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  170.385101][   T27] audit: type=1800 audit(1721191223.405:31): pid=5749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.566" name="memory.events" dev="loop0" ino=18 res=0 errno=0
[  170.459817][   T27] audit: type=1804 audit(1721191223.435:32): pid=5749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.566" name="/newroot/17/file0/memory.events" dev="loop0" ino=18 res=1 errno=0
[  170.503959][ T5134] EXT4-fs (loop0): unmounting filesystem.
[  170.509881][   T27] audit: type=1804 audit(1721191223.435:33): pid=5749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.566" name="/newroot/17/file0/memory.events" dev="loop0" ino=18 res=1 errno=0
[  171.341305][ T5785] loop3: detected capacity change from 0 to 2048
[  171.396814][ T5785] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  171.522427][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  171.598526][ T5792] loop2: detected capacity change from 0 to 128
[  171.716588][ T4981] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  171.741571][ T3629] usb 5-1: USB disconnect, device number 5
[  171.807918][   T27] audit: type=1804 audit(1721191224.835:34): pid=5792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.581" name="/newroot/69/file0/file1" dev="loop2" ino=1048622 res=1 errno=0
[  171.966202][ T4981] usb 1-1: Using ep0 maxpacket: 32
[  172.018740][ T5805] loop3: detected capacity change from 0 to 64
[  172.107356][ T4981] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  172.356250][ T3564] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  172.446199][ T4981] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  172.455581][ T4981] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.468316][ T4981] usb 1-1: Product: syz
[  172.472541][ T4981] usb 1-1: Manufacturer: syz
[  172.477322][ T4981] usb 1-1: SerialNumber: syz
[  172.583468][ T4981] usb 1-1: config 0 descriptor??
[  172.715423][ T4981] hub 1-1:0.0: bad descriptor, ignoring hub
[  172.783170][ T4981] hub: probe of 1-1:0.0 failed with error -5
[  172.979945][ T4981] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input11
[  173.208095][ T4981] usbtouchscreen 1-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8
[  173.241569][ T4981] usbtouchscreen: probe of 1-1:0.0 failed with error -8
[  173.287020][ T4981] usb 1-1: USB disconnect, device number 2
[  173.376385][ T3564] usb 5-1: Using ep0 maxpacket: 16
[  173.403504][ T5824] loop3: detected capacity change from 0 to 64
[  173.506831][ T5826] loop2: detected capacity change from 0 to 2048
[  173.567260][ T5826] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  173.656311][ T3564] usb 5-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[  173.676324][ T3564] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.695488][ T3564] usb 5-1: Product: syz
[  173.709968][ T3564] usb 5-1: Manufacturer: syz
[  173.714628][ T3564] usb 5-1: SerialNumber: syz
[  173.719827][ T5834] netlink: 4 bytes leftover after parsing attributes in process `syz.3.595'.
[  173.756018][ T4572] EXT4-fs (loop2): unmounting filesystem.
[  173.760049][ T3564] usb 5-1: config 0 descriptor??
[  173.767268][ T5836] loop1: detected capacity change from 0 to 4096
[  173.796866][ T5836] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  173.818234][ T3564] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state.
[  173.867681][ T3564] dvb-usb: bulk message failed: -22 (2/0)
[  173.908600][   T27] audit: type=1326 audit(1721191226.935:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5837 comm="syz.3.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  173.932257][ T3564] dvb-usb: will use the device's hardware PID filter (table count: 15).
[  173.946250][ T5844] netlink: 24 bytes leftover after parsing attributes in process `syz.2.599'.
[  173.964001][   T27] audit: type=1326 audit(1721191226.935:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5837 comm="syz.3.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  173.990693][ T5836] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  173.992596][ T3564] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353))
[  174.034198][ T3564] usb 5-1: media controller created
[  174.035734][ T5836] ntfs3: loop1: ntfs_set_state r=3 failed, -22.
[  174.053912][ T3564] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  174.066715][   T27] audit: type=1326 audit(1721191226.935:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5837 comm="syz.3.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  174.089140][ T5836] ntfs3: loop1: Failed to load root.
[  174.093445][ T5848] loop0: detected capacity change from 0 to 256
[  174.109361][ T5836] ntfs3: loop1: ntfs3_write_inode r=3 failed, -22.
[  174.130061][ T3564] usb 5-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)...
[  174.148949][   T27] audit: type=1326 audit(1721191226.935:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5837 comm="syz.3.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  174.153179][ T5836] ntfs3: loop1: ntfs_evict_inode r=3 failed, -22.
[  174.178524][ T3564] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered.
[  174.284070][   T27] audit: type=1326 audit(1721191226.935:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5837 comm="syz.3.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  174.295337][ T5852] loop2: detected capacity change from 0 to 64
[  174.426063][   T27] audit: type=1326 audit(1721191226.935:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5837 comm="syz.3.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  174.431662][ T5856] loop3: detected capacity change from 0 to 512
[  174.504425][ T5856] EXT4-fs: Ignoring removed bh option
[  174.556126][ T3564] rc_core: IR keymap rc-dtt200u not found
[  174.571093][ T3564] Registered IR keymap rc-empty
[  174.586730][ T5866] loop2: detected capacity change from 0 to 16
[  174.594340][ T5866] erofs: (device loop2): mounted with root inode @ nid 36.
[  174.604943][ T5856] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.603: inode #11614: comm syz.3.603: iget: illegal inode #
[  174.683198][ T5856] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.603: error while reading EA inode 11614 err=-117
[  174.683212][ T3564] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.4/usb5/5-1/rc/rc0
[  174.684454][ T3564] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.4/usb5/5-1/rc/rc0/input12
[  174.726284][ T5856] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2810: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  174.783143][ T5856] EXT4-fs (loop3): 1 truncate cleaned up
[  174.816238][ T5856] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  174.861938][ T3564] dvb-usb: schedule remote query interval to 300 msecs.
[  174.884621][ T5873] loop1: detected capacity change from 0 to 256
[  174.890745][ T3564] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected.
[  174.942681][ T3564] usb 5-1: USB disconnect, device number 6
[  174.958171][ T4912] EXT4-fs (loop3): unmounting filesystem.
[  175.059150][ T3564] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected.
[  175.059758][ T5875] netlink: 24 bytes leftover after parsing attributes in process `syz.4.611'.
[  175.193199][ T5886] loop2: detected capacity change from 0 to 256
[  175.333450][ T5888] 9pnet_virtio: no channels available for device syz
[  175.386577][ T3567] Bluetooth: hci7: unexpected event 0x06 length: 23 > 3
[  175.636708][ T3567] Bluetooth: hci7: Malformed LE Event: 0x0d
[  175.780626][ T5908] loop4: detected capacity change from 0 to 128
[  175.803170][ T5907] loop1: detected capacity change from 0 to 512
[  175.818640][ T5907] EXT4-fs: Ignoring removed bh option
[  175.853947][ T5910] loop2: detected capacity change from 0 to 256
[  175.860942][ T5907] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.623: inode #11614: comm syz.1.623: iget: illegal inode #
[  175.958273][   T27] kauditd_printk_skb: 10 callbacks suppressed
[  175.958290][   T27] audit: type=1804 audit(1721191228.985:51): pid=5908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.618" name="/newroot/76/file0/file1" dev="loop4" ino=1048625 res=1 errno=0
[  176.056255][ T5907] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.623: error while reading EA inode 11614 err=-117
[  176.099809][ T5907] EXT4-fs (loop1): 1 truncate cleaned up
[  176.126055][ T5907] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  176.272862][ T4526] EXT4-fs (loop1): unmounting filesystem.
[  176.397814][ T5927] netlink: 24 bytes leftover after parsing attributes in process `syz.1.629'.
[  176.457289][   T27] audit: type=1326 audit(1721191229.485:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5926 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff667775a19 code=0x7ffc0000
[  176.523795][   T27] audit: type=1326 audit(1721191229.515:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5926 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff667775a19 code=0x7ffc0000
[  176.642382][   T27] audit: type=1326 audit(1721191229.515:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5926 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff667775a19 code=0x7ffc0000
[  176.705352][   T27] audit: type=1326 audit(1721191229.515:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5926 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff667775a19 code=0x7ffc0000
[  176.848552][   T27] audit: type=1326 audit(1721191229.515:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5926 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff667775a19 code=0x7ffc0000
[  176.874324][ T5943] loop3: detected capacity change from 0 to 16
[  176.875762][ T5939] serio: Serial port pts0
[  176.941712][ T5945] 9pnet_virtio: no channels available for device syz
[  176.973065][   T27] audit: type=1326 audit(1721191229.515:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5926 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7ff667775a19 code=0x7ffc0000
[  177.006341][ T5943] erofs: (device loop3): mounted with root inode @ nid 36.
[  177.082246][ T3567] Bluetooth: hci5: unexpected event 0x06 length: 23 > 3
[  177.085563][   T27] audit: type=1326 audit(1721191229.515:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5926 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff667775a19 code=0x7ffc0000
[  177.114896][   T27] audit: type=1326 audit(1721191229.515:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5926 comm="syz.0.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff667775a19 code=0x7ffc0000
[  178.150945][ T3567] Bluetooth: hci5: Malformed LE Event: 0x0d
[  178.336694][ T5968] netlink: 24 bytes leftover after parsing attributes in process `syz.0.644'.
[  178.348179][ T3597] kernel read not supported for file [userfaultfd] (pid: 3597 comm: kworker/1:4)
[  178.499871][ T5972] netlink: 16 bytes leftover after parsing attributes in process `syz.1.646'.
[  178.817482][ T5985] loop1: detected capacity change from 0 to 512
[  178.854947][ T5985] EXT4-fs: Ignoring removed bh option
[  178.956668][ T3597] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  179.187386][ T5985] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.652: inode #11614: comm syz.1.652: iget: illegal inode #
[  179.387122][ T3597] usb 1-1: Using ep0 maxpacket: 16
[  179.623378][ T5985] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.652: error while reading EA inode 11614 err=-117
[  179.652061][ T5985] EXT4-fs (loop1): 1 truncate cleaned up
[  179.659424][ T5985] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  179.676286][ T3597] usb 1-1: config index 0 descriptor too short (expected 36164, got 36)
[  179.735998][ T3597] usb 1-1: config 85 has too many interfaces: 95, using maximum allowed: 32
[  179.766827][ T3597] usb 1-1: config 85 has an invalid descriptor of length 123, skipping remainder of the config
[  179.792934][ T3597] usb 1-1: config 85 has 0 interfaces, different from the descriptor's value: 95
[  179.808325][ T4526] EXT4-fs (loop1): unmounting filesystem.
[  179.810045][ T6000] loop4: detected capacity change from 0 to 512
[  179.833990][ T6003] loop2: detected capacity change from 0 to 1024
[  179.856733][ T3597] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  179.866824][ T3597] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.979449][  T120] block nbd3: Possible stuck request ffff88801f7b0000: control (read@0,4096B). Runtime 60 seconds
[  180.075163][ T6003] hfsplus: failed to load root directory
[  180.102254][ T6008] loop4: detected capacity change from 0 to 16
[  180.826598][ T6008] erofs: (device loop4): mounted with root inode @ nid 36.
[  181.109777][ T5978] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.147867][ T5978] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.391289][ T6019] loop4: detected capacity change from 0 to 256
[  181.452871][ T6019] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  181.969978][ T3597] usb 1-1: string descriptor 0 read error: -71
[  182.866317][ T3597] usb 1-1: USB disconnect, device number 3
[  183.037145][ T6044] netlink: 16 bytes leftover after parsing attributes in process `syz.3.669'.
[  183.108918][ T3564] kernel read not supported for file [userfaultfd] (pid: 3564 comm: kworker/0:4)
[  183.726100][ T3564] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  184.323435][ T6087] loop4: detected capacity change from 0 to 256
[  184.768078][ T6087] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  184.806843][ T3564] usb 3-1: Using ep0 maxpacket: 16
[  184.926274][ T3564] usb 3-1: config index 0 descriptor too short (expected 36164, got 36)
[  184.965133][ T3564] usb 3-1: config 85 has too many interfaces: 95, using maximum allowed: 32
[  184.994564][ T3564] usb 3-1: config 85 has an invalid descriptor of length 123, skipping remainder of the config
[  185.115166][ T6100] loop1: detected capacity change from 0 to 1024
[  185.122102][ T3564] usb 3-1: config 85 has 0 interfaces, different from the descriptor's value: 95
[  185.372139][ T6100] hfsplus: extend alloc file! (8192,65536,366)
[  185.721491][ T3564] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  185.731709][ T3564] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.768867][ T4861] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  185.895600][ T3560] Bluetooth: hci4: command 0x0406 tx timeout
[  185.991469][ T6069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.010105][ T6069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.349913][   T52] block nbd1: Possible stuck request ffff88801f720000: control (read@0,4096B). Runtime 90 seconds
[  186.378496][ T6100] user requested TSC rate below hardware speed
[  187.676152][ T3564] usb 3-1: string descriptor 0 read error: -71
[  187.695450][ T3564] usb 3-1: USB disconnect, device number 8
[  188.310431][ T6144] loop2: detected capacity change from 0 to 16
[  188.791702][ T6144] erofs: (device loop2): mounted with root inode @ nid 36.
[  188.811918][ T6139] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  188.827310][ T6139] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -18 in[46, 4050] out[1851]
[  188.840069][ T6139] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  189.866666][ T6150] rdma_op ffff88805cde11f0 conn xmit_rdma 0000000000000000
[  190.106020][ T3595] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  190.366189][ T3595] usb 2-1: Using ep0 maxpacket: 16
[  190.521171][ T6168] loop3: detected capacity change from 0 to 1024
[  190.555707][ T6168] hfsplus: extend alloc file! (8192,65536,366)
[  190.646417][ T4983] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  190.646534][ T3595] usb 2-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[  190.753494][ T3595] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.886275][ T4983] usb 5-1: Using ep0 maxpacket: 16
[  190.921278][ T3595] usb 2-1: Product: syz
[  190.976923][ T3595] usb 2-1: Manufacturer: syz
[  191.006518][ T4983] usb 5-1: config index 0 descriptor too short (expected 36164, got 36)
[  191.015772][ T4983] usb 5-1: config 85 has too many interfaces: 95, using maximum allowed: 32
[  191.024952][ T4983] usb 5-1: config 85 has an invalid descriptor of length 123, skipping remainder of the config
[  191.036417][ T4983] usb 5-1: config 85 has 0 interfaces, different from the descriptor's value: 95
[  191.036500][ T3595] usb 2-1: SerialNumber: syz
[  191.045764][ T4983] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  191.066428][ T4983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.348673][ T3595] usb 2-1: config 0 descriptor??
[  191.381190][ T3595] usb 2-1: can't set config #0, error -71
[  191.476655][ T6164] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.516960][ T3595] usb 2-1: USB disconnect, device number 5
[  191.553681][ T6164] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  191.656616][ T6168] user requested TSC rate below hardware speed
[  192.618019][ T6186] loop0: detected capacity change from 0 to 512
[  192.698456][ T6186] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.713: inline data xattr refers to an external xattr inode
[  192.723751][ T6186] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.713: couldn't read orphan inode 12 (err -117)
[  192.766243][ T6186] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  193.166228][ T4983] usb 5-1: string descriptor 0 read error: -71
[  193.173878][ T4983] usb 5-1: USB disconnect, device number 7
[  193.329843][ T6203] loop1: detected capacity change from 0 to 1024
[  193.393727][ T6203] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  193.444390][ T5134] EXT4-fs (loop0): unmounting filesystem.
[  193.448141][ T6203] EXT4-fs (loop1): orphan cleanup on readonly fs
[  193.568412][ T6203] EXT4-fs error (device loop1): ext4_free_blocks:6213: comm syz.1.720: Freeing blocks not in datazone - block = 0, count = 4096
[  193.577702][ T6181] loop2: detected capacity change from 0 to 40427
[  193.594143][ T6203] EXT4-fs (loop1): 1 orphan inode deleted
[  193.615904][ T6181] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  193.636020][    T7] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  193.651597][ T6203] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  193.663561][ T6181] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  193.859349][ T6181] F2FS-fs (loop2): Found nat_bits in checkpoint
[  193.905425][ T4526] EXT4-fs (loop1): unmounting filesystem.
[  193.966227][    T7] usb 4-1: Using ep0 maxpacket: 16
[  194.011873][ T6181] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  194.035896][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  194.042280][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  194.051481][ T6181] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  194.145065][ T6218] loop0: detected capacity change from 0 to 2048
[  194.155231][ T6181] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  194.155255][ T6181] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  194.171478][ T6181] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  194.179263][ T6181] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  194.192567][ T6181] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  194.200259][ T6181] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  194.208098][ T6181] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  194.231508][ T6223] loop1: detected capacity change from 0 to 256
[  194.248177][ T6218]  loop0: p3 < > p4 < >
[  194.262025][ T6218] loop0: partition table partially beyond EOD, truncated
[  194.266316][    T7] usb 4-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[  194.280116][ T6218] loop0: p3 start 4284289 is beyond EOD, truncated
[  194.345582][    T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.376443][ T3002]  loop0: p3 < > p4 < >
[  194.393767][ T3002] loop0: partition table partially beyond EOD, truncated
[  194.396410][    T7] usb 4-1: Product: syz
[  194.401421][ T3002] loop0: p3 start 4284289 is beyond EOD, truncated
[  194.425390][    T7] usb 4-1: Manufacturer: syz
[  194.459120][    T7] usb 4-1: SerialNumber: syz
[  194.491494][    T7] usb 4-1: config 0 descriptor??
[  194.593886][    T7] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state.
[  194.604523][ T6223] loop1: detected capacity change from 256 to 0
[  194.650982][    T7] dvb-usb: bulk message failed: -22 (2/0)
[  194.689374][    T7] dvb-usb: will use the device's hardware PID filter (table count: 15).
[  194.757623][    T7] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353))
[  194.796143][    T7] usb 4-1: media controller created
[  194.824771][    T7] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  194.867682][    T7] usb 4-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)...
[  194.894432][    T7] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered.
[  195.046087][ T3630] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  195.172943][ T5996] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.256153][    T7] rc_core: IR keymap rc-dtt200u not found
[  195.261950][    T7] Registered IR keymap rc-empty
[  195.291216][    T7] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0
[  195.317062][    T7] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0/input13
[  195.330967][    T7] dvb-usb: schedule remote query interval to 300 msecs.
[  195.346094][    T7] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected.
[  195.396195][    T7] usb 4-1: USB disconnect, device number 4
[  195.469224][ T5996] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.486273][ T3630] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.506093][ T3630] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.509087][    T7] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected.
[  195.544043][ T3630] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  195.599701][ T3630] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.630601][ T3630] usb 5-1: config 0 descriptor??
[  195.698097][ T5996] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.725243][ T3560] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  195.736255][ T3560] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  195.744644][ T3560] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  195.752801][ T3560] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  195.763835][ T3560] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  195.766444][ T6245] process 'syz.2.735' launched '/dev/fd/-1/./file0' with NULL argv: empty string added
[  195.780867][ T3565] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  196.026938][ T5996] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.056845][ T6248] loop2: detected capacity change from 0 to 164
[  196.109705][ T3630] arvo 0003:1E7D:30D4.0005: unknown main item tag 0x0
[  196.128352][ T3630] arvo 0003:1E7D:30D4.0005: item fetching failed at offset 5/7
[  196.173099][ T3630] arvo 0003:1E7D:30D4.0005: parse failed
[  196.193784][ T3630] arvo: probe of 0003:1E7D:30D4.0005 failed with error -22
[  196.266057][ T3565] Bluetooth: hci7: command tx timeout
[  196.368237][ T6250] device bridge1 entered promiscuous mode
[  196.489485][ T3564] usb 5-1: USB disconnect, device number 8
[  196.543458][ T6254] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  196.586203][  T120] block nbd0: Possible stuck request ffff88801f6c0000: control (read@0,4096B). Runtime 90 seconds
[  197.262505][ T6242] chnl_net:caif_netlink_parms(): no params data found
[  197.717311][ T4983] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  197.794089][ T6286] netlink: 16 bytes leftover after parsing attributes in process `syz.0.744'.
[  197.866494][ T3565] Bluetooth: hci5: command tx timeout
[  197.976386][ T4983] usb 4-1: Using ep0 maxpacket: 16
[  197.991595][ T6242] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.036617][ T6242] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.068162][ T6242] device bridge_slave_0 entered promiscuous mode
[  198.106460][ T4983] usb 4-1: config index 0 descriptor too short (expected 36164, got 36)
[  198.121520][ T4983] usb 4-1: config 85 has too many interfaces: 95, using maximum allowed: 32
[  198.155392][ T4983] usb 4-1: config 85 has an invalid descriptor of length 123, skipping remainder of the config
[  198.188060][ T4983] usb 4-1: config 85 has 0 interfaces, different from the descriptor's value: 95
[  198.226160][ T4983] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  198.251860][ T4983] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.346102][ T3565] Bluetooth: hci7: command tx timeout
[  198.363833][ T6242] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.377088][ T6242] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.506739][ T6301] xt_socket: unknown flags 0x8
[  198.515984][ T6301] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  198.562706][ T6299] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  198.802153][ T6242] device bridge_slave_1 entered promiscuous mode
[  199.168848][ T6242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  199.218297][ T6271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  199.267837][ T6271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.283421][ T6242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  199.664777][ T6311] loop4: detected capacity change from 0 to 1024
[  199.692307][ T6311] hfsplus: extend alloc file! (8192,65536,366)
[  199.861637][ T6242] team0: Port device team_slave_0 added
[  199.936905][ T6242] team0: Port device team_slave_1 added
[  199.946112][ T3567] Bluetooth: hci5: command tx timeout
[  199.976852][ T4983] usb 4-1: string descriptor 0 read error: -71
[  199.985452][ T4983] usb 4-1: USB disconnect, device number 5
[  200.118369][ T6326] Bluetooth: MGMT ver 1.22
[  201.433364][ T6332] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  202.260616][ T3567] Bluetooth: hci7: command tx timeout
[  202.266102][ T3567] Bluetooth: hci5: command tx timeout
[  202.450050][   T27] audit: type=1326 audit(1721191255.475:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  202.622072][   T27] audit: type=1326 audit(1721191255.495:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  202.707325][   T27] audit: type=1326 audit(1721191255.495:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  202.731515][ T6242] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.785717][ T6242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.787300][ T6346] loop0: detected capacity change from 0 to 164
[  202.856756][ T6336] kvm [6335]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0xfe00000000
[  202.867055][   T27] audit: type=1326 audit(1721191255.495:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  202.909729][ T6242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  202.930748][ T6336] kvm [6335]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x27e00000080
[  202.952499][   T27] audit: type=1326 audit(1721191255.495:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  203.004105][ T6336] kvm [6335]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0x187 data 0x3ef00000000
[  203.083113][   T27] audit: type=1326 audit(1721191255.495:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  203.083812][ T6357] loop4: detected capacity change from 0 to 128
[  203.175415][ T6242] batman_adv: batadv0: Adding interface: batadv_slave_1
[  203.187782][ T6242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.215420][   T27] audit: type=1326 audit(1721191255.585:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f0836ca67 code=0x7ffc0000
[  203.291979][   T27] audit: type=1326 audit(1721191255.605:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f08311439 code=0x7ffc0000
[  203.319931][ T6242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  203.414567][   T27] audit: type=1326 audit(1721191255.605:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f8f08375a19 code=0x7ffc0000
[  203.535305][   T27] audit: type=1326 audit(1721191255.605:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.3.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f0836ca67 code=0x7ffc0000
[  203.617470][ T6364] loop3: detected capacity change from 0 to 512
[  203.986232][ T5996] device hsr_slave_0 left promiscuous mode
[  204.018816][ T6373] loop3: detected capacity change from 0 to 16
[  204.346131][ T3565] Bluetooth: hci5: command tx timeout
[  206.458724][ T5996] device hsr_slave_1 left promiscuous mode
[  208.151562][ T6373] erofs: (device loop3): mounted with root inode @ nid 36.
[  208.259503][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.298908][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.339418][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.372053][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.561569][ T5996] device bridge_slave_1 left promiscuous mode
[  208.607442][ T5996] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.633259][ T6383] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  208.720202][ T5996] device bridge_slave_0 left promiscuous mode
[  208.769182][ T5996] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.935338][ T5996] device veth1_macvtap left promiscuous mode
[  208.956251][ T5996] device veth0_macvtap left promiscuous mode
[  208.979325][ T5996] device veth1_vlan left promiscuous mode
[  209.005215][ T5996] device veth0_vlan left promiscuous mode
[  209.174189][   T27] kauditd_printk_skb: 3 callbacks suppressed
[  209.174204][   T27] audit: type=1326 audit(1721191262.195:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd918b75a19 code=0x7ffc0000
[  209.399333][   T27] audit: type=1326 audit(1721191262.205:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd918b75a19 code=0x7ffc0000
[  209.474634][   T27] audit: type=1326 audit(1721191262.375:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd918b75a19 code=0x7ffc0000
[  209.532498][   T27] audit: type=1326 audit(1721191262.375:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd918b75a19 code=0x7ffc0000
[  209.558447][   T27] audit: type=1326 audit(1721191262.375:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd918b75a19 code=0x7ffc0000
[  209.615453][   T27] audit: type=1326 audit(1721191262.385:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd918b75a19 code=0x7ffc0000
[  210.026269][  T120] block nbd3: Possible stuck request ffff88801f7b0000: control (read@0,4096B). Runtime 90 seconds
[  210.037531][   T27] audit: type=1326 audit(1721191262.385:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd918b75a19 code=0x7ffc0000
[  210.103363][   T27] audit: type=1326 audit(1721191262.385:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd918b6ca67 code=0x7ffc0000
[  210.164735][   T27] audit: type=1326 audit(1721191262.385:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd918b11439 code=0x7ffc0000
[  210.234971][   T27] audit: type=1326 audit(1721191262.385:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz.2.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd918b6ca67 code=0x7ffc0000
[  210.271340][ T6400] loop2: detected capacity change from 0 to 1024
[  210.282377][ T6400] EXT4-fs: Ignoring removed oldalloc option
[  210.330566][ T6400] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  210.386529][  T936] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  210.542132][ T4572] EXT4-fs (loop2): unmounting filesystem.
[  210.666444][  T936] usb 5-1: Using ep0 maxpacket: 8
[  210.801700][  T936] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  210.815357][  T936] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  210.826242][  T936] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  210.836599][  T936] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  210.893749][  T936] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  210.898872][ T6416] xt_socket: unknown flags 0x8
[  210.917691][ T6416] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  210.953743][  T936] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.772026][ T6418] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  211.965637][ T6422] loop2: detected capacity change from 0 to 256
[  211.976386][  T936] usb 5-1: GET_CAPABILITIES returned 0
[  211.984897][  T936] usbtmc 5-1:16.0: can't read capabilities
[  211.995194][ T6422] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  212.112759][ T5996] team0 (unregistering): Port device team_slave_1 removed
[  212.156512][ T5996] team0 (unregistering): Port device team_slave_0 removed
[  212.214903][ T5996] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.305790][ T5996] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.315900][ T4065] usb 5-1: USB disconnect, device number 9
[  213.175578][ T6429] netlink: 'syz.2.784': attribute type 1 has an invalid length.
[  213.183481][ T6429] netlink: 116376 bytes leftover after parsing attributes in process `syz.2.784'.
[  213.547385][ T5996] bond0 (unregistering): Released all slaves
[  213.642182][ T6420] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  213.659183][ T6420] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  213.694777][ T6420] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  213.729348][ T6420] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  213.768603][ T6420] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  213.802834][ T6420] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  213.835828][ T6420] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  214.091667][ T6242] device hsr_slave_0 entered promiscuous mode
[  214.110463][ T6242] device hsr_slave_1 entered promiscuous mode
[  214.142915][ T3567] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  214.152545][ T3567] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  214.160520][ T3567] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  214.169776][ T3567] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  214.191057][ T6242] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  214.198773][ T6242] Cannot create hsr debugfs directory
[  214.317135][ T3567] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  214.326394][ T3567] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  215.251041][ T6454] netlink: 16 bytes leftover after parsing attributes in process `syz.4.794'.
[  215.513149][ T6462] loop4: detected capacity change from 0 to 1024
[  215.611008][ T6462] hfsplus: extend alloc file! (8192,65536,366)
[  216.359831][ T6459] user requested TSC rate below hardware speed
[  216.426202][ T3565] Bluetooth: hci8: command tx timeout
[  216.463209][   T52] block nbd1: Possible stuck request ffff88801f720000: control (read@0,4096B). Runtime 120 seconds
[  216.656183][ T4071] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  216.718636][ T6480] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  216.742738][   T27] kauditd_printk_skb: 31 callbacks suppressed
[  216.742754][   T27] audit: type=1326 audit(1721191269.765:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6008775a19 code=0x7ffc0000
[  216.795160][ T6480] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  216.827734][ T6480] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  216.835741][ T6480] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  216.843815][   T27] audit: type=1326 audit(1721191269.805:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6008775a19 code=0x7ffc0000
[  216.892559][   T27] audit: type=1326 audit(1721191269.805:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6008775a19 code=0x7ffc0000
[  216.916219][ T4071] usb 3-1: Using ep0 maxpacket: 8
[  216.927085][ T6480] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  216.935261][ T6480] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  216.954866][   T27] audit: type=1326 audit(1721191269.805:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6008775a19 code=0x7ffc0000
[  216.986905][ T6480] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  217.016080][   T27] audit: type=1326 audit(1721191269.825:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6008775a19 code=0x7ffc0000
[  217.036299][ T4071] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  217.076138][ T4071] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  217.113479][   T27] audit: type=1326 audit(1721191269.825:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6008775a19 code=0x7ffc0000
[  217.116728][ T4071] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  217.159063][   T27] audit: type=1326 audit(1721191269.825:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f600876ca67 code=0x7ffc0000
[  217.185047][   T27] audit: type=1326 audit(1721191269.825:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6008711439 code=0x7ffc0000
[  217.208504][   T27] audit: type=1326 audit(1721191269.825:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f600876ca67 code=0x7ffc0000
[  217.232636][   T27] audit: type=1326 audit(1721191269.825:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.4.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6008711439 code=0x7ffc0000
[  217.236028][ T4071] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  217.306256][ T4071] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  217.315370][ T4071] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.409449][ T6494] netlink: 16 bytes leftover after parsing attributes in process `syz.4.803'.
[  217.432404][ T6444] chnl_net:caif_netlink_parms(): no params data found
[  217.606492][ T4071] usb 3-1: GET_CAPABILITIES returned 0
[  217.612150][ T4071] usbtmc 3-1:16.0: can't read capabilities
[  217.736534][ T6444] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.743811][ T6444] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.795355][ T6444] device bridge_slave_0 entered promiscuous mode
[  217.827382][ T6444] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.852364][ T6444] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.865170][ T3597] usb 3-1: USB disconnect, device number 9
[  217.867406][ T6444] device bridge_slave_1 entered promiscuous mode
[  217.961768][ T6444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.995091][ T6444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  218.097292][ T6444] team0: Port device team_slave_0 added
[  218.124316][ T6444] team0: Port device team_slave_1 added
[  218.217109][ T6444] batman_adv: batadv0: Adding interface: batadv_slave_0
[  218.238907][ T6444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.305678][ T6444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  218.340780][ T6444] batman_adv: batadv0: Adding interface: batadv_slave_1
[  218.374262][ T6444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.471781][ T6444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  218.506193][ T3565] Bluetooth: hci8: command tx timeout
[  218.560914][ T6242] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  218.637222][ T6242] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  218.668212][ T6242] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  218.727381][ T6242] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  218.759555][ T6444] device hsr_slave_0 entered promiscuous mode
[  218.787133][ T6444] device hsr_slave_1 entered promiscuous mode
[  218.787158][ T6522] loop4: detected capacity change from 0 to 764
[  218.803184][ T6444] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  218.862571][ T6444] Cannot create hsr debugfs directory
[  218.946169][ T6522] rock: directory entry would overflow storage
[  218.952559][ T6522] rock: sig=0x4654, size=5, remaining=4
[  219.158319][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  219.232660][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  219.272520][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  219.319258][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  219.375014][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  219.428513][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  219.455067][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  219.488141][ T6522] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.808'.
[  219.610458][ T6242] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.797928][ T6444] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.879876][  T936] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  219.903439][  T936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  220.178257][ T6444] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.607464][ T3565] Bluetooth: hci8: command tx timeout
[  221.150940][ T6242] 8021q: adding VLAN 0 to HW filter on device team0
[  221.196970][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  221.240136][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  221.273882][ T4071] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.281107][ T4071] bridge0: port 1(bridge_slave_0) entered forwarding state
[  221.422674][ T6444] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.495244][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  221.612253][ T6444] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.682870][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  221.706566][ T3560] Bluetooth: hci0: command 0x0406 tx timeout
[  221.723005][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  221.779539][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.786808][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.876477][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  221.917231][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  221.966239][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  221.982245][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  222.009323][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  222.028801][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  222.047209][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  222.067306][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  222.105411][ T6242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  222.133792][ T6545] loop2: detected capacity change from 0 to 40427
[  222.185019][ T6242] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  222.196473][ T6545] F2FS-fs (loop2): invalid crc value
[  222.208541][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  222.227163][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  222.238487][ T6545] F2FS-fs (loop2): Found nat_bits in checkpoint
[  222.257003][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  222.286385][  T936] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  222.413764][ T6545] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  222.449039][ T6584] netlink: 16 bytes leftover after parsing attributes in process `syz.4.823'.
[  222.534448][ T6444] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  222.576938][ T6444] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  222.609077][ T4572] syz-executor: attempt to access beyond end of device
[  222.609077][ T4572] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  222.646725][ T6444] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  222.666591][ T3567] Bluetooth: hci8: command tx timeout
[  222.672152][  T936] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.677502][ T6444] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  222.702957][  T936] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  222.726863][  T936] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  222.746159][  T936] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.781808][  T936] usb 1-1: config 0 descriptor??
[  222.986470][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  223.004184][ T3597] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  223.096916][ T6242] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.187257][ T3629] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  223.210211][ T6444] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.268746][  T936] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  223.306846][  T936] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  223.315165][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  223.329837][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  223.350171][ T6242] device veth0_vlan entered promiscuous mode
[  223.365714][ T6444] 8021q: adding VLAN 0 to HW filter on device team0
[  223.400554][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  223.410837][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  223.419924][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  223.428734][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  223.443676][ T6242] device veth1_vlan entered promiscuous mode
[  223.456313][ T3629] usb 5-1: Using ep0 maxpacket: 16
[  223.462060][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  223.480608][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  223.489206][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  223.497486][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  223.506880][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  223.530559][ T3595] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.537812][ T3595] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.597470][ T3629] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  223.626162][ T3629] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.653951][ T3629] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.669360][ T3629] usb 5-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00
[  223.679063][ T3629] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.680115][ T6613] loop2: detected capacity change from 0 to 764
[  223.689053][   T26] usb 1-1: USB disconnect, device number 4
[  223.718131][ T4068] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  223.722101][ T3629] usb 5-1: config 0 descriptor??
[  223.741071][ T4068] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  223.795013][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  223.803985][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  223.814584][ T4071] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.821854][ T4071] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.832663][ T6613] rock: directory entry would overflow storage
[  223.839116][ T6613] rock: sig=0x4654, size=5, remaining=4
[  223.846463][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  223.869340][ T6242] device veth0_macvtap entered promiscuous mode
[  223.943527][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  223.954552][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  223.963360][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  223.972423][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  223.983823][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  223.993289][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  224.004213][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  224.026686][ T6242] device veth1_macvtap entered promiscuous mode
[  224.049391][ T6444] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  224.075719][ T6613] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.828'.
[  224.085196][ T6444] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  224.098541][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  224.111845][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  224.128695][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  224.142076][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  224.152872][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  224.169295][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  224.180964][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  224.199414][ T3629] waltop 0003:172F:0037.0007: unknown main item tag 0x0
[  224.206813][ T3629] waltop 0003:172F:0037.0007: unknown main item tag 0x0
[  224.215606][ T3629] waltop 0003:172F:0037.0007: unknown main item tag 0x0
[  224.223400][ T3629] waltop 0003:172F:0037.0007: unknown main item tag 0x0
[  224.223545][ T5996] device hsr_slave_0 left promiscuous mode
[  224.237949][ T3629] waltop 0003:172F:0037.0007: unknown main item tag 0x0
[  224.247660][ T5996] device hsr_slave_1 left promiscuous mode
[  224.258373][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  224.268498][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_0
[  224.275591][ T3629] waltop 0003:172F:0037.0007: hidraw0: USB HID v0.00 Device [HID 172f:0037] on usb-dummy_hcd.4-1/input0
[  224.289933][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  224.299412][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_1
[  224.314366][ T5996] device bridge_slave_1 left promiscuous mode
[  224.324619][ T5996] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.339807][ T5996] device bridge_slave_0 left promiscuous mode
[  224.348270][ T5996] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.423347][ T3629] usb 5-1: USB disconnect, device number 10
[  224.462670][ T5996] device veth1_macvtap left promiscuous mode
[  224.480267][ T5996] device veth0_macvtap left promiscuous mode
[  224.494445][ T5996] device veth1_vlan left promiscuous mode
[  224.506395][ T5996] device veth0_vlan left promiscuous mode
[  225.513709][ T6621] loop0: detected capacity change from 0 to 32768
[  225.562071][ T6621] XFS (loop0): Mounting V5 Filesystem
[  225.644426][ T6621] XFS (loop0): Ending clean mount
[  225.747735][ T6621] syz.0.831 (6621) used greatest stack depth: 19240 bytes left
[  225.774836][ T5134] XFS (loop0): Unmounting Filesystem
[  225.938163][ T5996] team0 (unregistering): Port device team_slave_1 removed
[  225.947061][ T6627] loop4: detected capacity change from 0 to 40427
[  225.987678][ T6627] F2FS-fs (loop4): invalid crc value
[  226.004603][ T5996] team0 (unregistering): Port device team_slave_0 removed
[  226.031317][ T6627] F2FS-fs (loop4): Found nat_bits in checkpoint
[  226.082447][ T5996] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  226.129914][ T6627] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  226.175137][ T5996] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  226.225139][ T4368] syz-executor: attempt to access beyond end of device
[  226.225139][ T4368] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  226.669203][  T120] block nbd0: Possible stuck request ffff88801f6c0000: control (read@0,4096B). Runtime 120 seconds
[  226.750721][ T5996] bond0 (unregistering): Released all slaves
[  226.824635][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.843956][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.853898][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.871268][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.882007][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.896008][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.910072][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.921512][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.931575][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.942179][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.952200][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.962725][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.972660][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.983146][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.996609][ T6242] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.009765][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  227.020123][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  227.039848][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  227.066729][ T6625] netlink: 16 bytes leftover after parsing attributes in process `syz.2.833'.
[  227.087797][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.127436][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.175580][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.192643][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.205497][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.218290][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.218316][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.218333][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.218350][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.218365][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.218381][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.218395][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.218412][ T6242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  227.218426][ T6242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.228941][ T6242] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.290163][ T6649] loop2: detected capacity change from 0 to 1024
[  227.339381][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  227.339684][ T6649] hfsplus: extend alloc file! (8192,65536,366)
[  227.364065][ T3595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  227.389938][ T6242] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.419176][ T6242] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.444220][ T6242] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.462565][ T6242] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.596583][ T4068] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  227.604115][ T4068] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  227.800533][ T6444] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.316539][ T3564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  228.335102][ T3564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  228.346510][ T6649] user requested TSC rate below hardware speed
[  228.396457][ T5594] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.416640][ T5594] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.454029][ T6444] device veth0_vlan entered promiscuous mode
[  228.481516][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  228.495373][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  228.524492][ T3976] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  228.582333][ T3668] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.594198][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  228.616789][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  228.634292][ T3668] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.643387][ T6444] device veth1_vlan entered promiscuous mode
[  228.683612][ T3564] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  228.697552][ T3564] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  228.718466][ T3564] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  228.787232][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  228.806720][ T4065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  228.826353][ T6444] device veth0_macvtap entered promiscuous mode
[  228.867090][ T6444] device veth1_macvtap entered promiscuous mode
[  228.911953][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.937925][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.992735][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.026590][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.076320][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.108432][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.145730][ T6674] loop1: detected capacity change from 0 to 256
[  229.146889][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.180379][ T6656] loop4: detected capacity change from 0 to 32768
[  229.196050][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.196580][ T6674] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  229.205911][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.217964][ T6656] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.840 (6656)
[  229.242220][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.255287][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.278741][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.282242][   T27] kauditd_printk_skb: 15 callbacks suppressed
[  229.282257][   T27] audit: type=1800 audit(1721191282.305:139): pid=6674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.842" name="file1" dev="loop1" ino=1048631 res=0 errno=0
[  229.296974][ T6656] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  229.343439][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.368051][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.385091][ T6656] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  229.412104][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.422735][ T6656] BTRFS info (device loop4): using free space tree
[  229.442180][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.467734][ T6444] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.477991][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  229.487062][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  229.495276][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  229.505209][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  229.519021][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.532759][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.544199][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.575221][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.596134][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.616091][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.634585][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.658356][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.676260][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.694722][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.718094][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.736149][ T6656] BTRFS info (device loop4): enabling ssd optimizations
[  229.753987][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.775650][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.796075][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.816725][ T6444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.836667][ T6444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.857248][ T6444] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.916746][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  229.945691][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  230.139015][ T6444] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.163398][ T6444] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.171462][ T4368] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  230.242718][ T6702] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  230.269691][ T6702] CIFS mount error: No usable UNC path provided in device string!
[  230.269691][ T6702] 
[  230.280312][ T6702] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  230.526374][ T6444] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.657265][ T6444] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.052808][ T4794] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.075553][ T4794] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.127484][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  231.136278][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.155631][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.185044][ T3804] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  231.443153][ T6725] loop4: detected capacity change from 0 to 1024
[  231.458109][ T6725] hfsplus: extend alloc file! (8192,65536,366)
[  231.495563][ T6729] loop0: detected capacity change from 0 to 256
[  231.512822][ T6729] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  231.574987][   T27] audit: type=1800 audit(1721191284.595:140): pid=6729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.858" name="file1" dev="loop0" ino=1048642 res=0 errno=0
[  231.606195][   T14] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  231.947339][ T3560] Bluetooth: hci2: command 0x0406 tx timeout
[  231.996580][   T14] usb 4-1: Using ep0 maxpacket: 8
[  232.138393][   T14] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  232.175780][   T14] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  232.216086][   T14] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  232.236489][   T14] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  232.314895][   T14] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  232.370051][   T14] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  232.381357][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.462434][ T6725] user requested TSC rate below hardware speed
[  232.646171][   T14] usb 4-1: GET_CAPABILITIES returned 0
[  232.651759][   T14] usbtmc 4-1:16.0: can't read capabilities
[  232.774239][ T5996] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.890246][ T5996] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.934106][ T3976] usb 4-1: USB disconnect, device number 6
[  232.965104][ T3567] Bluetooth: hci0: unexpected event for opcode 0x0809
[  233.082317][ T5996] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.146689][ T6748] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  233.207756][ T6753] loop4: detected capacity change from 0 to 2048
[  233.215702][ T6753] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  233.229417][ T3565] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  233.242390][ T3565] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  233.244637][ T6753] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  233.251489][ T5996] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.269013][ T3565] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  233.281762][ T3565] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  233.298961][ T3565] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  233.308654][ T3565] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  233.704530][ T4368] EXT4-fs (loop4): unmounting filesystem.
[  233.966841][    T7] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  234.013931][ T6763] loop0: detected capacity change from 0 to 32768
[  234.039501][ T6756] chnl_net:caif_netlink_parms(): no params data found
[  234.190848][ T6787] loop4: detected capacity change from 0 to 1024
[  234.246997][ T6787] hfsplus: extend alloc file! (8192,65536,366)
[  234.371392][ T6756] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.378717][ T6756] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.396226][ T6756] device bridge_slave_0 entered promiscuous mode
[  234.406180][    T7] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  234.415293][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.430605][    T7] usb 2-1: config 0 descriptor??
[  234.622363][ T6756] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.623551][    T7] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  234.687725][ T6756] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.793574][ T6756] device bridge_slave_1 entered promiscuous mode
[  235.032312][ T6787] user requested TSC rate below hardware speed
[  235.066631][    T7] gp8psk: usb in 128 operation failed.
[  235.086744][    T7] gp8psk: usb in 137 operation failed.
[  235.107516][    T7] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  235.156415][    T7] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  235.172729][    T7] usb 2-1: media controller created
[  235.213755][    T7] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  235.220327][ T6796] loop0: detected capacity change from 0 to 512
[  235.241685][ T6756] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  235.253434][ T6796] EXT4-fs: Ignoring removed oldalloc option
[  235.262618][ T6756] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  235.263935][    T7] gp8psk_fe: Frontend attached
[  235.287708][    T7] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  235.288897][ T6796] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=9802e02d, mo2=0002]
[  235.306402][    T7] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  235.325364][ T6796] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.876: invalid indirect mapped block 1 (level 1)
[  235.349802][ T6796] EXT4-fs (loop0): Remounting filesystem read-only
[  235.366417][ T6796] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.876: invalid indirect mapped block 1635017060 (level 1)
[  235.388020][ T3567] Bluetooth: hci2: command tx timeout
[  235.396842][    T7] gp8psk: usb in 138 operation failed.
[  235.404626][    T7] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  235.417308][ T6756] team0: Port device team_slave_0 added
[  235.432177][    T7] gp8psk: found Genpix USB device pID = 203 (hex)
[  235.432699][ T6756] team0: Port device team_slave_1 added
[  235.446812][ T6796] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.876: bg 0: block 361: padding at end of block bitmap is not set
[  235.461795][ T6796] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6173: Corrupt filesystem
[  235.464710][    T7] usb 2-1: USB disconnect, device number 6
[  235.480408][ T6796] EXT4-fs (loop0): 1 truncate cleaned up
[  235.492398][ T6796] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  235.576899][ T6756] batman_adv: batadv0: Adding interface: batadv_slave_0
[  235.586973][ T6756] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.679052][    T7] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  235.716047][ T6756] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  235.760154][ T6756] batman_adv: batadv0: Adding interface: batadv_slave_1
[  235.761170][ T6808] loop4: detected capacity change from 0 to 256
[  235.778549][ T6756] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.822122][ T6756] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  235.977978][ T5134] EXT4-fs (loop0): unmounting filesystem.
[  236.046146][ T3976] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  236.070781][ T6756] device hsr_slave_0 entered promiscuous mode
[  236.093092][ T6756] device hsr_slave_1 entered promiscuous mode
[  236.117133][ T6756] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  236.134935][ T6756] Cannot create hsr debugfs directory
[  236.306149][ T3976] usb 4-1: Using ep0 maxpacket: 16
[  236.349953][ T5996] device hsr_slave_0 left promiscuous mode
[  236.374798][ T5996] device hsr_slave_1 left promiscuous mode
[  236.386697][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  236.404424][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_0
[  236.405213][ T6821] loop0: detected capacity change from 0 to 764
[  236.426166][ T3976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.446914][ T3976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.452161][ T5996] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  236.467544][ T3976] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  236.474386][ T5996] batman_adv: batadv0: Removing interface: batadv_slave_1
[  236.491571][ T3976] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  236.506768][ T6821] rock: directory entry would overflow storage
[  236.506837][ T5996] device bridge_slave_1 left promiscuous mode
[  236.520573][ T6821] rock: sig=0x4654, size=5, remaining=4
[  236.523156][ T3976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.542116][ T6810] loop1: detected capacity change from 0 to 32768
[  236.550585][ T5996] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.562743][ T6810] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.883 (6810)
[  236.578967][ T5996] device bridge_slave_0 left promiscuous mode
[  236.585847][ T5996] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.597163][ T3976] usb 4-1: config 0 descriptor??
[  236.615484][ T6810] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  236.634288][ T6810] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  236.642890][ T6821] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.887'.
[  236.673696][ T6810] BTRFS info (device loop1): using free space tree
[  236.699760][ T5996] device veth1_macvtap left promiscuous mode
[  236.712393][ T5996] device veth0_macvtap left promiscuous mode
[  236.735266][ T5996] device veth1_vlan left promiscuous mode
[  236.741559][ T5996] device veth0_vlan left promiscuous mode
[  236.766303][ T6810] BTRFS info (device loop1): enabling ssd optimizations
[  236.860338][ T6242] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  237.138207][ T3976] microsoft 0003:045E:07DA.0008: No inputs registered, leaving
[  237.182535][ T3976] microsoft 0003:045E:07DA.0008: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  237.236978][ T3976] microsoft 0003:045E:07DA.0008: no inputs found
[  237.276009][ T3976] microsoft 0003:045E:07DA.0008: could not initialize ff, continuing anyway
[  237.355409][ T4982] usb 4-1: USB disconnect, device number 7
[  237.421892][ T6847] loop4: detected capacity change from 0 to 512
[  237.466182][ T3565] Bluetooth: hci2: command tx timeout
[  237.472512][ T6847] EXT4-fs: Ignoring removed i_version option
[  237.482042][ T6847] EXT4-fs: Ignoring removed nobh option
[  237.500030][ T6847] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  237.562779][ T6847] EXT4-fs (loop4): 1 truncate cleaned up
[  237.586035][ T6847] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  237.777354][ T6855] loop1: detected capacity change from 0 to 1024
[  237.799940][ T6855] hfsplus: extend alloc file! (8192,65536,366)
[  237.852128][ T4368] EXT4-fs (loop4): unmounting filesystem.
[  238.190265][ T6855] user requested TSC rate below hardware speed
[  238.489395][ T6862] loop3: detected capacity change from 0 to 256
[  238.818848][ T6870] loop3: detected capacity change from 0 to 2048
[  238.828627][ T6872] netlink: 4 bytes leftover after parsing attributes in process `syz.1.898'.
[  238.883867][ T6870] NILFS (loop3): invalid segment: Checksum error in segment payload
[  238.892918][ T6870] NILFS (loop3): trying rollback from an earlier position
[  238.966567][ T6870] NILFS (loop3): recovery complete
[  238.999473][ T6876] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  239.204191][ T5996] team0 (unregistering): Port device team_slave_1 removed
[  239.304481][ T5996] team0 (unregistering): Port device team_slave_0 removed
[  239.430721][ T5996] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.520055][ T6882] loop4: detected capacity change from 0 to 8192
[  239.536632][ T5996] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  239.543627][ T6882] REISERFS warning (device loop4): super-6502 reiserfs_getopt: unknown mount option ""
[  239.556342][ T3565] Bluetooth: hci2: command tx timeout
[  239.715193][ T6892] loop3: detected capacity change from 0 to 764
[  239.869838][ T6892] rock: directory entry would overflow storage
[  239.884150][ T6892] rock: sig=0x4654, size=5, remaining=4
[  240.024995][ T6896] loop1: detected capacity change from 0 to 1024
[  240.041094][ T6896] hfsplus: extend alloc file! (8192,65536,366)
[  240.119347][   T28] INFO: task syz.1.187:4320 blocked for more than 143 seconds.
[  240.131671][  T120] block nbd3: Possible stuck request ffff88801f7b0000: control (read@0,4096B). Runtime 120 seconds
[  240.144372][   T28]       Not tainted 6.1.99-syzkaller #0
[  240.177581][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  240.192096][ T6902] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.906'.
[  240.206234][   T28] task:syz.1.187       state:D stack:26752 pid:4320  ppid:3553   flags:0x00004004
[  240.239353][   T28] Call Trace:
[  240.247540][   T28]  <TASK>
[  240.250858][   T28]  __schedule+0x142d/0x4550
[  240.257004][   T28]  ? __sched_text_start+0x8/0x8
[  240.263246][   T28]  ? __mutex_trylock_common+0x8d/0x2e0
[  240.554031][ T6903] user requested TSC rate below hardware speed
[  240.717081][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  240.722568][   T28]  schedule+0xbf/0x180
[  240.727816][   T28]  schedule_preempt_disabled+0xf/0x20
[  240.733579][   T28]  __mutex_lock+0x6b9/0xd80
[  240.738730][   T28]  ? __mutex_lock+0x53c/0xd80
[  240.743793][   T28]  ? blkdev_put+0x100/0x750
[  240.767616][   T28]  ? mutex_lock_nested+0x10/0x10
[  240.783390][   T28]  ? __fsnotify_parent+0x50b/0x730
[  240.791192][   T28]  blkdev_put+0x100/0x750
[  240.796916][   T28]  blkdev_close+0x56/0x80
[  240.803411][   T28]  ? blkdev_open+0x2e0/0x2e0
[  240.808436][   T28]  __fput+0x3f6/0x8d0
[  240.817077][   T28]  task_work_run+0x246/0x300
[  240.829106][   T28]  ? task_work_cancel+0x2b0/0x2b0
[  240.837138][   T28]  ? blkdev_ioctl+0x3a9/0x760
[  240.850233][   T28]  ? exit_to_user_mode_loop+0x39/0x100
[  240.860379][   T28]  exit_to_user_mode_loop+0xde/0x100
[  240.872310][   T28]  exit_to_user_mode_prepare+0xb1/0x140
[  240.882441][   T28]  syscall_exit_to_user_mode+0x60/0x270
[  240.891489][   T28]  do_syscall_64+0x47/0xb0
[  240.901906][   T28]  ? clear_bhb_loop+0x45/0xa0
[  240.912564][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  240.920799][   T28] RIP: 0033:0x7f58ebf75a19
[  240.925404][   T28] RSP: 002b:00007f58ecd5a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  240.934677][   T28] RAX: 0000000000000000 RBX: 00007f58ec103f60 RCX: 00007f58ebf75a19
[  240.944553][   T28] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003
[  240.952967][   T28] RBP: 00007f58ebfe4e49 R08: 0000000000000000 R09: 0000000000000000
[  240.974667][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.984488][   T28] R13: 000000000000000b R14: 00007f58ec103f60 R15: 00007ffe3d6803f8
[  240.993524][   T28]  </TASK>
[  241.000245][   T28] INFO: task syz.1.187:4321 blocked for more than 144 seconds.
[  241.009019][   T28]       Not tainted 6.1.99-syzkaller #0
[  241.014702][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  241.025249][   T28] task:syz.1.187       state:D stack:27560 pid:4321  ppid:3553   flags:0x00004004
[  241.037588][   T28] Call Trace:
[  241.040967][   T28]  <TASK>
[  241.044020][   T28]  __schedule+0x142d/0x4550
[  241.050052][   T28]  ? __sched_text_start+0x8/0x8
[  241.055020][   T28]  ? __mutex_trylock_common+0x8d/0x2e0
[  241.063558][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  241.070684][   T28]  schedule+0xbf/0x180
[  241.077178][   T28]  schedule_preempt_disabled+0xf/0x20
[  241.082772][   T28]  __mutex_lock+0x6b9/0xd80
[  241.087523][   T28]  ? __mutex_lock+0x53c/0xd80
[  241.092292][   T28]  ? blkdev_get_by_dev+0x148/0xa10
[  241.097666][   T28]  ? mutex_lock_nested+0x10/0x10
[  241.102684][   T28]  ? _atomic_dec_and_lock+0x96/0x130
[  241.108171][   T28]  ? iput+0x401/0x980
[  241.112887][   T28]  ? ilookup+0x1c8/0x200
[  241.117334][   T28]  ? disk_block_events+0xa1/0x110
[  241.123150][   T28]  ? blkdev_get_by_dev+0xe7/0xa10
[  241.128360][   T28]  blkdev_get_by_dev+0x148/0xa10
[  241.133481][   T28]  blkdev_open+0x12e/0x2e0
[  241.140082][   T28]  ? blkdev_mmap+0x1b0/0x1b0
[  241.165785][   T28]  do_dentry_open+0x7f9/0x10f0
[  241.173514][   T28]  path_openat+0x2644/0x2e60
[  241.178368][   T28]  ? mark_lock+0x9a/0x340
[  241.182943][   T28]  ? do_filp_open+0x480/0x480
[  241.187799][   T28]  do_filp_open+0x230/0x480
[  241.192415][   T28]  ? vfs_tmpfile+0x4a0/0x4a0
[  241.197650][   T28]  ? _raw_spin_unlock+0x24/0x40
[  241.202711][   T28]  ? alloc_fd+0x59c/0x640
[  241.209967][   T28]  do_sys_openat2+0x13b/0x4f0
[  241.214901][   T28]  ? do_sys_open+0x220/0x220
[  241.219759][   T28]  __x64_sys_openat+0x243/0x290
[  241.226849][   T28]  ? __ia32_sys_open+0x270/0x270
[  241.233597][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  241.240552][   T28]  ? lockdep_hardirqs_on+0x94/0x130
[  241.245877][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  241.254232][   T28]  do_syscall_64+0x3b/0xb0
[  241.261039][   T28]  ? clear_bhb_loop+0x45/0xa0
[  241.266187][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  241.272171][   T28] RIP: 0033:0x7f58ebf74450
[  241.276850][   T28] RSP: 002b:00007f58ecd38b80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  241.285749][   T28] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f58ebf74450
[  241.293942][   T28] RDX: 0000000000000000 RSI: 00007f58ecd38c20 RDI: 00000000ffffff9c
[  241.302262][   T28] RBP: 00007f58ecd38c20 R08: 0000000000000000 R09: 002364626e2f7665
[  241.311578][   T28] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  241.319778][   T28] R13: 000000000000006e R14: 00007f58ec104038 R15: 00007ffe3d6803f8
[  241.330483][   T28]  </TASK>
[  241.347144][   T28] 
[  241.347144][   T28] Showing all locks held in the system:
[  241.356844][   T28] 1 lock held by rcu_tasks_kthre/12:
[  241.362262][   T28]  #0: ffffffff8d12aed0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  241.373525][   T28] 1 lock held by rcu_tasks_trace/13:
[  241.414950][   T28]  #0: ffffffff8d12b6d0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  241.445110][   T28] 3 locks held by kworker/0:1/14:
[  241.450367][   T28]  #0: ffff888012470938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.460944][   T28]  #1: ffffc90000137d20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.472406][   T28]  #2: ffffffff8e299c28 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xa/0x50
[  241.483174][   T28] 3 locks held by kworker/1:1/26:
[  241.488501][   T28]  #0: ffff888012470938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.501906][   T28]  #1: ffffc90000a1fd20 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.512556][   T28]  #2: ffffffff8e299c28 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xa/0x20
[  241.523413][   T28] 1 lock held by khungtaskd/28:
[  241.528468][   T28]  #0: ffffffff8d12ad00 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  241.539344][   T28] 2 locks held by getty/3304:
[  241.544192][   T28]  #0: ffff88814baaf098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  241.554422][   T28]  #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0
[  241.564685][   T28] 1 lock held by udevd/3544:
[  241.569401][   T28]  #0: ffff88801f5d54c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10
[  241.580818][   T28] 3 locks held by kworker/u5:5/3565:
[  241.588705][   T28]  #0: ffff888077991938 ((wq_completion)hci1){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.605490][   T28]  #1: ffffc9000411fd20 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.617867][   T28]  #2: ffff88807d6790b8 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1dc/0x400
[  241.628267][   T28] 1 lock held by udevd/3568:
[  241.634550][   T28]  #0: ffff88801f6744c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10
[  241.636116][ T3567] Bluetooth: hci2: command tx timeout
[  241.644782][   T28] 2 locks held by kworker/0:11/3977:
[  241.656309][   T28]  #0: ffff888012472138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.667938][   T28]  #1: ffffc90005da7d20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.684157][   T28] 3 locks held by kworker/u4:8/4055:
[  241.704967][   T28] 1 lock held by syz.1.187/4320:
[  241.720930][   T28]  #0: ffff88801f5d54c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x100/0x750
[  241.731493][   T28] 1 lock held by syz.1.187/4321:
[  241.755894][   T28]  #0: ffff88801f5d54c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10
[  241.767698][   T28] 1 lock held by syz.0.240/4566:
[  241.772894][   T28]  #0: ffff88801f4ff4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x100/0x750
[  241.785701][   T28] 1 lock held by syz.3.275/4771:
[  241.791228][   T28]  #0: ffff88801f6744c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0x100/0x750
[  241.804336][   T28] 1 lock held by syz.3.275/4773:
[  241.812170][   T28]  #0: ffff88801f6744c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10
[  241.823655][   T28] 1 lock held by syz.0.326/4935:
[  241.828808][   T28]  #0: ffff88801f4ff4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10
[  241.842210][   T28] 1 lock held by syz.0.326/4940:
[  241.847360][   T28]  #0: ffff88801f4ff4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x148/0xa10
[  241.858714][   T28] 4 locks held by kworker/u4:20/5992:
[  241.868064][   T28] 5 locks held by kworker/u4:22/5996:
[  241.873636][   T28]  #0: ffff888012616938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.884369][   T28]  #1: ffffc900032f7d20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  241.894553][   T28]  #2: ffffffff8e28d8d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60
[  241.904201][   T28]  #3: ffffffff8e299c28 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe5/0x9d0
[  241.915070][   T28]  #4: ffffffff8d1302f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930
[  241.926838][   T28] 1 lock held by syz-executor/6756:
[  241.932315][   T28]  #0: ffffffff8e299c28 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x7c1/0xff0
[  241.970010][   T28] 1 lock held by syz.0.901/6879:
[  241.984765][   T28]  #0: ffffffff8e299c28 (rtnl_mutex){+.+.}-{3:3}, at: bpf_xdp_link_attach+0xdb/0x460
[  241.995133][   T28] 1 lock held by syz.0.901/6880:
[  242.000315][   T28]  #0: ffffffff8e299c28 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x4f5/0xf70
[  242.020657][   T28] 
[  242.041326][   T28] =============================================
[  242.041326][   T28] 
[  242.061277][   T28] NMI backtrace for cpu 0
[  242.065674][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.99-syzkaller #0
[  242.073506][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  242.083563][   T28] Call Trace:
[  242.086844][   T28]  <TASK>
[  242.089776][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  242.094477][   T28]  ? nf_tcp_handle_invalid+0x642/0x642
[  242.099947][   T28]  ? panic+0x764/0x764
[  242.104020][   T28]  ? vprintk_emit+0x622/0x740
[  242.108711][   T28]  ? printk_sprint+0x490/0x490
[  242.113480][   T28]  ? nmi_cpu_backtrace+0x252/0x560
[  242.118602][   T28]  nmi_cpu_backtrace+0x4e1/0x560
[  242.123551][   T28]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  242.129711][   T28]  ? _printk+0xd1/0x111
[  242.133865][   T28]  ? panic+0x764/0x764
[  242.137928][   T28]  ? __wake_up_klogd+0xcc/0x100
[  242.142780][   T28]  ? panic+0x764/0x764
[  242.146858][   T28]  ? nmi_trigger_cpumask_backtrace+0xe2/0x3f0
[  242.152939][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  242.159013][   T28]  nmi_trigger_cpumask_backtrace+0x1b0/0x3f0
[  242.165009][   T28]  watchdog+0xf88/0xfd0
[  242.169207][   T28]  ? watchdog+0x1f8/0xfd0
[  242.173558][   T28]  kthread+0x28d/0x320
[  242.177632][   T28]  ? hungtask_pm_notify+0x50/0x50
[  242.182666][   T28]  ? kthread_blkcg+0xd0/0xd0
[  242.187259][   T28]  ret_from_fork+0x1f/0x30
[  242.191697][   T28]  </TASK>
[  242.196024][   T28] Sending NMI from CPU 0 to CPUs 1:
[  242.196684][ T3565] Bluetooth: hci1: command 0x0406 tx timeout
[  242.201257][    C1] NMI backtrace for cpu 1
[  242.201267][    C1] CPU: 1 PID: 3565 Comm: kworker/u5:5 Not tainted 6.1.99-syzkaller #0
[  242.201301][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  242.201315][    C1] Workqueue: hci1 hci_cmd_timeout
[  242.201344][    C1] RIP: 0010:__lock_acquire+0x796/0x1f80
[  242.201376][    C1] Code: 00 81 e3 ff 1f 00 00 48 89 d8 48 c1 e8 06 48 8d 3c c5 20 c2 49 90 be 08 00 00 00 e8 64 a4 77 00 48 0f a3 1d dc 4a df 0e 73 1b <48> 8d 04 5b 48 c1 e0 06 48 8d 98 20 21 19 90 48 ba 00 00 00 00 00
[  242.201390][    C1] RSP: 0018:ffffc900001e0980 EFLAGS: 00000057
[  242.201405][    C1] RAX: 0000000000000001 RBX: 0000000000000abf RCX: ffffffff816a773c
[  242.201417][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff9049c370
[  242.201429][    C1] RBP: ffff88807a3346d0 R08: dffffc0000000000 R09: fffffbfff209386f
[  242.201442][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000002
[  242.201453][    C1] R13: ffff88807a3346d0 R14: 0000000000000002 R15: 1ffff1100f466802
[  242.201465][    C1] FS:  0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[  242.201480][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  242.201492][    C1] CR2: 000000002002f000 CR3: 0000000050fe0000 CR4: 00000000003506e0
[  242.201507][    C1] Call Trace:
[  242.201512][    C1]  <NMI>
[  242.201518][    C1]  ? nmi_cpu_backtrace+0x3de/0x560
[  242.201547][    C1]  ? read_lock_is_recursive+0x10/0x10
[  242.201571][    C1]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  242.201605][    C1]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  242.201629][    C1]  ? nmi_handle+0x12e/0x440
[  242.201653][    C1]  ? nmi_handle+0x25/0x440
[  242.201676][    C1]  ? __lock_acquire+0x796/0x1f80
[  242.201698][    C1]  ? default_do_nmi+0x62/0x150
[  242.201715][    C1]  ? exc_nmi+0xa8/0x100
[  242.201729][    C1]  ? end_repeat_nmi+0x16/0x31
[  242.201756][    C1]  ? __lock_acquire+0x78c/0x1f80
[  242.201778][    C1]  ? __lock_acquire+0x796/0x1f80
[  242.201801][    C1]  ? __lock_acquire+0x796/0x1f80
[  242.201824][    C1]  ? __lock_acquire+0x796/0x1f80
[  242.201846][    C1]  </NMI>
[  242.201851][    C1]  <IRQ>
[  242.201863][    C1]  lock_acquire+0x1f8/0x5a0
[  242.201884][    C1]  ? __lock_task_sighand+0x25/0x2d0
[  242.201909][    C1]  ? read_lock_is_recursive+0x10/0x10
[  242.201934][    C1]  ? read_lock_is_recursive+0x10/0x10
[  242.201958][    C1]  ? read_lock_is_recursive+0x10/0x10
[  242.201981][    C1]  ? do_raw_spin_lock+0x14a/0x370
[  242.201999][    C1]  __lock_task_sighand+0x45/0x2d0
[  242.202020][    C1]  ? __lock_task_sighand+0x25/0x2d0
[  242.202040][    C1]  ? __lock_task_sighand+0x25/0x2d0
[  242.202063][    C1]  send_sigqueue+0x1de/0x720
[  242.202085][    C1]  ? send_sigqueue+0x107/0x720
[  242.202108][    C1]  ? sigqueue_free+0x1e0/0x1e0
[  242.202132][    C1]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  242.202154][    C1]  posix_timer_fn+0x186/0x390
[  242.202174][    C1]  ? common_timer_wait_running+0x10/0x10
[  242.202192][    C1]  __hrtimer_run_queues+0x5e5/0xe50
[  242.202219][    C1]  ? hrtimer_interrupt+0x980/0x980
[  242.202237][    C1]  ? ktime_get_update_offsets_now+0x407/0x420
[  242.202263][    C1]  hrtimer_interrupt+0x392/0x980
[  242.202292][    C1]  __sysvec_apic_timer_interrupt+0x156/0x580
[  242.202314][    C1]  sysvec_apic_timer_interrupt+0x8c/0xb0
[  242.202332][    C1]  </IRQ>
[  242.202336][    C1]  <TASK>
[  242.202341][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  242.202370][    C1] RIP: 0010:vprintk_emit+0x4fa/0x740
[  242.202394][    C1] Code: 21 e3 0f 85 ad 01 00 00 e8 63 98 1c 00 44 8b 24 24 4d 85 ff 75 07 e8 55 98 1c 00 eb 06 e8 4e 98 1c 00 fb 48 c7 c7 00 6f 00 8d <31> f6 ba 01 00 00 00 31 c9 41 b8 01 00 00 00 45 31 c9 41 56 e8 ad
[  242.202406][    C1] RSP: 0018:ffffc9000411f900 EFLAGS: 00000293
[  242.202419][    C1] RAX: ffffffff816dfe02 RBX: 0000000000000000 RCX: ffff88807a333b80
[  242.202430][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8d006f00
[  242.202440][    C1] RBP: ffffc9000411f9f0 R08: ffffffff816dfddf R09: fffffbfff2093860
[  242.202452][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 000000000000002a
[  242.202463][    C1] R13: dffffc0000000000 R14: ffffffff816dfc50 R15: 0000000000000200
[  242.202475][    C1]  ? vprintk_emit+0x340/0x740
[  242.202499][    C1]  ? vprintk_emit+0x4cf/0x740
[  242.202521][    C1]  ? vprintk_emit+0x4f2/0x740
[  242.202547][    C1]  ? look_up_lock_class+0x77/0x140
[  242.202565][    C1]  ? printk_sprint+0x490/0x490
[  242.202587][    C1]  ? register_lock_class+0x100/0x990
[  242.202611][    C1]  ? is_dynamic_key+0x260/0x260
[  242.202636][    C1]  _printk+0xd1/0x111
[  242.202655][    C1]  ? panic+0x764/0x764
[  242.202676][    C1]  bt_err+0x123/0x170
[  242.202692][    C1]  ? process_one_work+0x86a/0x11d0
[  242.202710][    C1]  ? bt_warn+0x170/0x170
[  242.202725][    C1]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  242.202748][    C1]  ? print_irqtrace_events+0x210/0x210
[  242.202770][    C1]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  242.202791][    C1]  ? do_raw_spin_unlock+0x137/0x8a0
[  242.202808][    C1]  hci_cmd_timeout+0xd9/0x1e0
[  242.202823][    C1]  ? process_one_work+0x7a9/0x11d0
[  242.202840][    C1]  process_one_work+0x8a9/0x11d0
[  242.202864][    C1]  ? worker_detach_from_pool+0x260/0x260
[  242.202884][    C1]  ? _raw_spin_lock_irqsave+0x120/0x120
[  242.202903][    C1]  ? kthread_data+0x4e/0xc0
[  242.202927][    C1]  ? wq_worker_running+0x97/0x190
[  242.202952][    C1]  worker_thread+0xa47/0x1200
[  242.202971][    C1]  ? __sched_text_start+0x8/0x8
[  242.203003][    C1]  kthread+0x28d/0x320
[  242.203015][    C1]  ? worker_clr_flags+0x190/0x190
[  242.203049][    C1]  ? kthread_blkcg+0xd0/0xd0
[  242.203065][    C1]  ret_from_fork+0x1f/0x30
[  242.203094][    C1]  </TASK>
[  242.305751][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  242.305767][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.99-syzkaller #0
[  242.305787][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  242.305799][   T28] Call Trace:
[  242.305806][   T28]  <TASK>
[  242.305814][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  242.305853][   T28]  ? nf_tcp_handle_invalid+0x642/0x642
[  242.305883][   T28]  ? panic+0x764/0x764
[  242.305904][   T28]  ? llist_add_batch+0x160/0x1d0
[  242.305934][   T28]  ? vscnprintf+0x59/0x80
[  242.305959][   T28]  panic+0x318/0x764
[  242.305981][   T28]  ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0
[  242.306013][   T28]  ? memcpy_page_flushcache+0xfc/0xfc
[  242.306039][   T28]  ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0
[  242.306068][   T28]  ? nmi_trigger_cpumask_backtrace+0x33a/0x3f0
[  242.306107][   T28]  ? nmi_trigger_cpumask_backtrace+0x33f/0x3f0
[  242.306140][   T28]  watchdog+0xfc7/0xfd0
[  242.306176][   T28]  ? watchdog+0x1f8/0xfd0
[  242.306204][   T28]  kthread+0x28d/0x320
[  242.306221][   T28]  ? hungtask_pm_notify+0x50/0x50
[  242.306243][   T28]  ? kthread_blkcg+0xd0/0xd0
[  242.306262][   T28]  ret_from_fork+0x1f/0x30
[  242.306300][   T28]  </TASK>
[  242.309719][   T28] Kernel Offset: disabled
[  242.870133][   T28] Rebooting in 86400 seconds..