last executing test programs:

5m36.504733191s ago: executing program 0 (id=554):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000152,iocharset=iso8859-1,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646973636172642c00214b3cf244ea5fb7437f2c69f67a093e240a6e978fa4cd2d"], 0x1, 0x14fe, &(0x7f0000002a80)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSEhL2/9J78L5v7/f1ff/e/993fbN+17Wv2WvuZ61n3bPmmue+n+ua57ueo+q1qF+7GRGJPwT+/CVFCBEjhBgmhLhOCBEIISrFV4q/fLyAgpQ/9iTs3+vh9KvdAbuaeP55G88/b+P55208/7yN55+38fzzNp5/3sbzZywv2z6n2PW88u7i9//zMn79/18kt/zkrzaWv7HXfyOF55+38fzzNp5/3sbzz9t4/nkbz/9/v1r/yTGef97G82csL9sOWoj/Ae9D87o662r//jHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYyxvO+Su0EOKv+6vdF2OMMcYYY4wxxv59fP6r3QFjjDHGGGOMMcb+3wMhhRJaBCKfyC9iRAERK64RceJaUVBcJyLiehEvbhCFxI2isCgiiopiIkEUFyWEESisIBGKkqKUiIqbRGlxs0gUZURZUU44UV4kiVtEBXGrqChuE5XE7aKyuENUEVVFNVFd3ClqiLtETVFL1BZ3izqirqgn6ot7RANxr2go7hONxP2isXhANBEPiqbiIdFMPCyai0dEC/GoaCkeE61Ea9FGtBXt/q/yXxJ9xcuin+gvUsQAMVC8IgaJwWKIGCqGiVfFcPGaGCFeF6lipBgl3hCjxZtijHhLjBXjxHjxtpggJopJYrKYIqaKNPGOmCbeFdPFe2KGmClmidkiXcwRc8X7Yp6YLxaID8RC8aFYJBaLJWKpyBAfiUyxTGSJj8Vy8YnIFivESrFKrBZrxFqxTqwXG8RGsUlsFlvEVrFNbBefih1ip9gldos9Yq/YJz4T+8Xn4oD4QuSIL/+b+Wf/Kb8XCBAgQYIGDfkgH8RADMRCLMRBHBSEghCBCMRDPBSCQlAYCkNRKAoJkAAloAQgIBAQlISSEIUolIbSkAiJUBbKggMHSZAEFeBWqAgVoRJUgspQGapAVagK1aE61IAaUBNqQm2oDXWgDtSDenAP3AP3QkNoCI2gETSGxtAEmkBTaArNoBk0h+bQAlpAS2gJraAVtIE20A7aQXtoDx2gA3SCTtAZOkMX6ALJkAxdoSt0g27QHbpDD+gBPaEn9ILe0BtegpfgZXgZ+kMdOQAGwkAYBINgCAyFofAqDIfX4DV4HVJhJIyCN+ANeBPGwBkYC+NgPIyHGnIiTILJQHIqpEEaTINpMB2mwwyYCTNhNqTDHJgLc2EezIf58AEshA/hQ1gMi2EpZEAGZMIyyIIsWA5nIRtWwEpYBathDayGdbAe1sFG2AQbYQtsgW2wDT6FT2En7ITdsBv2wl74DD6Dz+FzSIUcyIGDcBAOwSE4DIchF3LhCByBo3AUjsExOA7H4QSchFNwEk7DaTgDZ+EcnIPzcB4uwAsJ3zTfW2ZDqpCXaallPplPxsgYGStjZZyMkwVlQRmRERkv42UhWUgWloVlUVlUJsgEWUKWkChRkgxlSVlSRmVUlpalZaJMlGVlWemkk0kySVaQFWRFWVFWkrfLyvIOWUVWlR1ddVld1pCdXE1ZS9aWtWUdWVfWk/VlfdlANpANZUPZSDaSjWVj2UQ+KJvKATAEHpaXJ9NCjoSWchS0kq1lG9lWvgmPy/ZyDHSQHWUn+aQcB2Ohi2zvkuUzsqucBN3kc3IyPC97yKnQU74oe8neso98SfaVHVw/2V/OgAFyoJwNg+RgOUQOlfOgrrw8sXrydZkqR8pR8g25FN6UY+RbcqwcJ8fLt+UEOVFOkpPlFDlVpsl35DT5rpwu35Mz5Ew5S86W6XKOnCvfl/PkfLlAfiAXyg/lIrlYLpFLZYb8SGbKZTJLfiyXy09ktlwhV8pVcrVcI9fKdXK93CA3yk1ys9wit8ptcrv8VO6QO+UuuVvukXvlPvmZ3C8/lwfkFzJHfikPyj/JQ/IreVh+LXPlN/KI/FYeld/JY/J7eVz+IE/Ik/KU/FGelj/JM/KsPCd/luflL/KCvCgvSS+FAiWVUloFKp/Kr2JUARWrrlFx6lpVUF2nIup6Fa9uUIXUjaqwKqKKqmIqQRVXJZRRqKwiFaqSqpSKqptUaXWzSlRlVFlVTjlVXiWpW1QFdauqqG5TldTtqrK6Q1VRVVU1VV3dqWqou1RNVUvVVnerOqquqqfqq3tUA3WvaqjuU43U/aqxekA1UQ+qpuoh1Uw9rJqrR1QL9ahqqR5TrVRr1Ua1Ve3U46q9ekJ1UB1VJ/Wk6qyeUl3U0ypZPaO6qmdVN/Wc6q6eVz3UC6qnelH1Ur1VH3VRXVJe9VP9VYoaoAaqV9QgNVgNUUPVMPWqGq5eUyPU6ypVjVSj1BtqtHpTjVFvqbFqnBqv3lYT1EQ1SU1WU9RUlabeUdPUu2q6ek/NUDPVLDVbpas5ashfKi34L+S/+y/yR/z67NvUdvWp2qF2ql1qt9qj9qp9ap/ar/arA+qAylE56qA6qA6pQ+qwOqxyVa46oo6oo+qoOqaOqePquDqhTqqf1Y/qtPpJnVFn1Vn1szqvzqsLf/kZCA1aaqW1DnQ+nV/H6AI6Vl+j4/S1uqC+Tkf09Tpe36AL6Rt1YV1EF9XFdIIurktoo1FbTTrUJXUpHdU36dL6Zp2oy+iyupx2urxO0rf84fzf66+dbqfb6/a6g+6gO+lOurPurLvoLjpZJ+uuuqvuprvp7rq77qF76J66p+6le+k+uo/uq/vqfrqfTtEpeqB+RQ/Sg/UQPVQP06/q4Xq4HqFH6FSdqkfpUXq0Hq3H6DF6rB6rx+vxeoKeoCfpSXqKnqLTdJqepqfp6Xq6nqFn6Fl6lk7X6Xqunqvn6Xl6gV6gF+qFepFepJfoJTpDZ+hMnamzdJZerpfrbL1Cr9Cr9Cq9Rq/R6/Q6vUFv0Jv0Jr1Fb9HZervernfoHXqX3qX36D16n96n9+v9+oA+oHN0jj6oD+pD+pA+rA/rXJ2rj+gj+qg+qo/pY/q4Pq5P6BP6lD6lT+vT+ow+o8/pc/q8Pq8v6Av6kr50+bIvkIEMdKCDfEG+ICaICWKD2CAuiAsKBgWDSBAJ4oP4oFBwY1A4KBIUDYoFCUHxoERgAgxsQEEYlAxKBdHgpqB0cHOQGJQJygblAheUD5KCW4IKwa1BxeC2oFJwe1A5uCOoUkAE1YLqwZ1BjeCuoGZQK6gd3B3UCeoG9YL6wT1Bg+DeoGFwX9AouD9oHDwQNAkeDJoGDwXNgoeD5sEjQYvg0aBl8FjQKmgdtAnaBu3+uX5Q9Q/U9/5MkSdcP9PfpJgBZqB5xQwyg80QM9QMM6+a4eY1M8K8blLNSDPKvGFGmzfNGPOWGWvGmfHmbTPBTDSTzGQzxUw1aeYdM828a6ab98wMM9PMMrNNuplj5pr3zTwz3ywwH5iF5kOzyCw2S8xSk2E+MplmmckyH5vl5hOTbVaYlWaVWW3WmLVmnVlvNpiNZpPZbLaYrWab2W4+NTvMTrPL7DZ7zF6zz3xm9pvPzQHzhckxX5qD5k/mkPnKHDZfm1zzjTlivjVHzXfmmPneHDc/mBPmpDllfjSnzU/mjDlrzpmfzXnzi7lgLppLxl++uL/88o4aNebDfBiDMRiLsRiHcVgQC2IEIxiP8VgIC2FhLIxFsSgmYAKWwBJ4GSFhSSyJUYxiaSyNiZiIZbEsOnSYhElYAStgRayIlbASVsbKWAWrYDWshnfinXgX3oW1sBbejXdjXayL9bE+NsAG2BAbYiNshI2xMTbBJtgUm2IzbIbNsTm2wBbYEltiK2yFbbANtsN22B7bYwfsgJ2wE3bGztgFu2AyJmNX7IrdsBt2x+7YA3tgT+yJvbAX9sE+2Bf7Yj/shymYggNxIA7CQTgEh+AwHIbDcTiOwBGYiqk4CkfhaByNY3AMjsVxOB7fxgk4ESfhZJyCUzEN03AaTsPpOB1n4AychbMwHdNxLs7FeTgPF+ACXIgLcREuwiW4BDMwAzMxE7MwC5fjcszGbFyJK3E1rsa1uBbX43rciBtxM27GrbgVt+N23IE7cBfuwj24B/fhPtyP+/EAHsAczMGDeBAP4SE8jIcxF3PxCB7Bo3gUj+ExPI7H8QSewFN4Ck/jaTyDZ/AcnsPz+AtewIt4CT3GWCli7TU2zl5rC9rrbIwtYP8+LmqL2QRb3Jawxha2Rf4hRmttoi1jy9py1tnyNsne8pu4iq1qq9nq9k5bw95la/4mbmDvtQ3tfbaRvd/Wt/f8Q9zYPmCb2EdtU/uYbWZb2+a2rW1hH7Ut7WO2lW1t29i2trN9ynaxT9tk+4ztap/9TZxpl9n1doPdaDfZ/fZze87+bI/a7+x5+4vtZ/vbYfZVO9y+ZkfY122qHfmbeLx9206wE+0kO9lOsVN/E8+ys226nWPn2vftPDv/N3GG/cgutFl2kV1sl9ilv8aXe8qyH9vl9hObbVfYlXaVXW3X2LV23d96XWW32K12m91nP7M77E67y+62e+zeX+PL53HAfmFz7Jf2iP3WHrJf2cP2mM213/waXz6/Y/Z7e9z+YE/Yk/aU/dGetj/ZM/bsr+d/+dx/tBftJeutICBJijQFlI/yUwwVoFi6huLoWipI11GErqd4uoEK0Y1UmIpQUSpGCVScSpAhJEtEIZWkUhSlm6g03UyJVIbKUjlyVJ6S6BaqQLdSRbqNKtHtVJnuoCpUlapRdbqTatBdVJNqUW26m+pQXapH9ekeakD3UkO6jxrR/dSYHqAm9CA1pYeoGT1MzekRakGPUkt6jFpRa2pDbakdPU7t6QnqQB2pEz1Jnekp6kJPUzI9Q13pWepGz1F3ep560AvUk16kXtSb+tBL1Jdepn7Un1JoAA2kV2gQDaYhNJSG0as0nF6jEfQ6pdJIGkVv0Gh6k8bQWzSWxtF4epsm0ESaRJNpCk2lNHqHptG7NJ3eoxk0k2bRbEqnOTSX3qd5NJ8W0Ae0kD6kRbSYltBSyqCPKJOWURZ9TMvpE8qmFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbadPaQftpF20m/bQXtpHn9F++pwO0BeUQ1/SQfoTHaKv6DB9Tbn0DR2hb+kofUfH6Hs6Tj/QCTpJp+hHOk0/0Rk6S+foZzpPv9AFukiXyJMIIZShCnUYhPnC/GFMWCCMDa8J48Jrw4LhdWEkvD6MD28IC4U3hoXDImHRsFiYEBYPS4QmxNCGFIZhybBUGA1vCkuHN4eJYZmwbFgudGH5MCm8JawQ3hpWDG8LK4W3h5XDO8IqYdXw0furh3eGNcK7wpphrbB2eHdYJ6wb1gvrh/eEDcJ7w4bhfWGj8P6wYvhA2CR8MGwaPhQ2Cx8Om4ePhC3CR8OW4WNhq7B12CZsG7YLHw/bh0+EHcKOYafwybBz+FTYJXw6TA6fCbuGz/7u8ZRwQDgwfCV8JfT+PrUkujSaEf0omhldFs2KfhxdHv0kmh1dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vn5+4cBJp5x2gcvn8rsYV8DFumtcnLvWFXTXuYi73sW7G1whd6Mr7Iq4oq6YS3DFXQlnHDrryIWupCvlou4mV9rd7BJdGVfWlXPOlXdJrq1r59q59u4J18F1dJ3ck+5J95R7yj3tnnbPuK7uWdfNPee6u+ddD/eCe8G96Hq53q6Pe8n1dS+7fq6/S3EpbqAb6Aa5QW6IG+KGuWFuuBvuRrgRLtWlulFulBvtRrsxbowb68a68W68m+AmuElukpviprg0l+amuWluupvuZrgZbpab5dJdupvr5rp5bp5b4Ba4hYkL3SK3yC1xS1yGy3CZLtNluSy33C132S7brXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9wut8vtcXvcPrfP7Xf73QF3wOW4HHfQHXSH3CF32H3tct037oj71h1137lj7nt33P3gTriT7pT70Z12P7kz7qw75352590v7oK76C4579Ii70SmRd6NTI+8F5kRmRmZFZkdSY/MicyNvB+ZF5kfWRD5ILIw8mFkUWRxZElkaSQj8lEkM7IskhX5OLI88kkkO7IisjKyKrI6sibiffEdoS/pS/mov8mX9jf7RF/Gl/XlvPPlfZK/xVfwt/qK/jZfyd/uK/s7fBVf1Vfzj/lWvrVv49v6dv5x394/4Tv4jr6Tf9J39k/5Lv5pn+yf8V39s76bf85398/7Hv4F39O/6Hv53r6Pf8n39S/7fr6/T/ED/ED/ih/kB/shfqgf5l/1w/1rfoR/3af6kX6Uf8OP9m/6Mf4tP9aP8+P9236Cn+gn+cl+ip/q0/w7fpp/10/37/kZfqaf5Wf7dD/Hz/Xv+3l+vl/gP/AL/Yd+kV/sl/ilPsN/5DP9Mp/lP/bL/Sc+26/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v91/6nf4nX6X3+33+L1+n//M7/ef+wP+C5/jv/QH/Z/8If+VP+y/9rn+G3/Ef+uP+u/8Mf+9P+5/8Cf8SX/K/+hP+5/8GX/Wn/M/+/P+F3/BX/SX+H/WGGOMMcb+S9TvHB/wL74n/7IuGyiEuHZnsdx/rrm58J/3g2VC54gQ4pn+PR/+66pTJyUl5S+PzVYiKLVYCBG5kp9PXIlXiE7iKZEsOooK/7K/wbL3efqd+tHbhYj9W+dCxIi/xn9f/9b/oP7jT47PrByei/9P6i8WIrHUlZwC4kp8pX7F/6B+kfa/03+Br9KE6PB3OXHiSnylfpJ4Qjwrkv/hkYwxxhhjjDHG2J8NltW6/9798+X78wR9JSe/uBL/3v05Y4wxxhhjjDHGrr7ne/d5+vHk5I7decMb3vDmb5ur/ZeJMcYYY4wx9u925aL/anfCGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4zlXf8/Pk7sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//JhA6YA==")
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/netfilter\x00')
r1 = fanotify_init(0x40, 0x40000)
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/175, 0xaf}], 0x1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0xa880, 0x97)
fanotify_mark(r1, 0x1, 0x40001019, r2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
getdents64(r0, &(0x7f0000000140)=""/48, 0x30)

5m35.330193072s ago: executing program 0 (id=559):
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$hfs(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1214080, &(0x7f0000000140)={[{@uid}, {@codepage={'codepage', 0x3d, 'iso8859-15'}}, {@gid}, {@dir_umask={'dir_umask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@part={'part', 0x3d, 0x800}}, {@creator={'creator', 0x3d, "5863953a"}}]}, 0x1, 0x31c, &(0x7f0000000940)="$eJzs3U1P1EAcBvBn2u6yKwQrYEg8oiSeCOBB40ViiBe/gAdDRFgTQsVEMVES4+rZGG8mJh69eTb6FfRi/AJ64mA86YV4sGZmOn1Zpt2ywBayzy9h2bbz8p9OX2aWLAURDayri9/fXdiWP6IGwAVwGXAANAAPwGlMNh5ubK5tBq3VooJclUP+COicYlealY2WLavMp3JEfLnkYSS9jg5HGIbhj66pfvclFqqO0Of+Lg4wFJ2danuj75EdjrZu12BJ9bDYwQ4eYbTKcIiIqHrR/d+J7hIj0fjdcYDpaBx+3O//mfHNTnVxHAnx/d/Ry6GQ++ek2pTM99QUTva+Y2aJtrL0MTGSXRkmu7sOfWRlOkB0m1WqWJzmnbWgNdNWBTzHlUgq2YR6XYVpiJIXbV3/mrLMTQsUtb3YsGpDTbZhPif+8T3X+OknXturW/pSIibxWXwVS8LHG6zG4z8vFHLnqP3jd/SUjn82v0TVSl+nyrQymb+fUpWcMT3w8X3Symbefm3AlbHYyFJE5/jdN3G+qufnwhiyHyvo1s3lt07lGrfmmo+X/1pzTXTmanq1oDWzci8o/CjlwFhndOKluCGm8AsfsJga/zsy9TTyz8zMlV+olNGRUdgeT6XM6ccMdQLftZyZTonMA+2ataOLvcBtXMLog8db68tB0Lpf/RtzqhyRePSBGB2Oco38nUqDhnxTA3Bglf4Lw9C6yUM/mlxTTb34Nmny1vqyaOvF/VWBdlyg2bSQnxjAAoBojbki9FL70zjXUFJgqex/ZG+rNfYD0kTVhwPSVJXZ5GKo1JnS7KHS60/Wl4OerkR0zCSdjsmbVQdDVZDDK6Hnf6n5yqy66sgXv2A2EnYrPFXiXM4MaEy9nig3g4uLzZ3BDZs3XeZcZ88D5zpqdGBqfNZZrB/FiaP4V8m9/ylDLOIbbvHzfyIiIiIiIiIiIiIiIiIiIiIiIiKi42av30bo5esE2Rq3B/AfbxARERERERERERERERERERERERERERER7U/q+b+Aq54YU6/8+b9uief/mudSEFHP/gcAAP//NBBgTQ==")
r5 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x8)
getdents64(r5, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000000)=""/148, 0x94)
mkdir(0x0, 0x92)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

5m32.148782279s ago: executing program 0 (id=576):
creat(&(0x7f0000000140)='./file0\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
chmod(&(0x7f0000000000)='./file0\x00', 0x6)

5m31.541700344s ago: executing program 0 (id=579):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000640)={[{@lazytime}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@barrier_val}, {@journal_dev={'journal_dev', 0x3d, 0x5}}, {@dioread_lock}, {@data_err_ignore}, {@noinit_itable}, {@resgid={'resgid', 0x3d, 0xee00}, 0x32}]}, 0x9b, 0x4fc, &(0x7f0000000140)="$eJzs3U1rHOcdAPD/jLR+lSuZ9uAa6praRXJb70pWbYse3BdKezK0dS+91FallRBaaYV2ZVvCtDL9AIVS2kKh0FMvgXyAQPBHCAFDcg9JSAiJnRx8SLxh32Rb3pVkvNIa7e8Ho3meZ2b0f/677Ow+M8NMAD3rdESciYjHlUrlXEQMNtrTxvSDamW9vt7DB3emqlMSlcq1T5OIpN5WXWXkqf95tL5JHIqI3/064k/J83FLq2vzk4VCfrlRz5UXlnKl1bXzcwuTs/nZ/OL4+NilicsTFydGO5LnQERc+eWH//zb/3915c0f3Xrv+scjf04a7RFP8ui0euqZ2mvR1B8Ry7sRrAv6Gvlkmg0t3msAAF4dzd/534uIczEYfbVfcwAAAMB+UvnpQHzZF1EBAAAA9q20dg1skmYb1wEMRJpms/VreL8VR9JCsVT+4UxxZXG6fq3sUGTSmblCfrRxrfBQZJJqfaxWflK/sKk+HhHHI+Ifg4dr9exUsTDd7YMfAAAA0COObhr/fzFYH/8DAAAA+8xQtzsAAAAA7DrjfwAAANj/jP8BAABgX/vN1avVqdJ8/vX0zdWV+eLN89P50nx2YWUqO1VcXsrOFouztXv2LbT5NxsPDSwUi0s/jsWV27lyvlTOlVbXri8UVxbL1+eeeQQ2AAAAsIeOf/feu0lErP/kcG2qOtDtTgF7ov9FVv5g9/oB7L2+bncA6JoX+v4H9pVMtzsAdF0SEf/dYnnbi3fe2p3+AAAAnTf87dbn/9Ntjw2sp3vURWCXOP4Hvcv5f+hdzv9D78pEXxjIQ29Ltln+8uf/K5UX6hAAANBxA7UpSbONc/4DkabZbMSx2mMBMsnMXCE/GhHfiIh3BjMHq/Wx2pbJtmMGAAAAAAAAAAAAAAAAAAAAAAAAAKCuUkmiAgAAAOxrEelHSeP5X8ODZwc2Hx84kDwarM0j4tZ/rv3r9mS5vDxWbf9so73870b7hW4cwQAAAAA2a47Tm+N4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOikhw/uTDWnvYz7yc8jYqhV/P44VJsfikxEHPk8if6ntksioq8D8dfvRsQv/tgiflLtVgw1etEq/uFOxT/RKv+t46cRcbQD8aGX3avuf37W6vOXxunafPPn7+DGtv0diN9+/5du7P/62ux/ju0wxsn7r+faxr8bcbK/9f6nGT9pE//MDuPf+P3aWrtllf9FDLf8/kmeiZUrLyzlSqtr5+cWJmfzs/nF8fGxSxOXJy5OjOZm5gr5xt+WMf7+nTceb5X/kTbxh7bJ/+wO8//q/u0H36wXM63ij5xp/f6faBM/bXz3fb9Rri4fbpbX6+WnnXrt7VNb5T/dJv/t3v+RHeZ/7rd/fX+HqwIAe6C0ujY/WSjkl3u68FKvRvVn0SuRhcJ2hUpj8NZs+cumdZKI9Vekq10vND8Tj7qzYwIAADru+THwTtzYvQ4BAAAAAAAAAAAAAAAAAABAD+rMPcOa98T+w5Z312tar8+euxcyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA3fR0AAP//HxDPXg==")
socket$nl_route(0x10, 0x3, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020)

5m30.905278597s ago: executing program 0 (id=583):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r0, 0xd000943d, &(0x7f0000000a00)={0x8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r1=>0x0}], 0x6, "2e7760292ad7ee"})
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000001a00)={{r1, 0xfffffffffffffff7, 0x4, 0xdc4d, 0x4, 0x4, 0xff, 0x3, 0x7f, 0x0, 0x2, 0x8000, 0x3, 0x5, 0x56}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
futex(0xfffffffffffffffc, 0x80, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r2, 0x4b6a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x5, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x3a}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x94)
ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x1f, 0x3, 0x10a, &(0x7f0000000600)="d89e99c51101e48c35e16d35a7e4586b3cdd69b83a885370adf2213336d1369673006c0d246f2f3c34fb98167858ec3157e5bab6bd60b4d13f933a3135e671873d731e03a772c043ac95555eac03dc3be884276126d39614e6ceb16f797700197828d98d113ba7c538f35ae868346df47af12d1bac867c583e492636fa383a568d35efcf9b63e9e23f5e556d1ec43f015e530826c70c0386b7e27f9ed5e1b090842e7d859b6c4114f9591317f7ddd71dc4146f1bbac73abb5cba13a64de9179e39fa16a5dd17c3b2044338624913dab0026708cbb2dc3357e9bdc53004098a942036f7b5740fada92ea6729a5ba32a365a62737cb920152ee3a5c0859577eceb541888c89f0351d8a9cabcd059d5857d0ca75868a89d1b2ed3c24f03383ce5e8a6bbbf5f69443930bd1575517245bd1d98a85bb6b063f514828ff6494e0cae83a039914c30d4dab48838df7dcae08c53a754e7a4778284b52ab18efcc3be6f2ac1d99fe17899d685be2c38a4bf42d6c43a954c0789e9b42cd0f432b0f67c2454ce7510daabf68f6f557f2179aaf7a0a04440435362aa2435558f4b8fa0319f537391cf0175b8bc04f29be2e51b6ad6b479d5e503c6f4776ace296e158bdf94f6e659b2bac1ac51ecbeeca76f545a076f738c9a373a1dde216388bcf5c2750e336397ca528ed46e2e089f8d9aed599848fe218649e8cbae4d9a1c1e60c3de73a0058dede241b5650c6d3b5d7628a2d2cb96e66636d531cbd9a8d6bec75eb73a459d367e9cd92c186848b0b216e8355f24300fcb7b6b0bec18314b1e2d7b7cbb0b8fa03e5ef5cbd91624b2ba51e1927950f2862e6461f9048ac2a7defce4e52a64f14119f8a65b0fb99797e636e11b2aac072b91da69cc098377e0606e76f5d949c5a7a37177b926e828680aab09e3ad7c3a882ccd3b5fc7ce0290b057601b7ede146243eac623edd1caaaedf7927c6c87d89bf2f5d40ccda2d2a40a5b5d1c834fdc5263f63f6ebaaf5d2811d649f9d30fe814755f403d048f36e522a2a88fb195a5625b359a24001d7fb9f5dbba01766c876cbd925f915a2510883d637c9ee91c767ba721b52ae0a7a7ad33153d9bfb38b475a9a8a97c71c1c681e1aa6040410cc6ac8c444e99e3d01ce13808db38683dada60230780c8402260ee1b72072c97f5b27c5408a18b51bbea3e579d0a5b2156e031cf77f0bfabdbce53850c8cd7dcd697b4ece68b2d2ae557f7737d26963360b4aa9c296c18ae27ce69b1f73c603d167c78afb1ea3fdc798ec31d3b4341371f1205d53d56ccda8781eb159b7b7664db5cbd45ca216144f07e20d7b38ec6f2632fc07bb6d4ad9188259a7b1b601a72e60777c6b8eab918bcf0a49ca9e33e0bee5295aede0f39b8aa390d908536d4da184f8ee2155d0ad5a0f585ecd994930f5d5e8b6bee0bf5955adca48960c5954ea"})
r6 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r6, 0xc0045516, &(0x7f0000000000)=0xffb)
ioctl$TIOCGPKT(r2, 0x80045438, &(0x7f0000000180))
socket$inet_udplite(0x2, 0x2, 0x88)
r7 = epoll_create(0xb3)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000080)={0x40002009})
epoll_wait(r7, &(0x7f0000000240)=[{}], 0x1, 0x10001)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@const={0x0, 0x0, 0x0, 0x9, 0x4}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @restrict={0x0, 0x0, 0x0, 0xb, 0x3}]}}, 0x0, 0x5a}, 0x20)

5m27.387712063s ago: executing program 0 (id=595):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000004c0)={r1, 0x3, 0x6, @broadcast}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup(r4)
ioctl$SIOCSIFHWADDR(r5, 0x8914, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

5m26.018279604s ago: executing program 32 (id=595):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000004c0)={r1, 0x3, 0x6, @broadcast}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup(r4)
ioctl$SIOCSIFHWADDR(r5, 0x8914, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

3m24.576951167s ago: executing program 1 (id=986):
mkdirat(0xffffffffffffff9c, 0x0, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)

3m23.935657724s ago: executing program 1 (id=987):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x400, 0x802, 0xff, 0x1b, 0x402, 0xfffd})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

3m23.102530389s ago: executing program 1 (id=989):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
add_key$fscrypt_v1(&(0x7f00000000c0), &(0x7f0000000300)={'fscrypt:', @desc1}, 0x0, 0x0, 0xffffffffffffffff)
socket$key(0xf, 0x3, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r2, 0x5452, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f00000000c0))
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690add", 0x4}], 0x0, 0x1)

3m21.918492822s ago: executing program 1 (id=992):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000840)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00', @ANYRES8, @ANYRES16=0x0, @ANYRESHEX=0x0], 0x1, 0x2c3, &(0x7f00000002c0)="$eJzs3b1ra2UYAPDnpPlCh0RwEsEDOjhdbu/qkiK9cDGTkkEd9OK9F6QJQgsFPzDt5Oqim6uLILj5T7j4HwiugpsdCkdOzjn5Mo2JNK16f7+lb973efI+7zmnLR3y9P0XR0eP0nhy/tkv0W4nUetFLy6S6EYtKmexoPdlAAD/ZRdZFr9nhW3ykoho764sAGCHtv79/8POSwIAduytt99546DfP3wzTdtxf/TF6SD/yz7/WqwfPIkPYxiP42504jIimyrG97MsG9fTXDdeGY1PB3nm6L2fyvc/+C1ikr8fnehOphbzH/QP99PCXP44r+OZcv9enn8vOvH8iv0f9A/vrciPQTNefXmu/jvRiZ8/iI9iGI8mRRT5UYv4fD9NX8+++uPTd/Py8vxkfDpoTeJmsr0bvjUAAAAAAAAAAAAAAAAAAAAAAPyP3Sl757Ri0r8nnyr77+xd5i8akVa6i/15ivykeqOl/kDjLL6p+vPcTdM0KwNn+fV4oR712zk1AAAAAAAAAAAAAAAAAAAA/LucfPzJ0cPh8PHxtQyqbgDVx/r/6fv05mZeivXBrYhGuVet3HYh5utWxCwr9qqYJGJtGfkhNii12rNoe7A++OyKpeeWa64G332/8aX7dnr2xt8EN6Z7ZZ1ruu/Lg+rpOnqYrL6Grahm2tVD8uN8TDM23Kt51VK21ePXXLnU2frszWcng/GamEjWFfbar8WVK2eS5VM0J1d1ZXp13+fSF2PamzzPs++Uv0im3TqSa/0ZBAAAAAAAAAAAAAAAAAAAFGYf+l2xeL480Zh/UctaOy0NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7M7P//bzEYl8kbBDfj+OSWjwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBT4M8AAAD//zAXXTM=")
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
open(&(0x7f0000000100)='./bus\x00', 0x24040, 0x10)

3m21.256784547s ago: executing program 1 (id=995):
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$hfs(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1214080, &(0x7f0000000140)={[{@uid}, {@codepage={'codepage', 0x3d, 'iso8859-15'}}, {@gid}, {@dir_umask={'dir_umask', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@part={'part', 0x3d, 0x800}}, {@creator={'creator', 0x3d, "5863953a"}}]}, 0x1, 0x31c, &(0x7f0000000940)="$eJzs3U1P1EAcBvBn2u6yKwQrYEg8oiSeCOBB40ViiBe/gAdDRFgTQsVEMVES4+rZGG8mJh69eTb6FfRi/AJ64mA86YV4sGZmOn1Zpt2ywBayzy9h2bbz8p9OX2aWLAURDayri9/fXdiWP6IGwAVwGXAANAAPwGlMNh5ubK5tBq3VooJclUP+COicYlealY2WLavMp3JEfLnkYSS9jg5HGIbhj66pfvclFqqO0Of+Lg4wFJ2danuj75EdjrZu12BJ9bDYwQ4eYbTKcIiIqHrR/d+J7hIj0fjdcYDpaBx+3O//mfHNTnVxHAnx/d/Ry6GQ++ek2pTM99QUTva+Y2aJtrL0MTGSXRkmu7sOfWRlOkB0m1WqWJzmnbWgNdNWBTzHlUgq2YR6XYVpiJIXbV3/mrLMTQsUtb3YsGpDTbZhPif+8T3X+OknXturW/pSIibxWXwVS8LHG6zG4z8vFHLnqP3jd/SUjn82v0TVSl+nyrQymb+fUpWcMT3w8X3Symbefm3AlbHYyFJE5/jdN3G+qufnwhiyHyvo1s3lt07lGrfmmo+X/1pzTXTmanq1oDWzci8o/CjlwFhndOKluCGm8AsfsJga/zsy9TTyz8zMlV+olNGRUdgeT6XM6ccMdQLftZyZTonMA+2ataOLvcBtXMLog8db68tB0Lpf/RtzqhyRePSBGB2Oco38nUqDhnxTA3Bglf4Lw9C6yUM/mlxTTb34Nmny1vqyaOvF/VWBdlyg2bSQnxjAAoBojbki9FL70zjXUFJgqex/ZG+rNfYD0kTVhwPSVJXZ5GKo1JnS7KHS60/Wl4OerkR0zCSdjsmbVQdDVZDDK6Hnf6n5yqy66sgXv2A2EnYrPFXiXM4MaEy9nig3g4uLzZ3BDZs3XeZcZ88D5zpqdGBqfNZZrB/FiaP4V8m9/ylDLOIbbvHzfyIiIiIiIiIiIiIiIiIiIiIiIiKi42av30bo5esE2Rq3B/AfbxARERERERERERERERERERERERERERER7U/q+b+Aq54YU6/8+b9uief/mudSEFHP/gcAAP//NBBgTQ==")
r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x8)
getdents64(r4, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000000)=""/148, 0x94)
mkdir(0x0, 0x92)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

3m19.876993147s ago: executing program 1 (id=999):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x400, 0x802, 0xff, 0x1b, 0x402, 0xfffd})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

3m19.503526254s ago: executing program 33 (id=999):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x400, 0x802, 0xff, 0x1b, 0x402, 0xfffd})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2m37.261638802s ago: executing program 2 (id=1132):
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x9, 0x7fff, 0x6, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x2}, 0x50)

2m37.122860855s ago: executing program 2 (id=1134):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./bus\x00', 0x880, &(0x7f00000000c0)=ANY=[], 0x1, 0x1cf, &(0x7f0000000780)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPXUlkcWk0vtMXKTXMwjwcwQmnpkUXFlVXZiTk5qUfFChopbyUkVp08wsFy3v6bSLMHp8EeewyFJ00GH6YiPR9aMxhLOSVKaYmxsmQpnz3yQX8emcYTh0QrmjXWeeY11halT89LykqqyqrLmTZy4cWZjZ2Pjyol1UWl+qxhbUlw2NXUyMjlsURPYzGyoPslGe8K79lUPkxxYezz8mk8ZK71OZb5kvLBI6tSKqpkTvijNZjT8znCHp2yFhIaGk8QVCYsGE4YjdbYNriAnpjQwpCmEMSapsYm1bTkzJ4SZn81tgUJL8gmm0KMcS2dKWBwQqjr501LzrUOi24xtTx3YzvAcPs6zpqBP0Oi4BIPTQsH/MiBjEhoayjTWMi21XfClSOOvhNdqY6cMBnd7pmWwAGVpAJEroTxZsJ6E5BUeOpqaRinJCQ2bJBKS3AoMlRm27uFcLdDAgBRtKgwMDNsZYXELAddgjFEwCkbBKBgFo2AUjIJRMApGwSgYBSMCAAIAAP//QJCYyw==")
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x8, 0x3, 0x298, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1c8, 0xffffffff, 0xffffffff, 0x1c8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev, [], [0x0, 0xffffff00], '\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0xd8, 0x100, 0x0, {0x0, 0x4c00}, [@common=@inet=@tcp={{0x30}, {[0x1], [], 0x0, 0x0, 0x8, 0x4}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r6, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

2m35.193242501s ago: executing program 2 (id=1138):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
set_tid_address(0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000428c18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000003c0)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

2m34.899424962s ago: executing program 2 (id=1139):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000840)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00', @ANYRES8, @ANYRES16=0x0, @ANYRESHEX=0x0], 0x1, 0x2c3, &(0x7f00000002c0)="$eJzs3b1ra2UYAPDnpPlCh0RwEsEDOjhdbu/qkiK9cDGTkkEd9OK9F6QJQgsFPzDt5Oqim6uLILj5T7j4HwiugpsdCkdOzjn5Mo2JNK16f7+lb973efI+7zmnLR3y9P0XR0eP0nhy/tkv0W4nUetFLy6S6EYtKmexoPdlAAD/ZRdZFr9nhW3ykoho764sAGCHtv79/8POSwIAduytt99546DfP3wzTdtxf/TF6SD/yz7/WqwfPIkPYxiP42504jIimyrG97MsG9fTXDdeGY1PB3nm6L2fyvc/+C1ikr8fnehOphbzH/QP99PCXP44r+OZcv9enn8vOvH8iv0f9A/vrciPQTNefXmu/jvRiZ8/iI9iGI8mRRT5UYv4fD9NX8+++uPTd/Py8vxkfDpoTeJmsr0bvjUAAAAAAAAAAAAAAAAAAAAAAPyP3Sl757Ri0r8nnyr77+xd5i8akVa6i/15ivykeqOl/kDjLL6p+vPcTdM0KwNn+fV4oR712zk1AAAAAAAAAAAAAAAAAAAA/LucfPzJ0cPh8PHxtQyqbgDVx/r/6fv05mZeivXBrYhGuVet3HYh5utWxCwr9qqYJGJtGfkhNii12rNoe7A++OyKpeeWa64G332/8aX7dnr2xt8EN6Z7ZZ1ruu/Lg+rpOnqYrL6Grahm2tVD8uN8TDM23Kt51VK21ePXXLnU2frszWcng/GamEjWFfbar8WVK2eS5VM0J1d1ZXp13+fSF2PamzzPs++Uv0im3TqSa/0ZBAAAAAAAAAAAAAAAAAAAFGYf+l2xeL480Zh/UctaOy0NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7M7P//bzEYl8kbBDfj+OSWjwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBT4M8AAAD//zAXXTM=")
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
open(&(0x7f0000000100)='./bus\x00', 0x24040, 0x10)

2m33.924744034s ago: executing program 2 (id=1142):
socket$nl_route(0x10, 0x3, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$igmp(0x2, 0x3, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0)
socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x1, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x8000, &(0x7f0000000500)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53142dd3d4108b4c7db82e8475d5bb6fa2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058b51684696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613a759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c2e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a0193672783c6dbca5d1445110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dbe62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e5348f11e7739033e9081bfc598746cf032fa55d0300470000000019ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b720000000000000000000000000000005214e7febdbc0033d6402c34aa96940474", @ANYRESDEC], 0x1, 0x1221, &(0x7f0000002300)="$eJzs3M9rHGUYB/Bn2/wyNdmotdqC9EUvehmbHDx5CZKCdEFpm0IrCFMz0WU3uyGzBLaI7c2rf4d49CaI/0AuXjwL3nLx2IM40p1gTUiRFNrdhs/nsg8775d9ZncZ2OF9dv/D77Y6m2W2mQ/iTKMRU9sR6WGKFGfibNQexHu3fvv9rRu371xbbbXWrqd0dfXm8gcppcXLP3/29Q9v/zI4d+vHxZ9mY2/p8/0/V/7Yu7B3cf/vm1+1y9QuU68/SHm62+8P8rvdIm20y06W0qfdIi+L1O6Vxc6h45vd/vb2MOW9jYX57Z2iLFPeG6ZOMUyDfhrsDFP+Zd7upSzL0sJ88PRmYv37h1VVRVTVdMxEVVXVSzEf5+LlWIjFaMbSdMSr8Vqcj9fjQrwRb8bF0apxdw4AAAAAAAAAAAAAAAAAAACny//M/8cr5v8BAAAAAAAAAAAAAAAAAADgmTP/DwAAAAAAAAAAAAAAAAAAAONn/h8AAAAAAAAAAAAAAAAAAADG78btO9dWW6216ynNRWx9u7u+u14/1sdXN6Md3SjiSjTjrxhN/9fq+urHrbUraWQp3t+6f5C/v7t+9nB+efR3Asfml+t8Opyfjfn/5leiGeePz68cm5+Ld9+p841H+Sya8esX0Y9ubMSj7OP8N8spffRJ60j+0mgdAAAAnAZZ+texv9+zLDUa9dIjx+snn3x/oGoeuT/QOJyfiktTYzxxRsrhvU7e7RY7L1Zx8JWMe5388iT08+Ri5qDTSelnAoqDd+TBpPTzghbTEfEMX+LIhWIuImaf44WJ5+Lxhz7uTgAAAAAAAAAAADiJE2wMnKr32558O+G4zxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAfduBYAAAAAECYv3UaHRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcFQAA//8my+RP")
socket(0x10, 0x3, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0)
ppoll(&(0x7f0000000300)=[{r1, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

2m33.445909999s ago: executing program 2 (id=1144):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f00000000c0)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000140)=ANY=[@ANYBLOB='5-2'], 0x23)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/keycreate\x00')
read$FUSE(r6, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
msgget$private(0x0, 0x0)
r7 = socket(0x2, 0x2, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x46}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x6}, 0x70)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r8=>0x0})
syz_open_procfs(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x9, 0x7fff, 0x6, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', r8, 0xffffffffffffffff, 0x0, 0x2}, 0x50)

2m32.829110431s ago: executing program 34 (id=1144):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f00000000c0)='cpuset.mems\x00', 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000140)=ANY=[@ANYBLOB='5-2'], 0x23)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/keycreate\x00')
read$FUSE(r6, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
msgget$private(0x0, 0x0)
r7 = socket(0x2, 0x2, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x46}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x6}, 0x70)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r8=>0x0})
syz_open_procfs(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x9, 0x7fff, 0x6, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', r8, 0xffffffffffffffff, 0x0, 0x2}, 0x50)

1m45.779060286s ago: executing program 6 (id=1276):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x28, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f0000000380)=[@reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000240)={@flat=@weak_binder={0x77622a85, 0x10a, 0x2}, @flat=@weak_handle={0x77682a85, 0x101, 0x2}, @fd={0x66642a85, 0x0, r1}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

1m45.319037068s ago: executing program 6 (id=1279):
socket$netlink(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000029c0)={0x0, 0x31000000, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x15\x00'}]}, 0x1c}}, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, r2)

1m43.279463649s ago: executing program 6 (id=1288):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x32, 0x0, &(0x7f0000000400)=[@increfs], 0xfffffcb0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000580)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x3, 0x29}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x2b}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

1m43.082165512s ago: executing program 6 (id=1291):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x4480, &(0x7f00000003c0)=ANY=[@ANYBLOB="0096397bb229f118b1f6c334ff95e9d57079d2a61ef7526c03c3a0d9cd515719956a0e5922340c97beade3e691744c236c61868da817036b0bab4516cc735ee856ef073c7b0b540347b358404ebe8e0c22e3a8a3caad47889d996a07d6988b211450783f4fdfbb8ae60572ea3bb70fb29560525b"], 0x83, 0x22e, &(0x7f0000000940)="$eJzs2r+LHGUYB/BnzguJFy674i8SEF+0UJsht7VFDk1AXFA0K0RBMvFmddlx99hZDlbEXKWtf4K1WNoJktLmQPwLLOyuuTKFOJLb87IJJyJiNujn08wD73zheXmHl6eY/Ze//HjYr/N+MY2VLIuVS7Ebt7Nox0r8YTdeeuHaD8+8fe3d1ze73ctvpXRl8+pGJ6V07tnv3/v0m+duTc++8+25707HXvv9/YPOL3tP7Z3f/+3qR4M6Deo0Gk9TkW6Mx9PiRlWmrUE9zFN6syqLukyDUV1O7lnvV+Pt7VkqRlvra9uTsq5TMZqlYTlL03GaTmap+LAYjFKe52l9Lfgnel/fbpo4aE5dj6ZpHv0qzt6K9Z+jFdljKXv8Uvbk9ezp3ez8QdO0lt0q/wrn//+2cKmfiai+2Ont9ObP+fqrP8YgqijjYrTi17jzmRyZ11de616+mA614/Pq5lH+5qneI4f5zf5RfiNa0T45vzHPp8X8Tu90rC3mO9GKJ07Od07Mn4kXn1/I59GKnz6IcVSxFXeyd/OfbaT0yhvd+/IXDt8DAPivydOx9r3zz3x+y/M/W5/nj+erv54P75uvVuPC6nL3TkQ9+2RYVFU5URwXq/FQtKFQLLFY9s3Eg3D30JfdCQAAAAAAAAAAAH/Hg/idcNl7BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHm6/BwAA//+HytTx")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f0000000680)='./bus\x00', 0x4001410c2, 0x2e)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x40, 0x8005, 0x0, 0x0, 0xa, 0x4, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000ff91031905b9aaaaf755a3f6a004000000000001000200", "036c47c6780820d1cbf733970000cf33768bbd9bffbcc2542ded71038259ca171ce1a310ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204, 0xffffffffffffffff]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fanotify_mark(0xffffffffffffffff, 0x1, 0x10001043, 0xffffffffffffffff, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x2)

1m42.607856088s ago: executing program 6 (id=1292):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000240)={[{@errors_remount}, {@debug}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {}, {@jqfmt_vfsv1}, {@grpid}]}, 0x2, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
chdir(&(0x7f00000000c0)='./file0\x00')
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m41.501593909s ago: executing program 6 (id=1298):
r0 = socket$netlink(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
recvmmsg(r4, &(0x7f0000008880), 0x45b, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x31000000, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x15\x00'}]}, 0x1c}}, 0x0)
r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x28, r5, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4040080)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d04000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001"], 0x38}}, 0x0)
r6 = syz_io_uring_setup(0x88b, &(0x7f0000000140)={0x0, 0xb5b8, 0x1000, 0x1, 0x3b7}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000000c0)=@IORING_OP_UNLINKAT={0x24, 0x1c, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200, 0x1, {0x0, r9}})
write$rfkill(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x6, 0x3, 0x1, 0x1}, 0x8)

1m40.914354776s ago: executing program 35 (id=1298):
r0 = socket$netlink(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
recvmmsg(r4, &(0x7f0000008880), 0x45b, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x31000000, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x15\x00'}]}, 0x1c}}, 0x0)
r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x28, r5, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4040080)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d04000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001"], 0x38}}, 0x0)
r6 = syz_io_uring_setup(0x88b, &(0x7f0000000140)={0x0, 0xb5b8, 0x1000, 0x1, 0x3b7}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000000c0)=@IORING_OP_UNLINKAT={0x24, 0x1c, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200, 0x1, {0x0, r9}})
write$rfkill(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x6, 0x3, 0x1, 0x1}, 0x8)

10.365954753s ago: executing program 4 (id=1563):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000009d000000010001000900000001"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000003c0), &(0x7f0000000500)='%pB    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0b00000005000000070000000900000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20)

9.89497918s ago: executing program 3 (id=1566):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000200)=""/85, 0xaa)
getdents(r5, 0xfffffffffffffffd, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
fcntl$lock(r7, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r7, 0x26, &(0x7f0000000080))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

8.007309494s ago: executing program 3 (id=1569):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

6.692628305s ago: executing program 8 (id=1572):
fchdir(0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x404800, 0x165)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r3, 0xc06c4124, &(0x7f0000000080))
getdents64(r0, &(0x7f0000000040)=""/54, 0x36)
getdents64(r0, 0xfffffffffffffffe, 0x29)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f00000004c0)="170000000a0001000003be8c5ee17688a20032000203000a0292000098fc5ad90a00bb6a880000d6c8db0000dba67e06020000e28900000200df018002000000fc0607bdff59100ac45761547a681f009cee4a5a2d8f89814bc6c252674f00c88ebb01005033bf79ac2dfc060115003901000000000000ea0000000000000800b59bd2b8e50ce5af649a702202ffff02dfccebf6ba000840024f0298e9e90554062a80e605007f71174aa951f3c63e5a1b47b6806323deb3", 0xb8)

6.344198796s ago: executing program 5 (id=1573):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d40)={0xffffffffffffffff, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x10c00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x3, 0x0, r1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r1}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r3, &(0x7f0000000d40), 0x0}, 0x20)

6.237991581s ago: executing program 5 (id=1574):
bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x0, 0xa, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

5.95384539s ago: executing program 4 (id=1575):
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0320fef0ffffff79a400fe00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000003d000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27b"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
ioctl$TIOCCONS(0xffffffffffffffff, 0x541d)
io_pgetevents(0x0, 0x2, 0x0, 0x0, 0x0, 0x0)
io_destroy(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000240)={{0x80}, 'port1\x00', 0x72, 0x0, 0x0, 0x8000007, 0x3, 0x4, 0x1, 0x0, 0x5})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, &(0x7f0000000140)={0x800100, 0xffffffff, 0x2, 0xe1db, 0x1101, 0xff})
close(r0)

5.856869881s ago: executing program 5 (id=1576):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x14, &(0x7f0000000900)=@framed={{0x18, 0x2}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xe}}, @printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000}, 0x94)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={0xffffffffffffffff, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4853}, 0x4000001)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
syz_open_dev$sndctrl(&(0x7f0000000140), 0x0, 0x101000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.575548937s ago: executing program 8 (id=1577):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
close(r0)

5.261151333s ago: executing program 3 (id=1578):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_clone(0x40042700, 0x0, 0x0, 0x0, 0x0, 0x0)

4.768838913s ago: executing program 4 (id=1579):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2}, 0x48)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0}, 0x94)

4.690734975s ago: executing program 5 (id=1580):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0xc0389424, &(0x7f00000002c0)={0x0, 0x18, '\x00', 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0]})
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f00000000c0)='\x00', 0x0, r1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x164)
fanotify_mark(0xffffffffffffffff, 0x541, 0x40001019, r5, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
connect$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
close_range(r3, 0xffffffffffffffff, 0x0)

3.915980932s ago: executing program 7 (id=1581):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x1000000000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf82c9000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$user(0x0, &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000100)="d8", 0x1, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000480))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0), 0xc)

3.841571224s ago: executing program 8 (id=1582):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000340)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.729837942s ago: executing program 4 (id=1583):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x14}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0xfffffe01, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.610638943s ago: executing program 5 (id=1584):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r0}, 0x10)
syz_clone(0x40042700, 0x0, 0x0, 0x0, 0x0, 0x0)

3.545601083s ago: executing program 3 (id=1585):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

2.817926812s ago: executing program 7 (id=1586):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)

2.625557461s ago: executing program 8 (id=1587):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0xc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc)

2.552983465s ago: executing program 7 (id=1588):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x5c, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

2.462666968s ago: executing program 3 (id=1589):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES8], 0x1, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2f, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7)
getpriority(0x0, r3)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x24100, 0x0)

2.193766301s ago: executing program 7 (id=1590):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x14, &(0x7f0000000900)=@framed={{0x18, 0x2}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xe}}, @printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000}, 0x94)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={0xffffffffffffffff, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4853}, 0x4000001)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
syz_open_dev$sndctrl(&(0x7f0000000140), 0x0, 0x101000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.849529858s ago: executing program 8 (id=1591):
select(0x2a, 0x0, 0x0, &(0x7f0000000400)={0xfefdffffffffffff, 0x1, 0x2, 0x300}, &(0x7f0000000440)={0x0, 0x2710})

1.042080077s ago: executing program 3 (id=1592):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$lock(r3, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r3, 0x26, &(0x7f00000031c0)={0x1})

1.025020718s ago: executing program 4 (id=1593):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2}, 0x48)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0}, 0x94)

949.01861ms ago: executing program 7 (id=1594):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x80002, 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000000c0)='\x00', 0x0, r1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x164)
fanotify_mark(0xffffffffffffffff, 0x541, 0x40001019, r6, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
connect$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
close_range(r4, 0xffffffffffffffff, 0x0)

948.661658ms ago: executing program 5 (id=1595):
io_uring_setup(0x28d5, &(0x7f0000000100)={0x0, 0x0, 0x10, 0x0, 0x214})
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
sendto$packet(0xffffffffffffffff, &(0x7f0000000600), 0x0, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
creat(0x0, 0x44)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49)
pwritev2(r1, &(0x7f0000000240), 0x0, 0x7a00, 0x0, 0x3)
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000100)='./file0/file0\x00')

948.477041ms ago: executing program 8 (id=1596):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x1000000000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf82c9000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$user(0x0, &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000100)="d8", 0x1, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000480))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0), 0xc)

106.083889ms ago: executing program 7 (id=1597):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYRES32=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

0s ago: executing program 4 (id=1598):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r4}, 0x10)
close(r0)

kernel console output (not intermixed with test programs):

530][ T6762] loop4: detected capacity change from 0 to 512
[  159.068528][ T6754] ext4_test_bit(bit=12, block=18) = 1
[  159.073943][ T6754] is_bad_inode(inode)=0
[  159.096679][ T6754] NEXT_ORPHAN(inode)=0
[  159.125060][ T6754] max_ino=32
[  159.126746][ T6762] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  159.133116][ T6754] i_nlink=1
[  159.136581][ T6762] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  159.147511][ T6762] System zones: 0-1, 15-15, 18-18, 34-34
[  159.153469][ T6762] EXT4-fs (loop4): orphan cleanup on readonly fs
[  159.160105][ T6762] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[  159.169529][ T6762] EXT4-fs warning (device loop4): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  159.179387][ T6754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  159.184291][ T6762] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  159.215801][ T6762] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.228: bg 0: block 40: padding at end of block bitmap is not set
[  159.245338][ T6762] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  159.257652][ T6762] EXT4-fs (loop4): 1 truncate cleaned up
[  159.264974][ T6762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  159.321989][ T6754] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  159.359985][ T6762] EXT4-fs error (device loop4): ext4_encrypted_get_link:46: inode #16: comm syz.4.228: bad symlink.
[  159.376777][ T6754] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.227: bg 0: block 248: padding at end of block bitmap is not set
[  159.435352][ T6754] Quota error (device loop1): write_blk: dquota write failed
[  159.443998][ T6754] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  159.487250][ T6754] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.227: Failed to acquire dquot type 1
[  159.545229][ T6762] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  159.567632][ T6762] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  159.632577][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  159.688250][ T6625] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-5
[  159.700456][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.718521][ T6625] EXT4-fs error (device loop1): ext4_release_dquot:7022: comm kworker/u8:23: Failed to release dquot type 1
[  159.963126][ T6773] fuse: Bad value for 'fd'
[  160.203639][ T6778] loop3: detected capacity change from 0 to 512
[  160.954743][ T6778] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0002]
[  161.165283][ T6778] System zones: 1-12
[  161.261405][ T6784] warning: `syz.1.235' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  161.708987][ T6778] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.234: error while reading EA inode 32 err=-116
[  161.798448][ T6778] EXT4-fs (loop3): Remounting filesystem read-only
[  161.888958][ T6778] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[  161.975376][ T6778] EXT4-fs (loop3): 1 orphan inode deleted
[  162.114518][ T6778] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.937352][ T6793] autofs: Unknown parameter 'fd0x0000000000000000'
[  163.087680][ T6796] loop2: detected capacity change from 0 to 2048
[  163.182487][ T6797] loop1: detected capacity change from 0 to 2048
[  163.191356][ T6796] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  163.301820][ T6796] EXT4-fs error (device loop2): ext4_lookup:1785: inode #16: comm syz.2.239: iget: bad i_size value: 8796093031208
[  163.317711][ T6797] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  163.418628][ T6796] EXT4-fs error (device loop2): ext4_lookup:1785: inode #16: comm syz.2.239: iget: bad i_size value: 8796093031208
[  163.533035][ T6797] UDF-fs: unknown compression code (0)
[  163.690561][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  164.583569][ T6820] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  164.591093][ T6820] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  166.159650][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.314365][ T6832] loop2: detected capacity change from 0 to 1024
[  166.427833][ T6832] syz.2.252: attempt to access beyond end of device
[  166.427833][ T6832] loop2: rw=8388608, sector=5778, nr_sectors = 2 limit=1024
[  166.492041][ T6834] loop4: detected capacity change from 0 to 2048
[  166.531344][ T6836] loop1: detected capacity change from 0 to 512
[  166.570444][ T6836] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  166.630503][ T6834] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.722982][ T6842] Bluetooth: MGMT ver 1.23
[  167.708557][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.359313][ T6862] netlink: 24 bytes leftover after parsing attributes in process `syz.4.258'.
[  168.372310][ T6864] loop1: detected capacity change from 0 to 1024
[  168.448329][ T6864] hfsplus: inconsistency in B*Tree (0,1,255,1,0)
[  168.460625][ T6866] loop0: detected capacity change from 0 to 512
[  168.466296][ T6864] hfsplus: xattr searching failed
[  168.547202][ T6866] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  168.610972][ T6866] EXT4-fs (loop0): 1 truncate cleaned up
[  168.674834][ T6866] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.624059][ T5827] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.969581][ T6878] trusted_key: syz.0.265 sent an empty control message without MSG_MORE.
[  170.237187][ T6881] loop2: detected capacity change from 0 to 40427
[  170.277513][ T6881] F2FS-fs (loop2): invalid crc value
[  170.329687][ T6881] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  170.339163][ T6881] F2FS-fs (loop2): Start checkpoint disabled!
[  170.346535][ T6881] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  170.354492][ T6881] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  170.448995][   T30] audit: type=1800 audit(1765354619.754:12): pid=6884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.268" name="bus" dev="loop2" ino=10 res=0 errno=0
[  171.140068][   T50] kworker/u8:3: attempt to access beyond end of device
[  171.140068][   T50] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  171.200094][   T50] CPU: 0 UID: 0 PID: 50 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  171.200109][   T50] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  171.200115][   T50] Workqueue: writeback wb_workfn (flush-7:2)
[  171.200132][   T50] Call Trace:
[  171.200137][   T50]  <TASK>
[  171.200141][   T50]  dump_stack_lvl+0x189/0x250
[  171.200158][   T50]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.200169][   T50]  ? __pfx_queue_work_on+0x10/0x10
[  171.200179][   T50]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  171.200195][   T50]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  171.200216][   T50]  f2fs_handle_critical_error+0x37c/0x540
[  171.200231][   T50]  f2fs_write_end_io+0x886/0xb60
[  171.200254][   T50]  __submit_merged_bio+0x256/0x660
[  171.200268][   T50]  __submit_merged_write_cond+0x269/0x530
[  171.200282][   T50]  f2fs_write_data_pages+0x2756/0x3290
[  171.200314][   T50]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  171.200354][   T50]  ? stack_trace_save+0x9c/0xe0
[  171.200366][   T50]  ? __lock_acquire+0x6b6/0x2cf0
[  171.200400][   T50]  ? __lock_acquire+0x6b6/0x2cf0
[  171.200421][   T50]  ? __lock_acquire+0x6b6/0x2cf0
[  171.200443][   T50]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  171.200456][   T50]  do_writepages+0x32e/0x550
[  171.200474][   T50]  ? reacquire_held_locks+0x121/0x1c0
[  171.200485][   T50]  ? writeback_sb_inodes+0x3bd/0x1870
[  171.200501][   T50]  __writeback_single_inode+0x133/0x1240
[  171.200513][   T50]  ? do_raw_spin_unlock+0x122/0x240
[  171.200529][   T50]  writeback_sb_inodes+0x93a/0x1870
[  171.200545][   T50]  ? unwind_next_frame+0xa5/0x2390
[  171.200566][   T50]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  171.200603][   T50]  ? rcu_is_watching+0x15/0xb0
[  171.200621][   T50]  wb_writeback+0x42b/0xaa0
[  171.200637][   T50]  ? queue_io+0x281/0x450
[  171.200650][   T50]  ? __pfx_wb_writeback+0x10/0x10
[  171.200666][   T50]  ? _raw_spin_unlock_irq+0x23/0x50
[  171.200683][   T50]  wb_workfn+0x3f9/0xed0
[  171.200701][   T50]  ? __pfx_wb_workfn+0x10/0x10
[  171.200728][   T50]  ? process_one_work+0x868/0x15a0
[  171.200742][   T50]  ? _raw_spin_unlock_irq+0x23/0x50
[  171.200757][   T50]  ? process_one_work+0x868/0x15a0
[  171.200766][   T50]  process_one_work+0x93a/0x15a0
[  171.200789][   T50]  ? __pfx_process_one_work+0x10/0x10
[  171.200804][   T50]  ? assign_work+0x3c7/0x5b0
[  171.200817][   T50]  worker_thread+0x9b0/0xee0
[  171.200844][   T50]  kthread+0x711/0x8a0
[  171.200858][   T50]  ? __pfx_worker_thread+0x10/0x10
[  171.200868][   T50]  ? __pfx_kthread+0x10/0x10
[  171.200882][   T50]  ? _raw_spin_unlock_irq+0x23/0x50
[  171.200895][   T50]  ? lockdep_hardirqs_on+0x98/0x140
[  171.200903][   T50]  ? __pfx_kthread+0x10/0x10
[  171.200916][   T50]  ret_from_fork+0x599/0xb30
[  171.200928][   T50]  ? __pfx_ret_from_fork+0x10/0x10
[  171.200944][   T50]  ? __switch_to_asm+0x39/0x70
[  171.200956][   T50]  ? __switch_to_asm+0x33/0x70
[  171.200966][   T50]  ? __pfx_kthread+0x10/0x10
[  171.200979][   T50]  ret_from_fork_asm+0x1a/0x30
[  171.201003][   T50]  </TASK>
[  171.201007][   T50] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  171.664815][ T6891] binder: 6889:6891 ioctl 400c620e 0 returned -14
[  172.512179][ T6897] overlayfs: upper fs does not support file handles, falling back to index=off.
[  172.770676][ T6900] loop1: detected capacity change from 0 to 1024
[  173.739778][ T6904] loop0: detected capacity change from 0 to 2048
[  173.829290][ T6904] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  173.938524][ T6913] loop4: detected capacity change from 0 to 128
[  174.003963][ T6913] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  174.052215][ T6913] ext4 filesystem being mounted at /57/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  174.235531][   T30] audit: type=1800 audit(1765354623.424:13): pid=6904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.274" name="file1" dev="loop0" ino=1415 res=0 errno=0
[  174.283193][ T3546] hfsplus: b-tree write err: -5, ino 3
[  175.042778][ T5829] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  175.106539][ T6921] loop1: detected capacity change from 0 to 512
[  175.238097][ T6921] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.278: bad orphan inode 11862016
[  175.252601][ T6928] loop4: detected capacity change from 0 to 8
[  175.388361][ T6921] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  175.412741][ T6929] loop0: detected capacity change from 0 to 2048
[  175.460338][ T6933] loop2: detected capacity change from 0 to 128
[  175.472421][ T6933] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  175.575305][ T6921] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.597966][ T6933] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.747443][ T6929] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.759690][ T6929] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.958369][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  176.818121][ T5827] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.995116][ T6945] overlayfs: upper fs does not support file handles, falling back to index=off.
[  177.405086][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  177.429929][ T6953] loop3: detected capacity change from 0 to 1024
[  177.432966][ T6954] loop2: detected capacity change from 0 to 512
[  177.477390][ T6953] EXT4-fs: Ignoring removed nobh option
[  177.536557][ T6954] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  177.562140][ T6953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.598767][   T24] usb 1-1: config 0 interface 0 altsetting 11 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.611033][   T24] usb 1-1: config 0 interface 0 has no altsetting 0
[  177.617766][   T24] usb 1-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00
[  177.629987][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.631951][ T6954] EXT4-fs (loop2): blocks per group (71) and clusters per group (20800) inconsistent
[  177.649100][   T24] usb 1-1: config 0 descriptor??
[  177.850837][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.176600][   T24] logitech 0003:046D:C626.0002: unknown main item tag 0x0
[  178.185009][   T24] logitech 0003:046D:C626.0002: unknown main item tag 0x0
[  178.195191][   T24] logitech 0003:046D:C626.0002: unknown main item tag 0x0
[  178.206805][   T24] logitech 0003:046D:C626.0002: unknown main item tag 0x0
[  178.213962][   T24] logitech 0003:046D:C626.0002: unknown main item tag 0x0
[  178.224102][   T24] logitech 0003:046D:C626.0002: unknown main item tag 0x0
[  178.244417][   T24] logitech 0003:046D:C626.0002: unknown main item tag 0x0
[  178.257615][   T24] logitech 0003:046D:C626.0002: hidraw0: USB HID v0.00 Device [HID 046d:c626] on usb-dummy_hcd.0-1/input0
[  178.394698][   T24] usb 1-1: USB disconnect, device number 4
[  179.185143][ T6963] fido_id[6963]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  179.277690][ T6966] loop1: detected capacity change from 0 to 2048
[  179.441912][ T6966] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  180.834459][ T6977] netlink: 12 bytes leftover after parsing attributes in process `syz.0.296'.
[  181.010185][ T6973] loop2: detected capacity change from 0 to 32768
[  181.665919][ T6973] read_mapping_page failed!
[  181.670906][ T6973] ERROR: (device loop2): txCommit: 
[  181.670906][ T6973] 
[  181.971638][ T6983] loop0: detected capacity change from 0 to 1024
[  182.013628][ T6983] EXT4-fs: Ignoring removed orlov option
[  182.228192][ T6983] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  182.495577][ T6983] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.999604][ T5827] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.195607][ T6994] loop1: detected capacity change from 0 to 512
[  183.268197][ T6994] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  183.310538][ T6996] overlayfs: upper fs does not support file handles, falling back to index=off.
[  184.232059][ T7011] loop4: detected capacity change from 0 to 128
[  184.538561][ T7005] kvm: kvm [7003]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xde3
[  184.600200][ T7005] kvm: kvm [7003]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x46a
[  184.641774][ T7011] syz.4.297: attempt to access beyond end of device
[  184.641774][ T7011] loop4: rw=2049, sector=138, nr_sectors = 112 limit=128
[  184.740413][ T7005] kvm: kvm [7003]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1631
[  184.781930][ T7016] syz.4.297: attempt to access beyond end of device
[  184.781930][ T7016] loop4: rw=8390657, sector=142, nr_sectors = 2 limit=128
[  184.850320][ T7016] Buffer I/O error on dev loop4, logical block 71, lost async page write
[  185.298687][ T5918] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  185.474977][ T5918] usb 2-1: Using ep0 maxpacket: 32
[  185.482575][ T5918] usb 2-1: config 2 has an invalid interface number: 88 but max is 0
[  185.500872][ T5918] usb 2-1: config 2 has no interface number 0
[  185.518901][ T5918] usb 2-1: config 2 interface 88 has no altsetting 0
[  185.544766][ T5918] usb 2-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  185.567988][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.579898][ T5918] usb 2-1: Product: syz
[  185.584079][ T5918] usb 2-1: Manufacturer: syz
[  185.595234][ T5918] usb 2-1: SerialNumber: syz
[  187.429150][ T5918] asix 2-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  187.485346][ T5918] asix 2-1:2.88: probe with driver asix failed with error -71
[  187.669664][ T7041] loop0: detected capacity change from 0 to 32768
[  187.915144][ T7041] read_mapping_page failed!
[  187.919765][ T7041] ERROR: (device loop0): txCommit: 
[  187.919765][ T7041] 
[  187.986478][ T7044] loop2: detected capacity change from 0 to 1024
[  188.012533][ T5918] usb 2-1: USB disconnect, device number 3
[  188.047735][ T7044] EXT4-fs (loop2): cluster size (1024) smaller than block size (4096)
[  188.140466][ T7046] overlayfs: upper fs does not support file handles, falling back to index=off.
[  190.427365][ T7064] netlink: 76 bytes leftover after parsing attributes in process `syz.1.319'.
[  191.745278][ T6118] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  192.537080][ T6118] usb 1-1: Using ep0 maxpacket: 16
[  192.548847][ T6118] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.577793][ T6118] usb 1-1: config 0 interface 0 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 28
[  192.614486][ T7082] loop2: detected capacity change from 0 to 1024
[  192.631889][ T6118] usb 1-1: config 0 interface 0 has no altsetting 0
[  192.651096][ T6118] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  192.697219][ T7082] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.706615][ T6118] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.744436][ T6118] usb 1-1: config 0 descriptor??
[  192.778514][ T6118] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  193.053977][ T7092] overlayfs: upper fs does not support file handles, falling back to index=off.
[  193.123162][ T6118] usb 1-1: USB disconnect, device number 5
[  193.600538][ T7096] loop4: detected capacity change from 0 to 1024
[  193.628588][ T7096] EXT4-fs: Ignoring removed nomblk_io_submit option
[  193.667677][ T7096] EXT4-fs (loop4): Test dummy encryption mode enabled
[  193.728664][ T7096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.861589][ T7099] loop0: detected capacity change from 0 to 1024
[  193.894534][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.969478][ T7099] hfsplus: invalid extended attribute record
[  194.011129][   T30] audit: type=1800 audit(1765354643.314:14): pid=7099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.329" name="file1" dev="loop0" ino=26 res=0 errno=0
[  194.043309][ T7083] loop3: detected capacity change from 0 to 32768
[  194.229617][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  194.236603][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  194.499414][ T7083] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  194.629175][   T50] hfsplus: b-tree write err: -5, ino 4
[  195.502281][ T7114] loop4: detected capacity change from 0 to 32768
[  196.375029][ T5845] Bluetooth: hci2: command 0x0406 tx timeout
[  196.381269][ T5845] Bluetooth: hci3: command 0x0406 tx timeout
[  196.409369][   T52] Bluetooth: hci0: command 0x0406 tx timeout
[  196.415590][ T5834] Bluetooth: hci1: command 0x0406 tx timeout
[  196.563229][ T7114] read_mapping_page failed!
[  196.567954][ T7114] ERROR: (device loop4): txCommit: 
[  196.567954][ T7114] 
[  196.708832][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.752322][ T7083] XFS (loop3): Ending clean mount
[  196.840366][ T7118] loop0: detected capacity change from 0 to 512
[  196.902825][ T5831] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  197.224085][ T7118] EXT4-fs (loop0): blocks per group (95) and clusters per group (32768) inconsistent
[  197.926824][ T5896] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  198.196613][ T5896] usb 1-1: Using ep0 maxpacket: 16
[  198.301529][ T5896] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  198.407756][ T5896] usb 1-1: config 1 has no interface number 0
[  198.485496][ T7126] loop1: detected capacity change from 0 to 128
[  198.485943][ T5896] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  198.507227][ T7126] FAT-fs (loop1): Directory bread(block 162) failed
[  198.527358][ T7126] FAT-fs (loop1): Directory bread(block 163) failed
[  198.533995][ T7126] FAT-fs (loop1): Directory bread(block 164) failed
[  198.564730][ T5896] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  198.598493][ T5896] usb 1-1: config 1 interface 105 has no altsetting 0
[  198.646890][ T5896] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  198.691602][ T5896] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.692681][ T7126] FAT-fs (loop1): Directory bread(block 165) failed
[  198.714182][ T7126] FAT-fs (loop1): Directory bread(block 166) failed
[  198.715811][ T5896] usb 1-1: Product: syz
[  198.722474][ T7126] FAT-fs (loop1): Directory bread(block 167) failed
[  198.732670][ T7126] FAT-fs (loop1): Directory bread(block 168) failed
[  198.735784][ T5896] usb 1-1: Manufacturer: syz
[  198.740414][ T7126] FAT-fs (loop1): Directory bread(block 169) failed
[  198.749908][ T5896] usb 1-1: SerialNumber: syz
[  198.763044][ T7126] FAT-fs (loop1): Directory bread(block 162) failed
[  198.768705][ T7118] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  198.776826][ T7126] FAT-fs (loop1): Directory bread(block 163) failed
[  198.784699][ T7126] syz.1.336: attempt to access beyond end of device
[  198.784699][ T7126] loop1: rw=8388611, sector=226, nr_sectors = 6 limit=128
[  198.785643][ T7118] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  198.799176][ T7126] syz.1.336: attempt to access beyond end of device
[  198.799176][ T7126] loop1: rw=8390659, sector=232, nr_sectors = 2 limit=128
[  199.004252][ T7134] overlayfs: upper fs does not support file handles, falling back to index=off.
[  199.839496][ T7118] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  199.902675][ T7118] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  200.245930][ T7143] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  200.253406][ T7143] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  200.541365][ T6118] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  200.636060][ T5896] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  200.670346][ T5896] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  200.692272][ T5896] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  200.748822][ T5896] aqc111 1-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 12:f8:df:34:b7:8e
[  200.788696][ T5896] usb 1-1: USB disconnect, device number 6
[  200.807220][ T5896] aqc111 1-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  200.833325][ T6118] usb 3-1: Using ep0 maxpacket: 8
[  200.842652][ T6118] usb 3-1: config 0 has an invalid interface number: 196 but max is 0
[  200.962816][ T6118] usb 3-1: config 0 has no interface number 0
[  201.462389][ T6118] usb 3-1: New USB device found, idVendor=7d82, idProduct=8a53, bcdDevice=d9.ec
[  201.478212][ T6118] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.486669][ T6118] usb 3-1: Product: syz
[  201.490885][ T6118] usb 3-1: Manufacturer: syz
[  201.496597][ T6118] usb 3-1: SerialNumber: syz
[  201.496761][ T7149] binder: 7148:7149 unknown command 0
[  201.513259][ T6118] usb 3-1: config 0 descriptor??
[  201.519395][ T5896] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  201.528881][ T7149] binder: 7148:7149 ioctl c0306201 200000004a40 returned -22
[  201.539836][ T6118] usb 3-1: bad CDC descriptors
[  201.545286][ T5896] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  201.559081][ T5896] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  201.765227][ T6439] usb 3-1: USB disconnect, device number 5
[  201.944660][ T7159] pim6reg: entered allmulticast mode
[  202.105507][ T5896] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  202.285041][ T5896] usb 5-1: Using ep0 maxpacket: 32
[  202.301158][ T7163] loop1: detected capacity change from 0 to 1024
[  202.803700][ T5896] usb 5-1: config index 0 descriptor too short (expected 6265, got 121)
[  202.829699][ T5896] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  202.881386][ T5896] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  202.911017][ T5896] usb 5-1: config 1 has no interface number 1
[  202.918406][ T5896] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  203.022528][ T5896] usb 5-1: config 1 interface 2 has no altsetting 0
[  203.039985][ T5896] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  203.042400][  T147] hfsplus: b-tree write err: -5, ino 4
[  203.049935][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.063567][ T5896] usb 5-1: Product: syz
[  203.068138][ T5896] usb 5-1: Manufacturer: syz
[  203.084957][ T5896] usb 5-1: SerialNumber: syz
[  203.254866][ T7168] loop1: detected capacity change from 0 to 512
[  203.283205][ T7168] ext3: Unknown parameter 'nouser_xattr'
[  203.301301][ T5896] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor
[  203.325284][ T5896] usb 5-1: found format II with max.bitrate = 0, frame size=5
[  203.356942][ T5896] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  203.375767][ T5896] usb 5-1: selecting invalid altsetting 0
[  204.236920][ T5896] usb 5-1: USB disconnect, device number 3
[  204.328491][ T5966] udevd[5966]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  204.799487][ T7185] binder: BINDER_SET_CONTEXT_MGR already set
[  204.818535][ T7185] binder: 7183:7185 ioctl 4018620d 200000004a80 returned -16
[  205.520018][ T7185] binder: 7183:7185 ioctl c0306201 0 returned -14
[  205.689559][ T7192] loop0: detected capacity change from 0 to 256
[  205.703903][ T7194] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  205.728662][ T7192] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  207.149793][ T7205] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  207.157396][ T7205] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  208.260700][ T7213] loop2: detected capacity change from 0 to 1024
[  208.290933][ T7213] EXT4-fs: Ignoring removed nomblk_io_submit option
[  208.410734][ T7213] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.122397][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.395492][ T7229] loop0: detected capacity change from 0 to 2048
[  209.455611][ T7229] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.717672][ T7248] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  211.725195][ T7248] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  213.364584][ T5838] Bluetooth: Wrong link type (-71)
[  213.769723][ T7279] loop0: detected capacity change from 0 to 128
[  213.899460][ T7277] syz.0.381: attempt to access beyond end of device
[  213.899460][ T7277] loop0: rw=2049, sector=138, nr_sectors = 112 limit=128
[  213.916156][ T7277] syz.0.381: attempt to access beyond end of device
[  213.916156][ T7277] loop0: rw=8390657, sector=142, nr_sectors = 2 limit=128
[  213.929779][ T7277] Buffer I/O error on dev loop0, logical block 71, lost async page write
[  214.106134][ T7281] pim6reg: entered allmulticast mode
[  214.553901][ T7289] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  214.561488][ T7289] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  216.684009][ T7297] loop4: detected capacity change from 0 to 512
[  216.723272][ T7299] loop3: detected capacity change from 0 to 512
[  216.730487][ T7299] EXT4-fs: Ignoring removed bh option
[  216.757277][ T7297] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  216.762557][ T7299] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.821485][ T7297] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.852773][ T7299] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  216.986070][ T7297] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  216.999739][   T30] audit: type=1800 audit(1765354666.304:15): pid=7299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.391" name="file2" dev="loop3" ino=16 res=0 errno=0
[  217.098795][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.303639][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.465168][ T5838] Bluetooth: Wrong link type (-71)
[  217.726375][ T7319] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  218.497056][ T7330] syz.2.401 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  219.066575][ T7335] loop1: detected capacity change from 0 to 8
[  219.696639][ T7329] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  219.714392][ T7329] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  220.251297][ T7351] loop3: detected capacity change from 0 to 512
[  220.272076][ T7351] EXT4-fs: Ignoring removed nomblk_io_submit option
[  220.305588][ T7351] EXT4-fs: inline encryption not supported
[  220.381046][ T7351] EXT4-fs error (device loop3): ext4_iget_extra_inode:5073: inode #15: comm syz.3.408: corrupted in-inode xattr: invalid ea_ino
[  220.403996][ T7351] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.408: couldn't read orphan inode 15 (err -117)
[  220.420295][ T7351] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.495384][ T7358] binder: 7356:7358 ioctl 400c620e 0 returned -14
[  220.617596][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.719716][ T7361] loop1: detected capacity change from 0 to 8
[  222.193872][ T7367] loop3: detected capacity change from 0 to 256
[  222.264612][ T7373] loop1: detected capacity change from 0 to 2048
[  222.302157][ T7367] exFAT-fs (loop3): failed to test first cluster bit of root dir(5)
[  222.379289][ T7373] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.547417][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.782588][ T7386] loop1: detected capacity change from 0 to 512
[  222.821951][ T7386] EXT4-fs: inline encryption not supported
[  222.865186][ T6625] wlan1: Trigger new scan to find an IBSS to join
[  223.008668][ T7386] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.223274][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.526130][ T7397] loop1: detected capacity change from 0 to 512
[  223.571333][ T7397] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.423: inode has both inline data and extents flags
[  223.618977][ T7397] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.423: couldn't read orphan inode 15 (err -117)
[  223.671806][ T7402] loop0: detected capacity change from 0 to 512
[  223.716787][ T7397] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000070000 r/w without journal. Quota mode: writeback.
[  223.741459][ T7402] EXT4-fs: Ignoring removed mblk_io_submit option
[  223.906454][ T7402] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.965963][ T7402] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.156659][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000070000.
[  224.506231][   T30] audit: type=1800 audit(1765354673.814:16): pid=7409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.415" name="bus" dev="loop0" ino=18 res=0 errno=0
[  224.598333][   T30] audit: type=1804 audit(1765354673.814:17): pid=7402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.415" name="/newroot/81/file1/bus" dev="loop0" ino=18 res=1 errno=0
[  225.431350][   T30] audit: type=1800 audit(1765354673.814:18): pid=7402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.415" name="bus" dev="loop0" ino=18 res=0 errno=0
[  225.483928][ T5827] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.800599][ T7420] loop0: detected capacity change from 0 to 8
[  227.162080][ T7439] loop3: detected capacity change from 0 to 1024
[  227.292738][ T7441] loop2: detected capacity change from 0 to 256
[  227.347702][ T7441] vfat: Unknown parameter 'süPxc6©×³hortname'
[  227.437146][ T7443] loop0: detected capacity change from 0 to 2048
[  227.522429][ T7443] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  227.828390][ T3482] wlan1: Trigger new scan to find an IBSS to join
[  229.554561][ T3482] wlan1: Creating new IBSS network, BSSID e6:93:6b:4a:9b:d6
[  229.722017][ T7476] loop3: detected capacity change from 0 to 512
[  229.730308][ T7476] EXT4-fs: Ignoring removed i_version option
[  229.762606][ T7476] EXT4-fs: Ignoring removed bh option
[  229.838489][ T7476] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.887752][ T7476] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  230.010314][ T7482] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  230.016948][ T7482] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  230.048723][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.068844][ T7482] vhci_hcd vhci_hcd.0: Device attached
[  230.159106][ T7483] vhci_hcd: connection closed
[  230.163142][  T147] vhci_hcd vhci_hcd.1: stop threads
[  230.265912][  T147] vhci_hcd vhci_hcd.1: release socket
[  230.276452][  T147] vhci_hcd vhci_hcd.1: disconnect device
[  230.416685][ T7486] loop3: detected capacity change from 0 to 16
[  230.443250][ T7486] erofs (device loop3): mounted with root inode @ nid 36.
[  230.487179][ T7486] erofs (device loop3): readahead error at folio 2 @ nid 89
[  230.538660][ T7486] syz.3.454: attempt to access beyond end of device
[  230.538660][ T7486] loop3: rw=524288, sector=524296, nr_sectors = 8 limit=16
[  230.587264][ T7486] erofs (device loop3): failed to decompress (lz4) -117 @ pa 4096 size 4096 => 4096
[  230.627766][ T7486] erofs (device loop3): read error -117 @ 0 of nid 89
[  230.640501][   T30] audit: type=1800 audit(1765354679.944:19): pid=7486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.454" name="file2" dev="loop3" ino=89 res=0 errno=0
[  232.657742][   T30] audit: type=1326 audit(1765354681.964:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7531 comm="syz.3.468" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fef4178f749 code=0x0
[  234.351676][ T7547] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  234.361521][ T7547] TCP: tcp_parse_options: Illegal window scaling value 64 > 14 received
[  234.376248][ T7549] loop4: detected capacity change from 0 to 512
[  234.383338][ T7549] EXT4-fs: Ignoring removed oldalloc option
[  234.486777][ T7549] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  234.633830][ T7549] EXT4-fs (loop4): 1 truncate cleaned up
[  234.683470][ T7558] loop2: detected capacity change from 0 to 1024
[  234.707576][ T7549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.754153][ T7558] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.792401][ T7561] loop1: detected capacity change from 0 to 128
[  234.804470][ T7549] EXT4-fs warning (device loop4): ext4_group_extend:1886: will only finish group (8193 blocks, 7937 new)
[  234.841810][ T7561] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  234.873970][ T7549] EXT4-fs warning (device loop4): ext4_group_extend:1891: can't read last block, resize aborted
[  234.942531][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.961529][ T7561] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.032722][ T7566] loop3: detected capacity change from 0 to 128
[  235.063031][ T7566] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  235.107672][ T7566] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  235.142979][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.168672][ T3482] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  235.225938][ T5828] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  236.456737][ T7596] loop3: detected capacity change from 0 to 512
[  236.479926][ T7596] EXT4-fs: Ignoring removed bh option
[  236.506083][ T7596] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  236.530005][ T7596] EXT4-fs (loop3): 1 truncate cleaned up
[  236.555639][ T7596] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.675834][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.733110][ T7600] loop3: detected capacity change from 0 to 128
[  236.743006][ T7600] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  236.757689][ T7600] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  236.999995][ T7605] loop4: detected capacity change from 0 to 512
[  237.024145][ T7605] EXT4-fs (loop4): 1 truncate cleaned up
[  237.045619][ T7609] syz.3.492 uses obsolete (PF_INET,SOCK_PACKET)
[  237.058602][ T7605] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.048227][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.107126][ T7632] binder: 7623:7632 ioctl 400c620e 0 returned -14
[  240.134170][ T7637] loop0: detected capacity change from 0 to 8
[  240.394974][ T6439] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  240.534963][ T6439] usb 3-1: device descriptor read/64, error -71
[  240.789177][ T6439] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  241.005078][ T6439] usb 3-1: device descriptor read/64, error -71
[  241.155324][ T6439] usb usb3-port1: attempt power cycle
[  241.315023][   T39] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  241.469047][   T39] usb 2-1: Using ep0 maxpacket: 16
[  241.485765][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  241.501325][   T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  241.513680][   T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  241.531311][ T6439] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  241.539393][   T39] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  241.568116][ T6439] usb 3-1: device descriptor read/8, error -71
[  241.578874][   T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.595797][   T39] usb 2-1: config 0 descriptor??
[  241.815050][ T6439] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  241.846476][ T6439] usb 3-1: device descriptor read/8, error -71
[  241.899397][ T7678] loop4: detected capacity change from 0 to 512
[  242.100583][ T7678] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.162162][ T6439] usb usb3-port1: unable to enumerate USB device
[  242.171702][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.188898][   T39] microsoft 0003:045E:07DA.0003: ignoring exceeding usage max
[  242.198840][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.206361][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.213606][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.221312][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.228864][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.236366][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.248563][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.256233][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.265207][   T39] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  242.274869][   T39] microsoft 0003:045E:07DA.0003: unsupported Resolution Multiplier 0
[  242.334319][   T39] microsoft 0003:045E:07DA.0003: unsupported Resolution Multiplier 0
[  242.353480][   T39] microsoft 0003:045E:07DA.0003: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  242.385822][ T7684] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  242.398435][   T39] microsoft 0003:045E:07DA.0003: no inputs found
[  242.404813][   T39] microsoft 0003:045E:07DA.0003: could not initialize ff, continuing anyway
[  242.497226][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.594344][ T6118] usb 2-1: USB disconnect, device number 4
[  242.725570][ T7689] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  242.756689][   T39] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  242.936918][   T39] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.956987][   T39] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  242.980292][   T39] usb 4-1: config 0 interface 0 has no altsetting 0
[  243.008309][   T39] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  243.037742][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.063816][   T39] usb 4-1: config 0 descriptor??
[  243.590483][ T5838] Bluetooth: Wrong link type (-71)
[  243.591557][   T39] input: HID 054c:03d5 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:054C:03D5.0004/input/input9
[  243.926848][ T7703] loop4: detected capacity change from 0 to 1024
[  244.105345][ T7703] EXT4-fs: Ignoring removed nobh option
[  244.436177][   T39] sony 0003:054C:03D5.0004: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.3-1/input0
[  244.478392][   T39] usb 4-1: USB disconnect, device number 3
[  244.510405][ T7703] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  244.614587][ T6118] kernel read not supported for file /vcs (pid: 6118 comm: kworker/0:8)
[  244.625000][ T7703] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.787322][ T7712] fido_id[7712]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  245.054217][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  245.908443][ T7736] loop2: detected capacity change from 0 to 128
[  245.951805][ T7736] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  246.006296][ T7736] ext4 filesystem being mounted at /90/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  246.290606][ T5838] Bluetooth: Wrong link type (-71)
[  246.392919][ T7748] loop3: detected capacity change from 0 to 128
[  246.545668][ T7748] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  246.578575][ T7748] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  246.930858][ T7747] loop0: detected capacity change from 0 to 1024
[  246.981349][ T7747] ext4: Unknown parameter 'seclabel'
[  247.073556][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  247.272997][ T5831] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  248.140641][ T7758] loop1: detected capacity change from 0 to 256
[  248.175957][ T7758] exfat: Deprecated parameter 'utf8'
[  248.211676][ T7760] loop3: detected capacity change from 0 to 128
[  248.219506][ T7758] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001043e, chksum : 0xdd084882, utbl_chksum : 0xe619d30d)
[  248.275146][ T7760] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  249.481085][ T7772] netlink: 76 bytes leftover after parsing attributes in process `syz.2.543'.
[  250.548384][ T5838] Bluetooth: Wrong link type (-71)
[  251.604522][ T7800] loop0: detected capacity change from 0 to 256
[  251.620958][ T7802] loop4: detected capacity change from 0 to 16
[  251.629624][ T7802] erofs (device loop4): unidentified incompatible feature 100000, please upgrade kernel
[  251.642333][ T7800] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ab87c, utbl_chksum : 0xe619d30d)
[  251.818078][ T7810] loop2: detected capacity change from 0 to 128
[  251.833154][ T7811] loop3: detected capacity change from 0 to 512
[  251.879512][ T7810] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  251.971958][ T7811] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.987281][ T7811] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  252.220890][ T7819] loop0: detected capacity change from 0 to 64
[  252.553701][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.073690][ T7839] loop3: detected capacity change from 0 to 512
[  253.104110][ T7839] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  253.142852][ T7841] rtc_cmos 00:00: Alarms can be up to one day in the future
[  254.812419][ T7856] loop2: detected capacity change from 0 to 128
[  255.076857][ T6439] rtc_cmos 00:00: Alarms can be up to one day in the future
[  255.256403][ T7856] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  255.283856][ T7856] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  255.472548][ T6439] rtc_cmos 00:00: Alarms can be up to one day in the future
[  255.485186][ T6439] rtc_cmos 00:00: Alarms can be up to one day in the future
[  255.492715][ T6439] rtc_cmos 00:00: Alarms can be up to one day in the future
[  255.504703][ T6439] rtc rtc0: __rtc_set_alarm: err=-22
[  255.769457][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  255.785095][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  255.859285][ T7872] loop0: detected capacity change from 0 to 512
[  255.876133][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  255.920683][ T7872] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  256.008107][ T7872] EXT4-fs (loop0): blocks per group (42) and clusters per group (32768) inconsistent
[  256.445598][ T7881] netlink: 76 bytes leftover after parsing attributes in process `syz.2.582'.
[  257.883334][ T7884] loop1: detected capacity change from 0 to 1024
[  257.963498][ T7891] loop3: detected capacity change from 0 to 512
[  257.972941][ T7884] EXT4-fs: Ignoring removed nomblk_io_submit option
[  258.005996][ T7891] EXT4-fs: Ignoring removed nomblk_io_submit option
[  258.058380][ T7891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.148864][ T7891] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.187624][ T7884] Quota error (device loop1): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  258.220399][ T7891] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #2: comm syz.3.588: corrupted inode contents
[  258.281420][ T7884] EXT4-fs warning (device loop1): ext4_enable_quotas:7221: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  258.315092][ T7891] EXT4-fs (loop3): Remounting filesystem read-only
[  258.340220][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.376079][ T7884] EXT4-fs (loop1): mount failed
[  258.417663][ T7899] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.455093][ T7900] mmap: syz.2.589 (7900) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  258.529830][ T7884] loop1: detected capacity change from 0 to 512
[  258.706988][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.758780][ T7884] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.900773][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.958339][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.193432][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.505062][ T5979] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  259.577520][ T6452] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  259.742281][   T13] bridge_slave_1: left allmulticast mode
[  259.754005][   T13] bridge_slave_1: left promiscuous mode
[  259.764339][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.790773][ T5979] usb 2-1: config 0 has an invalid interface number: 117 but max is 0
[  259.799978][ T5979] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  259.811041][ T5979] usb 2-1: config 0 has no interface number 0
[  259.822370][   T13] bridge_slave_0: left allmulticast mode
[  259.833184][   T13] bridge_slave_0: left promiscuous mode
[  259.839848][ T5979] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  259.861059][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.877963][ T5979] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  259.900513][ T5979] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  259.913731][ T5979] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.927525][ T5979] usb 2-1: Product: syz
[  259.937717][ T5979] usb 2-1: Manufacturer: syz
[  259.943889][ T5979] usb 2-1: SerialNumber: syz
[  259.962248][   T30] audit: type=1326 audit(1765354709.264:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7915 comm="syz.2.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f177f18f749 code=0x7fc00000
[  259.991989][ T5979] usb 2-1: config 0 descriptor??
[  260.049230][   T30] audit: type=1326 audit(1765354709.294:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7915 comm="syz.2.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f177f18f749 code=0x7fc00000
[  260.083970][   T30] audit: type=1326 audit(1765354709.294:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7915 comm="syz.2.593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f177f18f749 code=0x7fc00000
[  260.293732][ T7912] loop1: detected capacity change from 0 to 1024
[  260.393707][ T7925] netlink: 76 bytes leftover after parsing attributes in process `syz.4.596'.
[  260.568110][ T7912] hfsplus: Unknown parameter 'ÿÿÿÿ'
[  260.720883][ T5979] usbtouchscreen 2-1:0.117: probe with driver usbtouchscreen failed with error -71
[  260.898832][ T5979] usb 2-1: USB disconnect, device number 5
[  261.271943][ T7930] loop2: detected capacity change from 0 to 1024
[  261.288674][   T30] audit: type=1326 audit(1765354710.574:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.3.599" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fef4178f749 code=0x0
[  261.309567][ T7930] EXT4-fs: Ignoring removed nomblk_io_submit option
[  261.366733][ T7935] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  261.451296][ T7930] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.748769][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  261.760442][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  261.768623][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  261.778470][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  261.795436][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  261.824536][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.898830][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.945075][   T13] bond0 (unregistering): Released all slaves
[  262.577139][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.441142][ T7978] netlink: 24 bytes leftover after parsing attributes in process `syz.2.607'.
[  263.825068][ T5838] Bluetooth: hci0: command tx timeout
[  263.887329][   T13] hsr_slave_0: left promiscuous mode
[  263.917851][   T13] hsr_slave_1: left promiscuous mode
[  263.932396][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.955081][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.981528][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.007055][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.086053][   T13] veth1_macvtap: left promiscuous mode
[  264.095231][   T13] veth0_macvtap: left promiscuous mode
[  264.100954][   T13] veth1_vlan: left promiscuous mode
[  264.125237][   T13] veth0_vlan: left promiscuous mode
[  265.503317][ T8024] fuse: Bad value for 'fd'
[  265.560712][   T13] pim6reg (unregistering): left allmulticast mode
[  265.983258][ T5838] Bluetooth: hci0: command tx timeout
[  267.130517][ T8050] loop1: detected capacity change from 0 to 256
[  267.378568][ T8053] netlink: 16 bytes leftover after parsing attributes in process `syz.1.633'.
[  268.095612][ T5838] Bluetooth: hci0: command tx timeout
[  268.575703][   T13] team0 (unregistering): Port device team_slave_1 removed
[  268.627107][ T8070] netlink: 24 bytes leftover after parsing attributes in process `syz.2.631'.
[  268.644659][   T13] team0 (unregistering): Port device team_slave_0 removed
[  269.449820][ T8094] loop1: detected capacity change from 0 to 512
[  270.063328][ T7941] chnl_net:caif_netlink_parms(): no params data found
[  270.135300][ T5838] Bluetooth: hci0: command tx timeout
[  270.161123][ T8094] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.504102][ T7941] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.519069][ T7941] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.530928][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.538630][ T7941] bridge_slave_0: entered allmulticast mode
[  270.555433][ T7941] bridge_slave_0: entered promiscuous mode
[  270.567042][ T7941] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.574350][ T7941] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.581874][ T7941] bridge_slave_1: entered allmulticast mode
[  270.606796][ T7941] bridge_slave_1: entered promiscuous mode
[  270.817843][ T7941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  270.870125][ T7941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  270.963388][ T7941] team0: Port device team_slave_0 added
[  271.003260][ T7941] team0: Port device team_slave_1 added
[  271.095949][ T8135] loop1: detected capacity change from 0 to 512
[  271.106964][ T8135] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  271.127667][ T7941] batman_adv: batadv0: Adding interface: batadv_slave_0
[  271.137397][ T7941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  271.185071][ T7941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.201033][ T7941] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.205298][ T8135] EXT4-fs error (device loop1): ext4_init_orphan_info:620: comm syz.1.655: orphan file block 0: bad magic
[  271.208112][ T7941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  271.248489][ T7941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.286660][ T8135] EXT4-fs (loop1): Remounting filesystem read-only
[  271.324416][ T8135] EXT4-fs (loop1): mount failed
[  271.351430][ T7941] hsr_slave_0: entered promiscuous mode
[  271.379459][ T7941] hsr_slave_1: entered promiscuous mode
[  271.381832][ T8135] netlink: 184 bytes leftover after parsing attributes in process `syz.1.655'.
[  271.396307][ T7941] debugfs: 'hsr0' already exists in 'hsr'
[  271.403275][ T7941] Cannot create hsr debugfs directory
[  272.427968][ T8140] loop2: detected capacity change from 0 to 4096
[  272.455314][ T8140] EXT4-fs (loop2): Test dummy encryption mode enabled
[  272.499970][ T8140] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  272.525130][ T8140] System zones: 0-5
[  272.539471][ T8140] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.599719][ T8140] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  272.796723][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.062458][ T8163] netlink: 24 bytes leftover after parsing attributes in process `syz.2.660'.
[  273.107141][ T7941] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  273.149112][ T7941] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  273.197290][ T7941] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  273.219907][ T7941] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  273.467629][ T7941] 8021q: adding VLAN 0 to HW filter on device bond0
[  273.526772][ T7941] 8021q: adding VLAN 0 to HW filter on device team0
[  273.568747][ T6138] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.576034][ T6138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  273.609755][ T6138] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.616983][ T6138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.011233][ T7941] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.736547][ T7941] veth0_vlan: entered promiscuous mode
[  274.786400][ T7941] veth1_vlan: entered promiscuous mode
[  274.956875][ T7941] veth0_macvtap: entered promiscuous mode
[  275.001426][ T7941] veth1_macvtap: entered promiscuous mode
[  275.041238][ T7941] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.112600][ T7941] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.187196][ T6138] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.222086][ T6138] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.281826][ T6138] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.312669][ T6138] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.425342][ T8231] netlink: 24 bytes leftover after parsing attributes in process `syz.3.673'.
[  275.587392][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.625713][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.799785][  T682] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.819662][  T682] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.845046][ T6118] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  276.864301][ T6118] usb 2-1: Using ep0 maxpacket: 16
[  276.878271][ T6118] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  276.895075][ T6118] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  276.918940][ T6118] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  276.955742][ T6118] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.978658][ T8238] netlink: 24 bytes leftover after parsing attributes in process `syz.2.675'.
[  277.134954][ T6118] usb 2-1: Product: syz
[  277.139158][ T6118] usb 2-1: Manufacturer: syz
[  277.165197][ T6118] usb 2-1: SerialNumber: syz
[  277.374685][ T6118] usb 2-1: 0:2 : does not exist
[  277.431127][ T6118] usb 2-1: USB disconnect, device number 6
[  277.554685][ T5966] udevd[5966]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  278.554988][ T5979] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  279.945002][ T5979] usb 3-1: Using ep0 maxpacket: 16
[  280.030712][ T5979] usb 3-1: config 0 has an invalid interface number: 159 but max is 0
[  280.039464][ T5979] usb 3-1: config 0 has no interface number 0
[  280.066113][ T5979] usb 3-1: config 0 interface 159 has no altsetting 0
[  280.088071][ T5979] usb 3-1: New USB device found, idVendor=045e, idProduct=0416, bcdDevice=97.e4
[  280.098346][ T5979] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.106888][ T5979] usb 3-1: Product: syz
[  280.111141][ T5979] usb 3-1: Manufacturer: syz
[  280.121586][ T5979] usb 3-1: SerialNumber: syz
[  280.130493][ T5979] usb 3-1: config 0 descriptor??
[  280.706434][ T8278] netlink: 24 bytes leftover after parsing attributes in process `syz.4.687'.
[  280.990791][ T8256] syz.2.678 (8256) used greatest stack depth: 15136 bytes left
[  280.998942][ T5979] usb 3-1: USB disconnect, device number 10
[  282.070943][ T8287] syz_tun: entered allmulticast mode
[  282.377546][ T8287] dvmrp8: entered allmulticast mode
[  282.704637][ T8286] syz_tun: left allmulticast mode
[  285.515390][ T8319] netlink: 24 bytes leftover after parsing attributes in process `syz.1.699'.
[  285.724461][ T5838] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  289.929925][ T8375] loop2: detected capacity change from 0 to 8
[  290.061259][ T8378] loop1: detected capacity change from 0 to 64
[  290.270607][ T5838] Bluetooth: Wrong link type (-71)
[  290.741599][ T8394] netlink: 24 bytes leftover after parsing attributes in process `syz.2.715'.
[  291.029316][ T8410] netlink: 8 bytes leftover after parsing attributes in process `syz.4.718'.
[  294.513770][ T8428] loop1: detected capacity change from 0 to 1024
[  294.546077][ T8428] EXT4-fs: inline encryption not supported
[  294.566101][ T8434] loop2: detected capacity change from 0 to 512
[  294.603446][ T8434] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  294.665085][ T8428] EXT4-fs: inline encryption not supported
[  294.690415][ T8428] EXT4-fs: Ignoring removed oldalloc option
[  294.703635][ T8434] Bluetooth: MGMT ver 1.23
[  294.733703][ T8428] EXT4-fs: Ignoring removed nobh option
[  294.767763][ T8428] EXT4-fs: Ignoring removed bh option
[  294.773184][ T8428] ext4: Unknown parameter 'seclabel'
[  296.438711][ T5838] Bluetooth: Wrong link type (-71)
[  297.210919][ T8462] loop1: detected capacity change from 0 to 512
[  297.273986][ T8462] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  297.470303][ T8468] loop2: detected capacity change from 0 to 64
[  297.937800][ T8462] EXT4-fs error (device loop1): __ext4_fill_super:5553: inode #2: comm syz.1.731: inode has both inline data and extents flags
[  298.377213][ T8462] EXT4-fs (loop1): get root inode failed
[  298.427220][ T8462] EXT4-fs (loop1): mount failed
[  299.789287][ T8501] loop5: detected capacity change from 0 to 8
[  299.863117][ T8501] SQUASHFS error: Failed to read block 0x71: -5
[  299.877154][   T30] audit: type=1800 audit(1765354749.184:25): pid=8501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.738" name="file1" dev="loop5" ino=1 res=0 errno=0
[  300.674256][ T5838] Bluetooth: Wrong link type (-71)
[  301.026264][ T8519] loop5: detected capacity change from 0 to 4096
[  301.102850][ T8519] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.190335][   T30] audit: type=1800 audit(1765354750.494:26): pid=8519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.743" name="file1" dev="loop5" ino=15 res=0 errno=0
[  302.358747][ T7941] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.542607][ T8537] loop2: detected capacity change from 0 to 2048
[  302.722434][ T8537] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  302.786848][   T30] audit: type=1800 audit(1765354752.094:27): pid=8537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.746" name="bus" dev="loop2" ino=1436 res=0 errno=0
[  303.095633][ T8551] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  303.173774][ T8552] 9p: Bad value for 'wfdno'
[  304.411738][ T8561] loop1: detected capacity change from 0 to 2048
[  304.426143][ T8561] EXT4-fs: Ignoring removed bh option
[  304.609222][ T8561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.753252][ T8579] loop5: detected capacity change from 0 to 512
[  304.897054][ T8579] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.931072][ T8561] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  304.969666][ T8561] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 28
[  304.998801][ T8561] EXT4-fs (loop1): This should not happen!! Data will be lost
[  304.998801][ T8561] 
[  305.022060][ T8561] EXT4-fs (loop1): Total free blocks count 0
[  305.043314][ T8561] EXT4-fs (loop1): Free/Dirty block details
[  305.054515][ T8561] EXT4-fs (loop1): free_blocks=2415919104
[  305.399858][ T8561] EXT4-fs (loop1): dirty_blocks=16
[  305.421206][ T8579] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.471414][ T8561] EXT4-fs (loop1): Block reservation details
[  305.493893][ T8579] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.549982][ T8579] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #2: comm syz.5.754: corrupted inode contents
[  305.569639][ T8561] EXT4-fs (loop1): i_reserved_data_blocks=1
[  305.644991][ T8584] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[  305.659051][ T8579] EXT4-fs (loop5): Remounting filesystem read-only
[  305.701006][ T8579] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.728000][ T6138] Quota error (device loop5): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  306.137272][ T5838] Bluetooth: Wrong link type (-71)
[  308.855581][ T8607] loop1: detected capacity change from 0 to 256
[  308.948921][ T8607] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  309.050687][ T8613] netlink: 12 bytes leftover after parsing attributes in process `syz.5.765'.
[  309.122618][ T8607] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  309.185811][ T8607] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  309.243165][ T8607] exFAT-fs (loop1): failed to load alloc-bitmap
[  309.340247][ T8607] exFAT-fs (loop1): failed to recognize exfat type
[  310.977735][ T8639] 9p: Bad value for 'rfdno'
[  312.702769][ T8645] loop2: detected capacity change from 0 to 2048
[  313.009935][ T8645]  loop2: unable to read partition table
[  313.025353][ T8645] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[  313.413175][ T8652] netlink: 'syz.2.775': attribute type 1 has an invalid length.
[  316.692987][ T8676] netlink: 140 bytes leftover after parsing attributes in process `syz.4.782'.
[  317.439129][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  317.449316][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  317.457143][ T8676] netlink: 'syz.4.782': attribute type 1 has an invalid length.
[  317.488501][ T8676] netlink: 84 bytes leftover after parsing attributes in process `syz.4.782'.
[  318.688112][ T8687] loop1: detected capacity change from 0 to 512
[  319.277284][ T8687] EXT4-fs (loop1): Test dummy encryption mode enabled
[  319.305000][ T8687] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #11: comm syz.1.784: iget: bad extra_isize 31 (inode size 256)
[  319.318281][ T8687] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.784: couldn't read orphan inode 11 (err -117)
[  319.333746][ T8687] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.427402][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.064777][ T8718] loop2: detected capacity change from 0 to 1024
[  322.850943][ T8718] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  323.005003][ T8718] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  323.065722][ T8718] EXT4-fs (loop2): invalid journal inode
[  323.095116][ T8718] EXT4-fs (loop2): can't get journal size
[  323.119763][ T8718] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  323.296734][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.765061][  T848] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  325.074908][  T848] usb 3-1: Using ep0 maxpacket: 16
[  325.085777][  T848] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  325.095083][  T848] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  325.106473][  T848] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  325.149928][  T848] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  325.163811][  T848] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.172409][  T848] usb 3-1: Product: syz
[  325.177935][  T848] usb 3-1: Manufacturer: syz
[  325.182735][  T848] usb 3-1: SerialNumber: syz
[  325.413523][  T848] usb 3-1: 0:2 : does not exist
[  325.431072][  T848] usb 3-1: unit 6 not found!
[  325.478809][  T848] usb 3-1: USB disconnect, device number 11
[  325.570619][ T5966] udevd[5966]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  325.740914][ T8764] loop1: detected capacity change from 0 to 8
[  325.785425][ T8764] SQUASHFS error: Failed to read block 0x71: -5
[  325.795679][   T30] audit: type=1800 audit(1765354778.101:28): pid=8764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.815" name="file1" dev="loop1" ino=1 res=0 errno=0
[  325.843446][ T8765] netlink: 'syz.4.814': attribute type 4 has an invalid length.
[  329.790725][ T6367] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  329.955239][ T6367] usb 3-1: Using ep0 maxpacket: 16
[  329.963430][ T6367] usb 3-1: config 0 has an invalid interface number: 159 but max is 0
[  329.987997][ T6367] usb 3-1: config 0 has no interface number 0
[  330.013055][ T6367] usb 3-1: config 0 interface 159 has no altsetting 0
[  330.057324][ T6367] usb 3-1: New USB device found, idVendor=045e, idProduct=0416, bcdDevice=97.e4
[  330.074731][ T6367] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.099099][ T6367] usb 3-1: Product: syz
[  330.120788][ T6367] usb 3-1: Manufacturer: syz
[  330.131448][ T6367] usb 3-1: SerialNumber: syz
[  330.158892][ T6367] usb 3-1: config 0 descriptor??
[  332.342493][ T8819] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  332.723077][ T8830] netlink: 76 bytes leftover after parsing attributes in process `syz.4.835'.
[  334.283595][   T10] usb 3-1: USB disconnect, device number 12
[  339.270121][ T8885] loop2: detected capacity change from 0 to 8192
[  343.797794][ T8944] loop2: detected capacity change from 0 to 512
[  343.968693][ T8944] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0002]
[  343.977212][ T8944] System zones: 1-12
[  343.984029][ T8944] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.872: error while reading EA inode 32 err=-116
[  343.998498][ T8944] EXT4-fs (loop2): Remounting filesystem read-only
[  344.577386][ T8944] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[  344.745016][ T8944] EXT4-fs (loop2): 1 orphan inode deleted
[  344.782476][ T8944] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.811662][ T8952] lo: entered promiscuous mode
[  344.817399][ T8952] lo: entered allmulticast mode
[  345.579861][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.197747][ T9015] loop1: detected capacity change from 0 to 1024
[  350.225816][ T9015] EXT4-fs: Ignoring removed orlov option
[  350.255788][ T9015] EXT4-fs (loop1): cluster size (1024) smaller than block size (2048)
[  352.860487][ T9041] loop1: detected capacity change from 0 to 1024
[  353.179055][ T9041] hfsplus: can't free extent: start 2889, count 1
[  354.523681][ T9056] loop2: detected capacity change from 0 to 64
[  355.039571][ T9061] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  355.188561][ T9061] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  356.875810][ T9069] loop2: detected capacity change from 0 to 2048
[  357.664527][ T9069] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  357.986996][ T9083] netlink: 76 bytes leftover after parsing attributes in process `syz.4.915'.
[  358.614952][   T10] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  358.845918][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  358.894437][   T10] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  358.925087][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.937891][   T10] usb 3-1: config 0 descriptor??
[  358.943611][ T9069] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  359.480900][   T10] elan 0003:04F3:0755.0005: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0
[  359.711173][   T10] usb 3-1: USB disconnect, device number 13
[  359.793828][ T9099] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  359.869199][ T9100] 9p: Bad value for 'wfdno'
[  361.445679][   T24] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  362.068180][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  362.124129][   T24] usb 2-1: New USB device found, idVendor=1b96, idProduct=0001, bcdDevice= 0.00
[  362.154680][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.196634][   T24] usb 2-1: config 0 descriptor??
[  362.248596][ T9112] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  362.509339][ T9116] loop2: detected capacity change from 0 to 131072
[  362.517309][ T9116] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  362.525512][ T9116] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  362.546028][ T9116] F2FS-fs (loop2): invalid crc value
[  362.616900][ T9116] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  362.631525][ T9116] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  362.639436][ T9116] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  362.911104][   T24] ntrig 0003:1B96:0001.0006: hidraw0: USB HID v0.06 Device [HID 1b96:0001] on usb-dummy_hcd.1-1/input0
[  363.785423][ T9128] netlink: 76 bytes leftover after parsing attributes in process `syz.3.927'.
[  363.987662][   T24] usb 2-1: USB disconnect, device number 7
[  364.298587][ T9131] fido_id[9131]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  364.704497][ T9143] loop1: detected capacity change from 0 to 512
[  364.817982][ T9143] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.836896][ T9143] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  365.077101][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.596038][ T9160] loop2: detected capacity change from 0 to 512
[  366.155917][ T9160] journal_path: Non-blockdev passed as './file1'
[  366.264956][ T9160] EXT4-fs: error: could not find journal device path
[  369.503464][ T9193] loop1: detected capacity change from 0 to 1024
[  369.681104][  T147] hfsplus: b-tree write err: -5, ino 4
[  370.166297][ T9202] loop1: detected capacity change from 0 to 164
[  370.230508][ T9202] rock: directory entry would overflow storage
[  370.252330][ T9202] rock: sig=0x4543, size=28, remaining=18
[  370.267969][ T9208] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  371.805647][ T9217] loop2: detected capacity change from 0 to 131072
[  371.821561][ T9217] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  371.829741][ T9217] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  371.845077][ T9217] F2FS-fs (loop2): invalid crc value
[  371.919608][ T9217] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  371.947182][ T9217] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  371.954363][ T9217] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  372.130006][   T30] audit: type=1326 audit(1765354827.435:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  372.717173][   T30] audit: type=1326 audit(1765354827.435:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  372.765919][   T30] audit: type=1326 audit(1765354827.435:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  372.951643][   T30] audit: type=1326 audit(1765354827.435:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  373.118545][   T30] audit: type=1326 audit(1765354827.435:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  373.154993][   T30] audit: type=1326 audit(1765354827.435:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  373.254925][   T30] audit: type=1326 audit(1765354827.435:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  373.306589][   T30] audit: type=1326 audit(1765354827.435:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  373.366584][   T30] audit: type=1326 audit(1765354827.435:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  373.676875][   T30] audit: type=1326 audit(1765354827.435:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9232 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f1c9678f749 code=0x7ffc0000
[  374.622824][ T9251] netlink: 76 bytes leftover after parsing attributes in process `syz.2.959'.
[  375.210974][ T9258] loop1: detected capacity change from 0 to 128
[  375.803510][ T9260] netlink: 156 bytes leftover after parsing attributes in process `syz.4.962'.
[  375.931542][ T9258] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  375.963894][ T9258] ext4 filesystem being mounted at /197/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  376.233042][ T9265] loop2: detected capacity change from 0 to 2048
[  376.240564][ T9265] EXT4-fs: inline encryption not supported
[  376.299405][ T9267] netlink: 8 bytes leftover after parsing attributes in process `syz.4.964'.
[  376.347611][ T9267] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.355002][ T9267] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.416298][ T9265] EXT4-fs (loop2): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.473306][ T5828] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  377.616511][ T5840] EXT4-fs (loop2): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  378.530232][ T9287] loop1: detected capacity change from 0 to 32768
[  378.548663][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  378.557585][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  378.623162][ T8837]  loop1: p1 p3 < >
[  378.691112][ T9287]  loop1: p1 p3 < >
[  380.729378][ T9103] udevd[9103]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  381.263438][ T8837] udevd[8837]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  381.408523][ T9103] udevd[9103]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  381.426372][ T8837] udevd[8837]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  383.119302][ T9333] pim6reg: entered allmulticast mode
[  383.927148][ T9339] loop2: detected capacity change from 0 to 131072
[  383.954665][ T9339] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  383.962862][ T9339] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  383.971941][ T9339] F2FS-fs (loop2): invalid crc value
[  384.015274][ T9339] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  384.032652][ T9339] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  384.039847][ T9339] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  385.573957][ T9361] loop1: detected capacity change from 0 to 256
[  385.738585][ T5843] Bluetooth: hci0: command 0x0406 tx timeout
[  385.901845][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  385.901863][   T30] audit: type=1800 audit(1765354841.125:77): pid=9361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.992" name="bus" dev="loop1" ino=1048631 res=0 errno=0
[  385.904101][ T5828] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  386.150297][ T5828] FAT-fs (loop1): Filesystem has been set read-only
[  386.176040][ T5828] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  387.322706][  T682] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.454789][  T682] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.599409][  T682] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.695102][ T9374] loop2: detected capacity change from 0 to 32768
[  387.765471][  T682] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  387.916755][ T9374] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  387.992500][ T9374] XFS (loop2): Ending clean mount
[  388.025042][ T9374] XFS (loop2): Quotacheck needed: Please wait.
[  388.110023][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  388.120889][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  388.129248][ T5843] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  388.137701][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  388.147350][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  388.301213][ T9374] XFS (loop2): Quotacheck: Done.
[  388.330639][  T682] bridge_slave_1: left allmulticast mode
[  388.337195][  T682] bridge_slave_1: left promiscuous mode
[  388.345848][  T682] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.925659][  T682] bridge_slave_0: left allmulticast mode
[  388.931335][  T682] bridge_slave_0: left promiscuous mode
[  389.015063][  T682] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.226806][ T5838] Bluetooth: hci1: command tx timeout
[  391.088826][ T5840] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  392.069023][  T682] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  392.547491][ T9443] loop2: detected capacity change from 0 to 131072
[  392.555634][ T5838] Bluetooth: hci1: command tx timeout
[  392.570096][ T9443] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  392.578252][ T9443] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  392.589194][ T9443] F2FS-fs (loop2): invalid crc value
[  392.589550][  T682] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  392.807835][ T9443] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  392.818734][ T9443] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  392.825871][ T9443] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  392.835889][  T682] bond0 (unregistering): Released all slaves
[  394.263236][ T9464] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1017'.
[  395.101368][ T5838] Bluetooth: hci1: command tx timeout
[  395.589166][  T682] hsr_slave_0: left promiscuous mode
[  395.603469][  T682] hsr_slave_1: left promiscuous mode
[  395.618842][  T682] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  395.634784][  T682] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.653120][  T682] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  395.671391][  T682] batman_adv: batadv0: Removing interface: batadv_slave_1
[  395.722985][  T682] veth1_macvtap: left promiscuous mode
[  395.737710][  T682] veth0_macvtap: left promiscuous mode
[  395.985321][  T682] pim6reg (unregistering): left allmulticast mode
[  397.191958][ T5838] Bluetooth: hci1: command tx timeout
[  398.502987][  T682] team0 (unregistering): Port device team_slave_1 removed
[  398.590855][  T682] team0 (unregistering): Port device team_slave_0 removed
[  399.873083][ T9530] loop2: detected capacity change from 0 to 128
[  400.191638][ T9530] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  400.229022][ T9530] ext4 filesystem being mounted at /189/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  400.619101][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  401.795132][ T9397] chnl_net:caif_netlink_parms(): no params data found
[  403.166647][ T9397] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.184374][ T9397] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.205191][ T9397] bridge_slave_0: entered allmulticast mode
[  403.213007][ T9397] bridge_slave_0: entered promiscuous mode
[  403.248455][ T9397] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.272057][ T9397] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.295619][ T9397] bridge_slave_1: entered allmulticast mode
[  403.315139][ T9397] bridge_slave_1: entered promiscuous mode
[  403.442762][ T9397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  403.563106][ T9397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  403.883824][ T9397] team0: Port device team_slave_0 added
[  403.904312][ T9397] team0: Port device team_slave_1 added
[  404.052968][ T9397] batman_adv: batadv0: Adding interface: batadv_slave_0
[  404.072688][ T9397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  404.124995][ T9397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  404.157469][ T9397] batman_adv: batadv0: Adding interface: batadv_slave_1
[  404.164449][ T9397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  404.203225][ T9397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  404.211713][ T9579] loop2: detected capacity change from 0 to 8192
[  404.336584][ T9397] hsr_slave_0: entered promiscuous mode
[  404.343923][ T9397] hsr_slave_1: entered promiscuous mode
[  404.355873][ T9397] debugfs: 'hsr0' already exists in 'hsr'
[  404.376090][ T9397] Cannot create hsr debugfs directory
[  406.415016][ T9397] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  406.480976][ T9397] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  406.529041][ T9397] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  406.576527][ T9397] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  406.628120][ T9621] loop2: detected capacity change from 0 to 8192
[  406.948455][ T9397] 8021q: adding VLAN 0 to HW filter on device bond0
[  407.039248][ T9397] 8021q: adding VLAN 0 to HW filter on device team0
[  407.080295][ T6452] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.087554][ T6452] bridge0: port 1(bridge_slave_0) entered forwarding state
[  407.149540][ T3482] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.156837][ T3482] bridge0: port 2(bridge_slave_1) entered forwarding state
[  408.762478][ T9397] 8021q: adding VLAN 0 to HW filter on device batadv0
[  410.674021][ T9397] veth0_vlan: entered promiscuous mode
[  411.078465][ T9397] veth1_vlan: entered promiscuous mode
[  411.150542][ T9397] veth0_macvtap: entered promiscuous mode
[  411.161023][ T9397] veth1_macvtap: entered promiscuous mode
[  411.182817][ T9397] batman_adv: batadv0: Interface activated: batadv_slave_0
[  411.194784][ T9397] batman_adv: batadv0: Interface activated: batadv_slave_1
[  411.277127][ T6177] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  411.324542][ T6177] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  411.483173][ T6177] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  411.516858][ T6177] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  412.282031][  T682] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  412.290802][  T682] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  412.377695][ T6202] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  412.399733][ T6202] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  413.341507][ T9709] loop2: detected capacity change from 0 to 131072
[  413.803358][ T9720] loop6: detected capacity change from 0 to 131072
[  413.823502][ T9709] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  413.831653][ T9709] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  413.863344][ T9709] F2FS-fs (loop2): invalid crc value
[  413.871486][ T9720] F2FS-fs (loop6): Wrong CP boundary, start(512) end(1536) blocks(0)
[  413.881534][ T9720] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  413.894103][ T9720] F2FS-fs (loop6): invalid crc value
[  414.019157][ T9720] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  414.046805][ T9720] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  414.053928][ T9720] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  414.093344][ T9709] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  414.180913][ T9709] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  414.188055][ T9709] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  417.318780][ T9767] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1087'.
[  420.232668][ T9800] loop2: detected capacity change from 0 to 512
[  420.306098][ T9800] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  420.429848][ T9810] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1096'.
[  421.622307][ T9842] loop6: detected capacity change from 0 to 512
[  422.164532][ T9842] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.220011][ T9842] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  423.068830][ T9397] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.485517][ T9933] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1128'.
[  429.719690][ T9930] loop2: detected capacity change from 0 to 8192
[  431.066356][ T9953] loop2: detected capacity change from 0 to 8
[  431.450752][ T9963] xt_TCPMSS: Only works on TCP SYN packets
[  432.113236][ T9968] loop6: detected capacity change from 0 to 8
[  432.385743][ T9973] loop2: detected capacity change from 0 to 256
[  432.517702][   T30] audit: type=1800 audit(1765354887.825:78): pid=9973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1139" name="bus" dev="loop2" ino=1048643 res=0 errno=0
[  432.560092][ T5840] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  433.196191][ T5840] FAT-fs (loop2): Filesystem has been set read-only
[  433.219482][ T5840] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  434.020244][  T682] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.291194][  T682] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.498777][  T682] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.538971][T10003] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1147'.
[  434.688348][  T682] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.731746][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  434.743612][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  434.756012][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  434.764127][ T5843] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  434.771962][ T5843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  434.815856][T10006] mac80211_hwsim hwsim14 wlan0: entered promiscuous mode
[  434.833309][T10006] mac80211_hwsim hwsim14 wlan0: entered allmulticast mode
[  437.120450][ T5838] Bluetooth: hci4: command tx timeout
[  437.269016][  T682] bridge_slave_1: left allmulticast mode
[  437.274970][  T682] bridge_slave_1: left promiscuous mode
[  437.280790][  T682] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.326364][  T682] bridge_slave_0: left allmulticast mode
[  437.360585][  T682] bridge_slave_0: left promiscuous mode
[  437.386550][  T682] bridge0: port 1(bridge_slave_0) entered disabled state
[  439.175070][ T5838] Bluetooth: hci4: command tx timeout
[  439.314535][  T682] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  439.327001][  T682] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  439.339677][  T682] bond0 (unregistering): Released all slaves
[  439.981145][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  439.989761][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  440.324232][T10064] xt_TCPMSS: Only works on TCP SYN packets
[  440.792502][T10007] chnl_net:caif_netlink_parms(): no params data found
[  441.047764][  T682] hsr_slave_0: left promiscuous mode
[  441.074958][  T682] hsr_slave_1: left promiscuous mode
[  441.095281][  T682] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  441.116849][  T682] batman_adv: batadv0: Removing interface: batadv_slave_0
[  441.151204][  T682] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  441.172818][T10075] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1160'.
[  441.226320][  T682] batman_adv: batadv0: Removing interface: batadv_slave_1
[  441.256926][ T5843] Bluetooth: hci4: command tx timeout
[  441.514366][  T682] veth1_macvtap: left promiscuous mode
[  441.524737][  T682] veth0_macvtap: left promiscuous mode
[  441.556681][  T682] veth1_vlan: left promiscuous mode
[  441.577640][T10080] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1162'.
[  441.590297][  T682] veth0_vlan: left promiscuous mode
[  442.539502][  T682] pim6reg (unregistering): left allmulticast mode
[  443.148573][  T682] team0 (unregistering): Port device team_slave_1 removed
[  443.184723][  T682] team0 (unregistering): Port device team_slave_0 removed
[  443.344981][ T5843] Bluetooth: hci4: command tx timeout
[  444.966600][T10007] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.227114][T10007] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.371457][T10007] bridge_slave_0: entered allmulticast mode
[  445.380723][T10007] bridge_slave_0: entered promiscuous mode
[  445.406515][T10007] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.450220][T10007] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.969152][T10007] bridge_slave_1: entered allmulticast mode
[  445.986680][T10007] bridge_slave_1: entered promiscuous mode
[  446.076829][T10007] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  446.116376][T10007] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.344196][T10007] team0: Port device team_slave_0 added
[  446.369471][T10007] team0: Port device team_slave_1 added
[  446.522307][T10007] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.545357][T10007] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  446.607057][T10007] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  446.640291][T10007] batman_adv: batadv0: Adding interface: batadv_slave_1
[  446.654835][T10007] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  446.724278][T10007] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  446.741301][T10149] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1181'.
[  446.782468][T10150] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1180'.
[  447.213140][T10007] hsr_slave_0: entered promiscuous mode
[  447.347404][T10007] hsr_slave_1: entered promiscuous mode
[  447.353674][T10007] debugfs: 'hsr0' already exists in 'hsr'
[  447.361888][T10007] Cannot create hsr debugfs directory
[  450.750234][T10174] loop6: detected capacity change from 0 to 32768
[  450.798590][T10007] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  451.557253][T10007] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  451.665584][T10007] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  452.039504][T10007] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  452.985904][T10209] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1194'.
[  453.113901][T10007] 8021q: adding VLAN 0 to HW filter on device bond0
[  453.182997][T10007] 8021q: adding VLAN 0 to HW filter on device team0
[  453.215965][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.223196][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  453.276297][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.283541][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  454.865345][T10007] 8021q: adding VLAN 0 to HW filter on device batadv0
[  455.962674][T10269] netlink: 1688 bytes leftover after parsing attributes in process `syz.5.1206'.
[  457.361071][T10007] veth0_vlan: entered promiscuous mode
[  457.946664][T10007] veth1_vlan: entered promiscuous mode
[  458.043486][T10007] veth0_macvtap: entered promiscuous mode
[  458.054452][T10007] veth1_macvtap: entered promiscuous mode
[  458.174263][T10007] batman_adv: batadv0: Interface activated: batadv_slave_0
[  458.238015][T10007] batman_adv: batadv0: Interface activated: batadv_slave_1
[  458.305197][T10299] fuse: Bad value for 'fd'
[  458.357079][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  458.407588][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  458.479392][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  458.508049][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  458.542834][T10306] netlink: 1688 bytes leftover after parsing attributes in process `syz.4.1216'.
[  458.694334][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  458.715197][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  458.795975][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  458.811819][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  460.285525][T10329] loop7: detected capacity change from 0 to 2048
[  460.997634][T10329] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  461.312497][T10007] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.341441][T10341] loop6: detected capacity change from 0 to 512
[  461.350130][T10341] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  461.361289][T10341] EXT4-fs (loop6): invalid journal inode
[  461.367067][T10341] EXT4-fs (loop6): can't get journal size
[  461.417333][T10341] EXT4-fs error (device loop6): ext4_protect_reserved_inode:182: inode #2: comm syz.6.1223: blocks 6-6 from inode overlap system zone
[  461.432837][T10341] EXT4-fs (loop6): failed to initialize system zone (-117)
[  461.440485][T10341] EXT4-fs (loop6): mount failed
[  462.762011][T10352] fuse: Unknown parameter 'use00000000000000000000'
[  464.554625][T10372] loop7: detected capacity change from 0 to 1764
[  465.175342][T10374] loop6: detected capacity change from 0 to 2048
[  465.237690][T10374] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  465.354938][   T30] audit: type=1800 audit(1765354920.645:79): pid=10374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1233" name="bus" dev="loop6" ino=1436 res=0 errno=0
[  465.565224][T10381] netlink: 666 bytes leftover after parsing attributes in process `syz.7.1234'.
[  465.630169][T10383] Illegal XDP return value 4294967294 on prog  (id 191) dev N/A, expect packet loss!
[  467.206740][T10396] fuse: Unknown parameter 'use00000000000000000000'
[  467.626394][T10403] loop7: detected capacity change from 0 to 2048
[  468.868065][T10439] loop6: detected capacity change from 0 to 164
[  469.067938][T10439] Unable to read rock-ridge attributes
[  470.349061][T10441] loop7: detected capacity change from 0 to 32768
[  473.614046][T10462] loop6: detected capacity change from 0 to 8192
[  474.998701][T10485] loop6: detected capacity change from 0 to 2048
[  475.694894][ T5872] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  476.427385][ T5872] usb 8-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  476.474850][ T5872] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.526131][ T5872] usb 8-1: config 0 descriptor??
[  477.375362][ T5872] usb 8-1: Cannot set autoneg
[  477.381568][ T5872] MOSCHIP usb-ethernet driver 8-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  477.448242][ T5872] usb 8-1: USB disconnect, device number 2
[  479.225965][T10536] loop6: detected capacity change from 0 to 8192
[  480.212194][T10557] loop6: detected capacity change from 0 to 128
[  480.297118][T10557] syz.6.1273: attempt to access beyond end of device
[  480.297118][T10557] loop6: rw=2049, sector=138, nr_sectors = 112 limit=128
[  480.336999][T10557] syz.6.1273: attempt to access beyond end of device
[  480.336999][T10557] loop6: rw=8390657, sector=142, nr_sectors = 2 limit=128
[  480.350974][T10557] Buffer I/O error on dev loop6, logical block 71, lost async page write
[  482.439474][T10585] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1282'.
[  483.916123][T10605] binder: 10604:10605 unknown command 0
[  483.921696][T10605] binder: 10604:10605 ioctl c0306201 200000000080 returned -22
[  484.255117][T10612] loop6: detected capacity change from 0 to 128
[  484.405423][T10612] loop6: detected capacity change from 128 to 64
[  484.543344][ T9397] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  484.564830][ T9397] FAT-fs (loop6): Filesystem has been set read-only
[  484.787147][ T9397] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  485.511729][T10623] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  485.519209][T10623] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  485.926931][ T6099] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.180586][ T6099] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.587394][ T6099] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.483725][ T6099] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.560306][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  488.572972][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  488.582439][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  488.600968][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  488.608674][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  489.106690][T10651] cgroup: Unknown subsys name 'cpuset'
[  489.367323][ T6099] bridge_slave_1: left allmulticast mode
[  489.373007][ T6099] bridge_slave_1: left promiscuous mode
[  489.436697][ T6099] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.576217][ T6099] bridge_slave_0: left allmulticast mode
[  489.581901][ T6099] bridge_slave_0: left promiscuous mode
[  489.813390][ T6099] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.709184][ T5843] Bluetooth: hci1: command tx timeout
[  491.748922][T10677] loop7: detected capacity change from 0 to 32768
[  492.776207][ T5843] Bluetooth: hci1: command tx timeout
[  493.659751][ T6099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  493.720699][ T6099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  493.765775][ T6099] bond0 (unregistering): Released all slaves
[  494.014642][T10697] loop7: detected capacity change from 0 to 256
[  494.037877][T10697] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[  494.128934][T10642] chnl_net:caif_netlink_parms(): no params data found
[  494.858453][ T5843] Bluetooth: hci1: command tx timeout
[  496.922407][ T6099] hsr_slave_0: left promiscuous mode
[  496.935539][ T5838] Bluetooth: hci1: command tx timeout
[  496.948252][ T6099] hsr_slave_1: left promiscuous mode
[  496.954433][ T6099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  496.985270][ T6099] batman_adv: batadv0: Removing interface: batadv_slave_0
[  497.005448][ T6099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  497.022876][ T6099] batman_adv: batadv0: Removing interface: batadv_slave_1
[  497.098267][ T6099] veth1_macvtap: left promiscuous mode
[  497.103830][ T6099] veth0_macvtap: left promiscuous mode
[  497.135034][ T6099] veth1_vlan: left promiscuous mode
[  497.144956][ T6099] veth0_vlan: left promiscuous mode
[  498.720050][T10756] xt_TCPMSS: Only works on TCP SYN packets
[  501.422069][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  501.428864][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  501.848186][ T6099] team0 (unregistering): Port device team_slave_1 removed
[  502.163139][ T6099] team0 (unregistering): Port device team_slave_0 removed
[  502.270742][T10778] loop7: detected capacity change from 0 to 128
[  502.391302][T10778] syz.7.1338: attempt to access beyond end of device
[  502.391302][T10778] loop7: rw=2049, sector=138, nr_sectors = 112 limit=128
[  502.437090][T10778] syz.7.1338: attempt to access beyond end of device
[  502.437090][T10778] loop7: rw=8390657, sector=142, nr_sectors = 2 limit=128
[  502.451367][T10778] Buffer I/O error on dev loop7, logical block 71, lost async page write
[  506.780193][ T5838] Bluetooth: hci0: unexpected event for opcode 0x2016
[  508.256309][T10642] bridge0: port 1(bridge_slave_0) entered blocking state
[  508.459514][T10642] bridge0: port 1(bridge_slave_0) entered disabled state
[  508.477478][T10642] bridge_slave_0: entered allmulticast mode
[  508.493020][T10642] bridge_slave_0: entered promiscuous mode
[  508.665462][T10833] pim6reg: entered allmulticast mode
[  509.252029][T10642] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.266396][T10642] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.275978][T10642] bridge_slave_1: entered allmulticast mode
[  509.283773][T10642] bridge_slave_1: entered promiscuous mode
[  510.627923][T10642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  510.715123][T10642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  510.937488][ T5838] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  510.946192][ T5838] Bluetooth: hci0: Injecting HCI hardware error event
[  510.957085][ T5838] Bluetooth: hci0: hardware error 0x00
[  511.115879][T10642] team0: Port device team_slave_0 added
[  511.192127][T10642] team0: Port device team_slave_1 added
[  511.293981][T10880] capability: warning: `syz.3.1367' uses 32-bit capabilities (legacy support in use)
[  511.550445][T10886] loop7: detected capacity change from 0 to 128
[  511.633147][T10886] syz.7.1368: attempt to access beyond end of device
[  511.633147][T10886] loop7: rw=2049, sector=138, nr_sectors = 112 limit=128
[  511.677116][T10886] syz.7.1368: attempt to access beyond end of device
[  511.677116][T10886] loop7: rw=8390657, sector=142, nr_sectors = 2 limit=128
[  511.691479][T10886] Buffer I/O error on dev loop7, logical block 71, lost async page write
[  512.177674][T10642] batman_adv: batadv0: Adding interface: batadv_slave_0
[  512.209461][T10642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  512.295679][T10642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  512.341718][T10642] batman_adv: batadv0: Adding interface: batadv_slave_1
[  512.365752][T10642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  512.509406][T10642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  512.892541][T10642] hsr_slave_0: entered promiscuous mode
[  512.904452][T10642] hsr_slave_1: entered promiscuous mode
[  512.917817][T10642] debugfs: 'hsr0' already exists in 'hsr'
[  512.923715][T10642] Cannot create hsr debugfs directory
[  513.094948][ T5838] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  514.106638][T10917] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1378'.
[  515.302609][T10642] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  515.401857][T10642] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  515.452290][T10642] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  515.543266][T10642] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  516.130690][T10642] 8021q: adding VLAN 0 to HW filter on device bond0
[  516.282803][T10642] 8021q: adding VLAN 0 to HW filter on device team0
[  516.378095][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  516.385354][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  516.464463][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  516.471663][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  516.692513][T10983] bridge_slave_0: left allmulticast mode
[  516.759389][T10983] bridge_slave_0: left promiscuous mode
[  516.779236][T10983] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.808310][T10983] bridge_slave_1: left allmulticast mode
[  516.814054][T10983] bridge_slave_1: left promiscuous mode
[  516.823555][T10983] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.876228][T10983] bond0: (slave bond_slave_0): Releasing backup interface
[  516.946709][T10983] bond0: (slave bond_slave_1): Releasing backup interface
[  516.981521][T10983] team0: Port device team_slave_0 removed
[  517.006009][T10991] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1398'.
[  517.233409][T10983] team0: Port device team_slave_1 removed
[  517.245470][T10983] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  517.271752][T10983] batman_adv: batadv0: Removing interface: batadv_slave_0
[  517.303393][T10983] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  517.312111][T10983] batman_adv: batadv0: Removing interface: batadv_slave_1
[  517.442119][T10983] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  519.785359][T10642] 8021q: adding VLAN 0 to HW filter on device batadv0
[  520.507406][T10642] veth0_vlan: entered promiscuous mode
[  521.301585][T10642] veth1_vlan: entered promiscuous mode
[  521.341875][T10642] veth0_macvtap: entered promiscuous mode
[  521.386494][T10642] veth1_macvtap: entered promiscuous mode
[  521.529600][T10642] batman_adv: batadv0: Interface activated: batadv_slave_0
[  521.582422][T10642] batman_adv: batadv0: Interface activated: batadv_slave_1
[  522.465690][ T6452] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  522.535951][ T6452] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  522.615672][ T6452] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  522.665429][ T3453] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  524.855251][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.863100][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  524.968784][ T6625] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  524.994805][ T6625] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  526.797319][T11096] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1429'.
[  527.901098][T11106] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1433'.
[  528.004997][T11106] veth0_to_team: entered promiscuous mode
[  528.025253][T11106] veth0_to_team: entered allmulticast mode
[  529.595411][T11127] 9p: Bad value for 'rfdno'
[  529.601192][T11124] loop7: detected capacity change from 0 to 2048
[  531.015387][T11136] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  534.838461][T11187] loop8: detected capacity change from 0 to 1024
[  534.876750][T11187] EXT4-fs: inline encryption not supported
[  534.882641][T11187] EXT4-fs: Ignoring removed nobh option
[  534.970479][T11187] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  535.243408][T11187] EXT4-fs (loop8): shut down requested (0)
[  535.915472][T11197] lo: left promiscuous mode
[  535.920123][T11197] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  536.136702][T10642] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.915152][T11243] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1468'.
[  538.946239][T11243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1468'.
[  539.563334][T11243] team0: Port device team_slave_1 removed
[  540.910196][T11266] loop8: detected capacity change from 0 to 128
[  541.264829][T11266] syz.8.1462: attempt to access beyond end of device
[  541.264829][T11266] loop8: rw=2049, sector=138, nr_sectors = 112 limit=128
[  541.318937][T11264] syz.8.1462: attempt to access beyond end of device
[  541.318937][T11264] loop8: rw=8390657, sector=142, nr_sectors = 2 limit=128
[  541.334912][T11264] Buffer I/O error on dev loop8, logical block 71, lost async page write
[  545.065858][T11304] loop7: detected capacity change from 0 to 32768
[  545.249853][T11304] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  545.347966][T11304] XFS (loop7): Ending clean mount
[  545.362524][T11304] XFS (loop7): Quotacheck needed: Please wait.
[  546.275135][T11304] XFS (loop7): Quotacheck: Done.
[  547.547809][T10007] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  549.436514][T11351] binder: 11348:11351 ioctl c0306201 0 returned -14
[  550.094932][ T5838] Bluetooth: hci3: command 0x0406 tx timeout
[  550.101050][T10870] Bluetooth: hci3: Opcode 0x206a failed: -110
[  552.456284][T11408] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1506'.
[  554.045808][T11430] loop8: detected capacity change from 0 to 128
[  554.684468][T11429] syz.8.1514: attempt to access beyond end of device
[  554.684468][T11429] loop8: rw=2049, sector=138, nr_sectors = 112 limit=128
[  555.058916][T11429] syz.8.1514: attempt to access beyond end of device
[  555.058916][T11429] loop8: rw=8390657, sector=142, nr_sectors = 2 limit=128
[  555.072639][T11429] Buffer I/O error on dev loop8, logical block 71, lost async page write
[  555.174596][T11433] loop7: detected capacity change from 0 to 1024
[  555.324090][ T6202] hfsplus: b-tree write err: -5, ino 4
[  555.641222][T11448] xt_TCPMSS: Only works on TCP SYN packets
[  555.811636][T11452] loop7: detected capacity change from 0 to 32768
[  555.846418][T11452] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  555.896292][T11452] XFS (loop7): Ending clean mount
[  555.907170][T11452] XFS (loop7): Quotacheck needed: Please wait.
[  555.977933][T11452] XFS (loop7): Quotacheck: Done.
[  557.064903][T10007] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  560.456869][T10870] Bluetooth: hci4: command 0x0406 tx timeout
[  562.865315][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  562.871648][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  566.466440][T11509] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  569.687451][T11525] loop8: detected capacity change from 0 to 128
[  570.486704][T11523] syz.8.1529: attempt to access beyond end of device
[  570.486704][T11523] loop8: rw=2049, sector=138, nr_sectors = 112 limit=128
[  570.511198][T11523] syz.8.1529: attempt to access beyond end of device
[  570.511198][T11523] loop8: rw=8390657, sector=142, nr_sectors = 2 limit=128
[  570.525011][T11523] Buffer I/O error on dev loop8, logical block 71, lost async page write
[  571.164552][T11537] loop8: detected capacity change from 0 to 512
[  571.210231][T11537] EXT4-fs (loop8): Test dummy encryption mode enabled
[  571.244905][T11537] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  571.317182][T11537] EXT4-fs (loop8): SIPHASH is not a valid default hash value
[  573.599074][T11564] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  573.872393][T11572] loop7: detected capacity change from 0 to 512
[  574.396071][T11572] EXT4-fs: Ignoring removed nobh option
[  574.495130][T11572] EXT4-fs error (device loop7): ext4_orphan_get:1391: inode #15: comm syz.7.1555: iget: bad i_size value: 38620345925642
[  574.555354][T11572] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.1555: couldn't read orphan inode 15 (err -117)
[  574.630442][T11572] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  576.674241][ T6138] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm kworker/u8:18: bg 0: block 5: invalid block bitmap
[  576.811934][ T6138] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[  576.845122][ T6138] EXT4-fs (loop7): This should not happen!! Data will be lost
[  576.845122][ T6138] 
[  576.858915][ T6138] EXT4-fs (loop7): Total free blocks count 0
[  576.884819][ T6138] EXT4-fs (loop7): Free/Dirty block details
[  576.890752][ T6138] EXT4-fs (loop7): free_blocks=0
[  576.924815][ T6138] EXT4-fs (loop7): dirty_blocks=16022
[  576.930577][ T6138] EXT4-fs (loop7): Block reservation details
[  576.984789][ T6138] EXT4-fs (loop7): i_reserved_data_blocks=16022
[  577.042677][T11591] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 8 with max blocks 2048 with error 28
[  580.587597][T11621] veth1_macvtap: left promiscuous mode
[  580.593131][T11621] macsec0: entered promiscuous mode
[  580.860167][T10007] EXT4-fs: 7 callbacks suppressed
[  580.860179][T10007] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  581.317843][T11636] loop7: detected capacity change from 0 to 128
[  581.941684][T11636] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  582.170373][T11636] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  582.426814][T11645] pim6reg1: entered promiscuous mode
[  582.432119][T11645] pim6reg1: entered allmulticast mode
[  583.233420][T10007] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  587.217769][T11702] ------------[ cut here ]------------
[  587.223311][T11702] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x4000000, 0x0] s64=[0x4000000, 0x0] u32=[0x4000000, 0x0] s32=[0x4000000, 0x0] var_off=(0x0, 0x0)
[  587.241444][T11702] WARNING: kernel/bpf/verifier.c:2748 at reg_bounds_sanity_check+0x201/0xc30, CPU#0: syz.7.1597/11702
[  587.252622][T11702] Modules linked in:
[  587.257034][T11702] CPU: 0 UID: 0 PID: 11702 Comm: syz.7.1597 Not tainted syzkaller #0 PREEMPT(full) 
[  587.266515][T11702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  587.276718][T11702] RIP: 0010:reg_bounds_sanity_check+0x3e6/0xc30
[  587.282982][T11702] Code: 98 00 00 00 4c 8b 8c 24 88 00 00 00 41 ff 34 24 41 57 55 41 55 ff b4 24 f0 00 00 00 ff b4 24 a8 00 00 00 ff b4 24 c0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 49 bf 00 00 00 00 00 fc ff df 48 8b 84
[  587.302941][T11702] RSP: 0018:ffffc9000516eed0 EFLAGS: 00010246
[  587.309283][T11702] RAX: dffffc0000000000 RBX: 1ffff11006741e58 RCX: 0000000004000000
[  587.317361][T11702] RDX: ffffffff8b71cdc0 RSI: ffffffff8b725580 RDI: ffffffff8f85f990
[  587.325415][T11702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000004000000
[  587.333404][T11702] R10: 00000000000000d0 R11: 0000000000000002 R12: ffff888033a0f2c0
[  587.341500][T11702] R13: 0000000004000000 R14: 1ffff11006741e57 R15: 0000000000000000
[  587.349558][T11702] FS:  00007fb71b3856c0(0000) GS:ffff888125e34000(0000) knlGS:0000000000000000
[  587.358706][T11702] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  587.365323][T11702] CR2: 0000000000000000 CR3: 000000001fba2000 CR4: 00000000003526f0
[  587.373281][T11702] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083
[  587.381264][T11702] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  587.389263][T11702] Call Trace:
[  587.392554][T11702]  <TASK>
[  587.395570][T11702]  reg_set_min_max+0x2b4/0x340
[  587.400538][T11702]  check_cond_jmp_op+0x19c6/0x2e20
[  587.405926][T11702]  ? __pfx_check_cond_jmp_op+0x10/0x10
[  587.411409][T11702]  ? bpf_reset_stack_write_marks+0x1eb/0x260
[  587.417512][T11702]  do_check+0x58f5/0xeba0
[  587.421925][T11702]  ? __pfx_do_check+0x10/0x10
[  587.426756][T11702]  ? init_func_state+0x1ab2/0x28d0
[  587.431886][T11702]  do_check_common+0x19cc/0x25b0
[  587.436883][T11702]  bpf_check+0x5e7a/0x1c300
[  587.441422][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.446400][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.451351][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.456439][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.461550][T11702]  ? css_rstat_updated+0x239/0x520
[  587.466716][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.471670][T11702]  ? __pfx_bpf_check+0x10/0x10
[  587.476909][T11702]  ? seqcount_lockdep_reader_access+0x122/0x1c0
[  587.483233][T11702]  ? lockdep_hardirqs_on+0x98/0x140
[  587.488673][T11702]  ? ktime_get_with_offset+0x93/0x2a0
[  587.494181][T11702]  ? seqcount_lockdep_reader_access+0x174/0x1c0
[  587.500777][T11702]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  587.509301][T11702]  ? __asan_memset+0x22/0x50
[  587.514937][T11702]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  587.520261][T11702]  ? security_bpf_prog_load+0x125/0x3f0
[  587.525941][T11702]  bpf_prog_load+0x13ba/0x1a10
[  587.530802][T11702]  ? __pfx_bpf_prog_load+0x10/0x10
[  587.536005][T11702]  ? bpf_lsm_bpf+0x9/0x20
[  587.540351][T11702]  ? security_bpf+0x7e/0x300
[  587.545037][T11702]  __sys_bpf+0x507/0x860
[  587.549320][T11702]  ? __pfx___sys_bpf+0x10/0x10
[  587.554129][T11702]  ? rcu_is_watching+0x15/0xb0
[  587.559137][T11702]  __x64_sys_bpf+0x7c/0x90
[  587.563720][T11702]  do_syscall_64+0xfa/0xf80
[  587.568293][T11702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.575451][T11702]  ? clear_bhb_loop+0x60/0xb0
[  587.580150][T11702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.586248][T11702] RIP: 0033:0x7fb71a58f749
[  587.590693][T11702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  587.610952][T11702] RSP: 002b:00007fb71b385038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  587.620263][T11702] RAX: ffffffffffffffda RBX: 00007fb71a7e5fa0 RCX: 00007fb71a58f749
[  587.628593][T11702] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  587.636720][T11702] RBP: 00007fb71a613f91 R08: 0000000000000000 R09: 0000000000000000
[  587.644808][T11702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  587.652826][T11702] R13: 00007fb71a7e6038 R14: 00007fb71a7e5fa0 R15: 00007ffd66b3f208
[  587.661006][T11702]  </TASK>
[  587.664108][T11702] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  587.671494][T11702] CPU: 0 UID: 0 PID: 11702 Comm: syz.7.1597 Not tainted syzkaller #0 PREEMPT(full) 
[  587.680870][T11702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  587.690934][T11702] Call Trace:
[  587.694223][T11702]  <TASK>
[  587.697159][T11702]  dump_stack_lvl+0x99/0x250
[  587.701766][T11702]  ? __asan_memcpy+0x40/0x70
[  587.706367][T11702]  ? __pfx_dump_stack_lvl+0x10/0x10
[  587.711612][T11702]  ? __pfx__printk+0x10/0x10
[  587.716238][T11702]  vpanic+0x237/0x6d0
[  587.720231][T11702]  ? __pfx_vpanic+0x10/0x10
[  587.724742][T11702]  ? is_bpf_text_address+0x292/0x2b0
[  587.730030][T11702]  ? is_bpf_text_address+0x26/0x2b0
[  587.735253][T11702]  panic+0xb9/0xc0
[  587.738987][T11702]  ? __pfx_panic+0x10/0x10
[  587.743431][T11702]  __warn+0x317/0x4b0
[  587.747422][T11702]  ? reg_bounds_sanity_check+0x201/0xc30
[  587.753080][T11702]  ? reg_bounds_sanity_check+0x201/0xc30
[  587.758724][T11702]  __report_bug+0x288/0x500
[  587.763238][T11702]  ? reg_bounds_sanity_check+0x201/0xc30
[  587.768880][T11702]  ? __pfx___report_bug+0x10/0x10
[  587.773901][T11702]  ? check_cond_jmp_op+0x1840/0x2e20
[  587.779182][T11702]  ? do_check+0x58f5/0xeba0
[  587.783678][T11702]  ? do_check_common+0x19cc/0x25b0
[  587.788780][T11702]  ? bpf_check+0x5e7a/0x1c300
[  587.793443][T11702]  ? bpf_prog_load+0x13ba/0x1a10
[  587.798381][T11702]  ? __sys_bpf+0x507/0x860
[  587.802796][T11702]  ? __x64_sys_bpf+0x7c/0x90
[  587.807383][T11702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.813449][T11702]  report_bug_entry+0x19a/0x290
[  587.818307][T11702]  ? reg_bounds_sanity_check+0x3e6/0xc30
[  587.823958][T11702]  ? reg_bounds_sanity_check+0x3eb/0xc30
[  587.829580][T11702]  handle_bug+0xca/0x200
[  587.833823][T11702]  exc_invalid_op+0x1a/0x50
[  587.838314][T11702]  asm_exc_invalid_op+0x1a/0x20
[  587.843148][T11702] RIP: 0010:reg_bounds_sanity_check+0x3e6/0xc30
[  587.849384][T11702] Code: 98 00 00 00 4c 8b 8c 24 88 00 00 00 41 ff 34 24 41 57 55 41 55 ff b4 24 f0 00 00 00 ff b4 24 a8 00 00 00 ff b4 24 c0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 49 bf 00 00 00 00 00 fc ff df 48 8b 84
[  587.869003][T11702] RSP: 0018:ffffc9000516eed0 EFLAGS: 00010246
[  587.875075][T11702] RAX: dffffc0000000000 RBX: 1ffff11006741e58 RCX: 0000000004000000
[  587.883058][T11702] RDX: ffffffff8b71cdc0 RSI: ffffffff8b725580 RDI: ffffffff8f85f990
[  587.891016][T11702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000004000000
[  587.898972][T11702] R10: 00000000000000d0 R11: 0000000000000002 R12: ffff888033a0f2c0
[  587.906941][T11702] R13: 0000000004000000 R14: 1ffff11006741e57 R15: 0000000000000000
[  587.914950][T11702]  reg_set_min_max+0x2b4/0x340
[  587.919727][T11702]  check_cond_jmp_op+0x19c6/0x2e20
[  587.924837][T11702]  ? __pfx_check_cond_jmp_op+0x10/0x10
[  587.930286][T11702]  ? bpf_reset_stack_write_marks+0x1eb/0x260
[  587.936262][T11702]  do_check+0x58f5/0xeba0
[  587.940627][T11702]  ? __pfx_do_check+0x10/0x10
[  587.945297][T11702]  ? init_func_state+0x1ab2/0x28d0
[  587.950405][T11702]  do_check_common+0x19cc/0x25b0
[  587.955345][T11702]  bpf_check+0x5e7a/0x1c300
[  587.959840][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.964772][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.969720][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.974649][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.979578][T11702]  ? css_rstat_updated+0x239/0x520
[  587.984679][T11702]  ? __lock_acquire+0x6b6/0x2cf0
[  587.989787][T11702]  ? __pfx_bpf_check+0x10/0x10
[  587.994574][T11702]  ? seqcount_lockdep_reader_access+0x122/0x1c0
[  588.000894][T11702]  ? lockdep_hardirqs_on+0x98/0x140
[  588.006083][T11702]  ? ktime_get_with_offset+0x93/0x2a0
[  588.011445][T11702]  ? seqcount_lockdep_reader_access+0x174/0x1c0
[  588.017762][T11702]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  588.024353][T11702]  ? __asan_memset+0x22/0x50
[  588.028933][T11702]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  588.034120][T11702]  ? security_bpf_prog_load+0x125/0x3f0
[  588.039661][T11702]  bpf_prog_load+0x13ba/0x1a10
[  588.044428][T11702]  ? __pfx_bpf_prog_load+0x10/0x10
[  588.049543][T11702]  ? bpf_lsm_bpf+0x9/0x20
[  588.053878][T11702]  ? security_bpf+0x7e/0x300
[  588.058469][T11702]  __sys_bpf+0x507/0x860
[  588.062703][T11702]  ? __pfx___sys_bpf+0x10/0x10
[  588.067506][T11702]  ? rcu_is_watching+0x15/0xb0
[  588.072264][T11702]  __x64_sys_bpf+0x7c/0x90
[  588.076669][T11702]  do_syscall_64+0xfa/0xf80
[  588.081173][T11702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.087222][T11702]  ? clear_bhb_loop+0x60/0xb0
[  588.091886][T11702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.097761][T11702] RIP: 0033:0x7fb71a58f749
[  588.102249][T11702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  588.121840][T11702] RSP: 002b:00007fb71b385038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  588.130332][T11702] RAX: ffffffffffffffda RBX: 00007fb71a7e5fa0 RCX: 00007fb71a58f749
[  588.138302][T11702] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  588.146260][T11702] RBP: 00007fb71a613f91 R08: 0000000000000000 R09: 0000000000000000
[  588.154213][T11702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  588.162175][T11702] R13: 00007fb71a7e6038 R14: 00007fb71a7e5fa0 R15: 00007ffd66b3f208
[  588.170146][T11702]  </TASK>
[  588.173645][T11702] Kernel Offset: disabled
[  588.177953][T11702] Rebooting in 86400 seconds..