last executing test programs:

40.248887616s ago: executing program 1 (id=1128):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xb7}, [@ldst={0x6, 0x2}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x39, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x4d)
syz_open_procfs(r1, &(0x7f0000000300)='fd\x00')
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'veth0_to_batadv\x00', <r7=>0x0})
setsockopt$packet_int(r6, 0x107, 0x14, &(0x7f0000000200)=0x5, 0x4)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
sendto$packet(r6, &(0x7f00000000c0)="3f030e03f007120006001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xb318, 0x0, &(0x7f0000000540)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @multicast}, 0x14)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)

34.984882798s ago: executing program 1 (id=1133):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xb7}, [@ldst={0x6, 0x2}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x39, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x4d)
syz_open_procfs(r1, &(0x7f0000000300)='fd\x00')
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'veth0_to_batadv\x00', <r7=>0x0})
setsockopt$packet_int(r6, 0x107, 0x14, &(0x7f0000000200)=0x5, 0x4)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
sendto$packet(r6, &(0x7f00000000c0)="3f030e03f007120006001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xb318, 0x0, &(0x7f0000000540)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @multicast}, 0x14)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)

33.780060176s ago: executing program 1 (id=1139):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={r0, 0x2, 0x0}, 0x10)

33.588842897s ago: executing program 1 (id=1140):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x400a, &(0x7f00000003c0)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@lazytime}, {@noblock_validity}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x18)
renameat2(r1, &(0x7f0000000080)='./file1\x00', r0, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x54a12000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000005c0)='./bus\x00')
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)

32.376855636s ago: executing program 1 (id=1142):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x17ef, 0x60a3, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000240)={0x40, 0x9, 0x5, {0x5, 0xb, "85002f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

29.399553877s ago: executing program 1 (id=1152):
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000001e00))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = fsopen(&(0x7f0000000000)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x58, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_POLICY={0x10, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3}}, @NFCTH_TUPLE={0x4, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x2, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @dev}}}]}, @NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x58}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, 0x1)

17.758736529s ago: executing program 3 (id=1177):
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/route\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x12)
read$FUSE(r4, &(0x7f0000003300)={0x2020, 0x0, <r5=>0x0}, 0x2020)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
write$FUSE_BMAP(r4, &(0x7f0000000280)={0x18, 0xfffffffffffffff5, r5, {0x6}}, 0x18)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000340)=0x80)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r8, 0x5408, &(0x7f0000000040)={0x3, 0x0, 0xfffffffe, 0x7fffffff, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf", 0x1000})
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0xffffffffdf004fff, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x5437, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r9, &(0x7f0000002340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFULA_CFG_CMD={0x5, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x1080)

12.527125447s ago: executing program 2 (id=1184):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0200000004000000080000000100", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0300000000004000"/20], 0x50)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netfilter\x00')
r2 = fanotify_init(0x0, 0x0)
readv(r2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

12.329786679s ago: executing program 0 (id=1186):
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0, @ANYRESDEC=0x0, @ANYRES32=0x0, @ANYRESDEC], 0x1, 0x675, &(0x7f0000001280)="$eJzs3U9sHFcdB/DvrDd2NpTUTZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJiXukcuECtx7xsRKCSy+YC4tmdtbe2ruOHWyvUz6faPzemzfz3u/9dnZnd63IAf5vXT2f5oMUuXr+5eWyvboy015dmbndqyeZSNJImlVRpPhXp9P5ILmS7pbnkhT1cMWwee4vzL764cerH3VbzXqrjm9sd97O3Ku3nE0yVpeb3H7U8a4NHm/D0YcNV6yvsEzYuV7iYNSOJOlU/nG/u+cHf35ivadPa9DZD73ygcdA0b1vbjGZHKuf6OX7gO5dsXvPfqzdG3UAAAAAcACeXMtalnN81HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46T4SmusLOqt0aufTdH7+//j9b7U9cOiWI9qFx7sRyQAAAAAAAAAcMDOrGUtyznea3eK6nf+L1SNk9XPz+St3M18FnMhy5nLUpaymOkkk30DjS/PLS0tTvefOTH4zEsDz7z0kEAn6rK1RwsHAAAAAAAAgE+Xn+bqxu//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMCiSsW5RbSd79ck0mkkmesfdS/6aZHy00f7vHow6AAAAADgAT65lLcs53mt3iuoz/zPV5/6jeSt3spSFLKWd+VyvvgvofupvrK7MtFdXZm6X29Zxv/nPXYVRjZjudw+DZz5dHdHKjSxUey7kWt5IO9fTqM4sne7FMziun5QxFd+o7TCy63VZrvy9utzi3V0tdphdfpkyWWXkyHpGpurYymw8tX0mdvnobJ5pOo31YE9ummnTIs48Ss6P1WW5nl8Oy/lIbM7Epb6r75ntc5584Y+//97N9p1bN2/cPX94lrQzY3XZqX62tmZipi8Tz3Yz8P3XPo2Z2GKqysSp9fbVfCev5XzO5pUsZiE/zFyWMp+z+XZVm6uv56Lv+9Qh18yVT7ReeVgk4/UV2n2wdhfTC9W5x7OQ7+aNXM98Xqz+Xcp0vprLuZzZvkf41A5eaRtDnvWdzw4M/twX60orya/q8nAo8/pUX177X3Mnq77+PRtZOrH396Pm5+pKOcfP6vJw2JyJ6b5MPL19Jn5bvazcbd+5tXhz7s2dTXfivbpSPo9+cajuEuX1cqJ8sKrWJ6+Osu/pgX3TVd/J9b7Glr5Tvb6//ebXL1XHDHumjtfv4Zpfn91yxyr7nh04y0zVd7qvb9D7LQAOvWNfOjbe+nvrL633Wz9v3Wy9fPRbE1+beH48R/505KXm1NjnG88Xf8j7+fHG538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODR3X37nVtz7fb84qZKM513h3TtS+U/Q7qKJHs4V+/PmQ095sieL/C5J5KDyeHWyniSA590YOXfnU6n3lMchni2r3RKE+ns+1zNJIO6zow+CSN+YQL23cWl229evPv2O19euD33+vzr83dmL1+enZq9/OLMxRsL7fmp7s9RRwnsh42b/qgjAQAAAAAAAAAAAHbqIP47wfDZjx7kUgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH1NXzaT5IkempC1Nle3Vlpl1uvfrGkc0kjSTFj5Lig+RKulsm+4Yrhs1zf2H21Q8/Xv1oY6xm7/jGduftzL16y9kkY3W5V+Nd28l4v9uus1hfYZmwc73Ewaj9NwAA//8CiAVm")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000700)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00')
ioctl$BLKREPORTZONE(0xffffffffffffffff, 0xc0101282, &(0x7f0000000680)=ANY=[])
add_key$keyring(0x0, &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
unlink(&(0x7f0000000280)='./file1\x00')

11.393027587s ago: executing program 0 (id=1189):
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000001e00))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080), 0x10010)
r4 = fsopen(&(0x7f0000000000)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x58, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_POLICY={0x10, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3}}, @NFCTH_TUPLE={0x4, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x2, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @dev}}}]}, @NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x58}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, 0x1)

10.125977012s ago: executing program 3 (id=1190):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d58c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb6220030100dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000066d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c9727ec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f0dafc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa1c22015e53fd8a46be933ab460d8629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8f12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d61800aaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e3c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c59869c9200a1306ffa5a71ca69e89a69fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0dc4b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec086174439af6ee6c7fdb2d19c9280fa9a02e8fa6a38acfff09050d912635fed175fd06f577d40000000000000000000000000000754bffd73c0888ba8834f20b3acea57b7817663e12c1a5503bc4c13af59bda21688d68698c53ce3aa767657774db09ece7ec888d3af290207d36fa433b35e17dc0f3dc728ea1c633a4ef9e7d9bf81b57492e0544800921d1b751c5fbc163"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff43052f002000636777fbac141443e000000d62079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

9.87624389s ago: executing program 2 (id=1192):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000000000ff030000200000000000000000000000000000050068f9914cbed08cdffe07b71df57f42234496bca7193324e7eb5c1fab6b6db31720c2e395111f933b47485037f412411fee97cfb8b0c632185ccd5899fb29fa8b913b51343fda385379f6c2665e99"], 0x48)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp6\x00')
bind$inet6(0xffffffffffffffff, &(0x7f0000000680)={0xa, 0x4e20, 0x0, @private0}, 0x1c)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x4b, &(0x7f00000009c0)=0x8, 0x4)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}}, 0x1c)
preadv(r3, &(0x7f0000000280)=[{&(0x7f0000000380)=""/218, 0xda}], 0x1, 0x14a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x18, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c000000030101010000000000000000000000003c001e800400028005000100000000002c00018003000000000000000000000000000000000014000400fc0200000000000000000000000000000c001980080001000a010000"], 0x5c}}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
r6 = getpid()
syz_pidfd_open(r6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

9.564955946s ago: executing program 3 (id=1193):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000280)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10, 0x0}}], 0x2, 0x20000001)

9.068077603s ago: executing program 3 (id=1194):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071106e000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x20e2c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x4})

9.00616183s ago: executing program 2 (id=1196):
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r0 = dup(0xffffffffffffffff)
write$FUSE_DIRENTPLUS(r0, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000140)=@delqdisc={0x24, 0x25, 0x100, 0x70bd25, 0x5, {0x0, 0x0, 0x0, 0x0, {0xa, 0x7}, {0xffe0, 0xffff}, {0xb, 0x5}}}, 0x24}}, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
capset(0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r5, 0x0, 0xffffffffffffffff, 0x0, 0x8000f28, 0x4)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x7f, 0xe)
write(r4, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x100000a, 0x4012831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000cd8000/0x4000)=nil, 0x3)
write$P9_RVERSION(r2, &(0x7f0000001600)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r6 = dup(r2)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfd', @ANYRESHEX=r6])
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)

8.109701542s ago: executing program 0 (id=1197):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x101200, 0x0)
ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302)

7.918508644s ago: executing program 3 (id=1198):
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wg0\x00'})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000a80)='ext4_mb_release_group_pa\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@grpquota}, {}, {@nombcache}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@lazytime}, {@mblk_io_submit}, {@noblock_validity}, {@noauto_da_alloc}]}, 0xfe, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000126abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3acb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x2, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, 0x0, 0x0)
sendmmsg$inet(r5, &(0x7f0000001a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x7c9ce320e12db95)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071121500000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

7.528518609s ago: executing program 0 (id=1199):
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/route\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x12)
read$FUSE(r4, &(0x7f0000003300)={0x2020, 0x0, <r5=>0x0}, 0x2020)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
write$FUSE_BMAP(r4, &(0x7f0000000280)={0x18, 0xfffffffffffffff5, r5, {0x6}}, 0x18)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000340)=0x80)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r8, 0x5408, &(0x7f0000000040)={0x3, 0x0, 0xfffffffe, 0x7fffffff, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf", 0x1000})
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0xffffffffdf004fff, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x5437, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r9, &(0x7f0000002340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFULA_CFG_CMD={0x5, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x1080)

7.067620331s ago: executing program 4 (id=1200):
socket$igmp6(0xa, 0x3, 0x2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000080)="47000300010003", 0x7)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
syz_emit_ethernet(0x7a, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x39, 0x0, 0x0)
connect$inet6(r2, 0x0, 0x0)
sendmmsg$inet6(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r4 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000100)='./control\x00', 0x0)
getdents64(r4, &(0x7f0000fc4fbe)=""/80, 0x50)
unlink(&(0x7f00000001c0)='./control/file0\x00')
unlinkat(r4, &(0x7f0000000140)='./control\x00', 0x200)
rmdir(&(0x7f0000000040)='./control\x00')

6.002877783s ago: executing program 3 (id=1201):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0200000004000000080000000100", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0300000000004000"/20], 0x50)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netfilter\x00')
r2 = fanotify_init(0x0, 0x0)
readv(r2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

5.552811855s ago: executing program 4 (id=1202):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kvm_fpu\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

5.188464157s ago: executing program 4 (id=1203):
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGRAB(r3, 0x40044590, 0x0)
close(r3)

4.214790858s ago: executing program 2 (id=1204):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
wait4(0x0, 0x0, 0x80000008, 0x0)

4.108568s ago: executing program 4 (id=1205):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000140)="ed", 0x1, 0xffffffffffffffff)
keyctl$set_timeout(0xf, r1, 0x21000)
read$FUSE(r0, &(0x7f0000001580)={0x2020}, 0x2020)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f000000bd80), 0xffffffffffffffff)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
sendto$inet6(r2, &(0x7f0000000300)="0f30d704f5f3d8a4ed04de1bac21169f7ccef097aa17119717ef4faeba1165ce89cfd9dd4c1ef154", 0x28, 0x800, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32, @ANYBLOB], 0x48}}, 0x0)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0x210008, &(0x7f0000001040)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c6e6f7672732c6164696e6963622c766f6c756d653d30303030303030303030303030303030303030322c7569643d666f726765742c6769643d666f726765742c6e6f7374726963742c6e6f7672732c0085f95733019d784ca386da1fd41ffabd4b47acca2b8d488be702157dd8711c31732d"], 0xff, 0xc2d, &(0x7f00000012c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b40000000600000000000000009b61000000000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000740)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000050000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872061ce618117c56f0979bd10b97163c953ab1abda4589e9cbe8d0d26b5069f8a98f7dc8f76b74635fc9f9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346d2014006000000e1ffff8816326d7d35c32aac1c7d5b5be399f6609876b5887437a172751151b633fbc02a74067529194e533583412dff048f0000000000000000b2728a04816cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13ceec04a347383420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13ad30000000000170022626165866c156a25148972700000b515a1000000000000000eb2e9c15b6c8f6198282d0000000000c2ccf3f69cfcf1e15ea7a9e57aee78e12a2caebaada42811754e19a7e9b531636794a718b4766d2c7c61c3dba128c7fcd1f97989ccf1d55de496eae46c590c2d0225f9cd07005ac7f76d9d560a08c9fd0caafd9d095cb9db0099014cd0d4df62af52b088b01adeadc4c5225a6cd8486b03f83805dffe90dbf7ad042012b7213a2b03e3b1634ddfc9d6f570c4990fbbc7306871d9a52a157fb1a10fa2868df06faf83a8420e9ce62567043ce7e56d1ebe81"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0xffff0000, 0x40f, 0xfffffffffffffe4a, &(0x7f0000001a40)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x48)

3.997757673s ago: executing program 2 (id=1206):
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000001e00))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080), 0x10010)
r4 = fsopen(&(0x7f0000000000)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x58, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_POLICY={0x10, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3}}, @NFCTH_TUPLE={0x4, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x2, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @dev}}}]}, @NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x58}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, 0x1)

2.963782231s ago: executing program 4 (id=1207):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071106e000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x20e2c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x4})

2.167408792s ago: executing program 0 (id=1208):
syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x141201)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="180100000000002000000000000000001819", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800714, &(0x7f00000003c0)={[{@dioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@quota}, {@grpjquota}, {@errors_continue}, {@errors_continue}, {@nouser_xattr}, {@discard}, {@barrier}, {@norecovery}, {@errors_continue}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0xee, 0x442, &(0x7f0000000d00)="$eJzs281vG0UbAPBn10n6vv1KKKW0oYVAQUR8JE1aoAcuIJA4gIQEh3IMSVqFug1qgkSrCAJC5YgqcUcckfgLOMEFASckrnBHlSqIkFo4Ba29m9punObDrkP9+0nbznjHnnk8O97xTBxA1xrK/kkidkfErxHRX83WFxiq/ndjaWHy76WFySSWl9/4I6mUu760MFkULZ63K88MpxHpJ0leSb25i5fOTpTL0xfy/Oj8uXdH5y5eenrm3MSZ6TPT58dPnjxxfOy5Z8efaUmcWVzXBz+YPXzolbeuvDZ56srbP36dtffAker52jhaZSgL/M/lisZzj7W6sg7bU5NOejrYEDakFBFZd/VWxn9/lOJm5/XHyx93tHFAW2X3ph3NTy8uA3exJDrdAqAziht99v23OO7Q1GNbuPZC9QtQFveN/Kie6Yk0L9PbxvqHIuLU4j9fZEe0aR0CAKDWt9n856nV5n9pHKgptzffQxmIiHsiYl9E3BsR+yPivohK2fsj4uAG62/cGrp1/pNe3VRg65TN/57P97bq53/F7C8GSnluTyX+3uT0THn6WP6eDEfvjiw/tkYd3730y2fNztXO/7Ijq7+YC+btuNrTsEA3NTE/0apJ6bWPIgZ7Vos/WdkJSCLiUEQMbuyl9xaJmSe+Otys0O3jX0ML9pmWv4x4vNr/i9EQfyFZe39y9H9Rnj42WlwVt/rp58uvN6t/S/G3QNb/O+uv/4YS/X8ltfu1cxuv4/Jvnzb9TrPZ678vebOyZ92XP/b+xPz8hbGIvuTVSr7u8fGbzy3yRfks/uGjq4//fflzsvgfiIjsIj4SEQ9GxEN52x+OiEci4uga8f/w4qPvbD7+9srin1r182/l+h+o7/+NJ0pnv/+mWf3r6/8TldRw/kjl8+821tvArbx3AAAA8F+RRsTuSNKRlXSajoxU/4Z/f+xMy7Nz80+enn3v/FT1NwID0ZsWK139NeuhY8li/orV/Hi+VlycP56vG39e+n8lPzI5W57qcOzQ7XY1Gf+Z30udbh3Qdn6vBd2rcfynHWoHcOe5/0P3Mv6hexn/0L1WG/8fNuTtBcDdyf0fupfxD93L+IfuZfxDV9rK7/olujkR6bZoRrsScXBbNKNziU5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGvwEAAP//KivtwQ==")
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f00000000c0)='virtiofs\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@typedef={0x1, 0x0, 0x0, 0x8, 0x1}]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x182)
ioctl$SNAPSHOT_UNFREEZE(0xffffffffffffffff, 0x3302)

1.242889768s ago: executing program 4 (id=1209):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
r1 = socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
kcmp(r2, r5, 0x1, r3, r1)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000440)='1', 0x1)
io_setup(0x1004, &(0x7f0000000380)=<r6=>0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000007980)=[{0x0, 0x0, 0x0}], 0x1, 0x800)
io_submit(r6, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x6, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000080)="95", 0x1}])
move_mount(0xffffffffffffffff, &(0x7f00000000c0)='./mnt\x00', r0, &(0x7f0000000100)='./mnt\x00', 0x162)

7.898539ms ago: executing program 0 (id=1210):
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0, @ANYRESDEC=0x0, @ANYRES32=0x0, @ANYRESDEC], 0x1, 0x675, &(0x7f0000001280)="$eJzs3U9sHFcdB/DvrDd2NpTUTZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJiXukcuECtx7xsRKCSy+YC4tmdtbe2ruOHWyvUz6faPzemzfz3u/9dnZnd63IAf5vXT2f5oMUuXr+5eWyvboy015dmbndqyeZSNJImlVRpPhXp9P5ILmS7pbnkhT1cMWwee4vzL764cerH3VbzXqrjm9sd97O3Ku3nE0yVpeb3H7U8a4NHm/D0YcNV6yvsEzYuV7iYNSOJOlU/nG/u+cHf35ivadPa9DZD73ygcdA0b1vbjGZHKuf6OX7gO5dsXvPfqzdG3UAAAAAcACeXMtalnN81HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46T4SmusLOqt0aufTdH7+//j9b7U9cOiWI9qFx7sRyQAAAAAAAAAcMDOrGUtyznea3eK6nf+L1SNk9XPz+St3M18FnMhy5nLUpaymOkkk30DjS/PLS0tTvefOTH4zEsDz7z0kEAn6rK1RwsHAAAAAAAAgE+Xn+bqxu//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMCiSsW5RbSd79ck0mkkmesfdS/6aZHy00f7vHow6AAAAADgAT65lLcs53mt3iuoz/zPV5/6jeSt3spSFLKWd+VyvvgvofupvrK7MtFdXZm6X29Zxv/nPXYVRjZjudw+DZz5dHdHKjSxUey7kWt5IO9fTqM4sne7FMziun5QxFd+o7TCy63VZrvy9utzi3V0tdphdfpkyWWXkyHpGpurYymw8tX0mdvnobJ5pOo31YE9ummnTIs48Ss6P1WW5nl8Oy/lIbM7Epb6r75ntc5584Y+//97N9p1bN2/cPX94lrQzY3XZqX62tmZipi8Tz3Yz8P3XPo2Z2GKqysSp9fbVfCev5XzO5pUsZiE/zFyWMp+z+XZVm6uv56Lv+9Qh18yVT7ReeVgk4/UV2n2wdhfTC9W5x7OQ7+aNXM98Xqz+Xcp0vprLuZzZvkf41A5eaRtDnvWdzw4M/twX60orya/q8nAo8/pUX177X3Mnq77+PRtZOrH396Pm5+pKOcfP6vJw2JyJ6b5MPL19Jn5bvazcbd+5tXhz7s2dTXfivbpSPo9+cajuEuX1cqJ8sKrWJ6+Osu/pgX3TVd/J9b7Glr5Tvb6//ebXL1XHDHumjtfv4Zpfn91yxyr7nh04y0zVd7qvb9D7LQAOvWNfOjbe+nvrL633Wz9v3Wy9fPRbE1+beH48R/505KXm1NjnG88Xf8j7+fHG538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODR3X37nVtz7fb84qZKM513h3TtS+U/Q7qKJHs4V+/PmQ095sieL/C5J5KDyeHWyniSA590YOXfnU6n3lMchni2r3RKE+ns+1zNJIO6zow+CSN+YQL23cWl229evPv2O19euD33+vzr83dmL1+enZq9/OLMxRsL7fmp7s9RRwnsh42b/qgjAQAAAAAAAAAAAHbqIP47wfDZjx7kUgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH1NXzaT5IkempC1Nle3Vlpl1uvfrGkc0kjSTFj5Lig+RKulsm+4Yrhs1zf2H21Q8/Xv1oY6xm7/jGduftzL16y9kkY3W5V+Nd28l4v9uus1hfYZmwc73Ewaj9NwAA//8CiAVm")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000700)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00')
ioctl$BLKREPORTZONE(0xffffffffffffffff, 0xc0101282, &(0x7f0000000680)=ANY=[])
add_key$keyring(0x0, &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
unlink(&(0x7f0000000280)='./file1\x00')

0s ago: executing program 2 (id=1211):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000010000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f00000002c0)='timer_start\x00', r0}, 0x10)
syz_socket_connect_nvme_tcp()

kernel console output (not intermixed with test programs):

vice loop1): ext4_empty_dir:3156: inode #12: comm syz-executor: directory missing '..'
[  453.241737][ T6517] EXT4-fs error (device loop1): ext4_readdir:260: inode #12: block 80: comm syz-executor: path /14/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  453.263545][ T6517] EXT4-fs error (device loop1): ext4_empty_dir:3154: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  453.263878][ T3636] bond0 (unregistering): Released all slaves
[  453.294879][ T6517] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz-executor: directory missing '..'
[  453.309024][ T6517] EXT4-fs error (device loop1): ext4_readdir:260: inode #12: block 80: comm syz-executor: path /14/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  453.331817][ T6517] EXT4-fs error (device loop1): ext4_empty_dir:3154: inode #12: block 80: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  453.347702][ T6221] usb 5-1: Using ep0 maxpacket: 8
[  453.358425][ T6517] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz-executor: directory missing '..'
[  453.373957][ T6517] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz-executor: directory missing '..'
[  453.386992][ T6517] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz-executor: directory missing '..'
[  453.400803][ T6517] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz-executor: directory missing '..'
[  453.417123][ T6517] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz-executor: directory missing '..'
[  453.430613][ T6517] EXT4-fs warning (device loop1): ext4_empty_dir:3156: inode #12: comm syz-executor: directory missing '..'
[  453.475128][ T6221] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  453.488996][ T6221] usb 5-1: New USB device found, idVendor=056a, idProduct=00e5, bcdDevice= 0.00
[  453.501375][ T6221] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.527607][ T6221] usb 5-1: config 0 descriptor??
[  453.570571][ T6221] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  453.580884][ T3636] team0 (unregistering): Port device team_slave_1 removed
[  453.606731][ T3636] team0 (unregistering): Port device team_slave_0 removed
[  453.624424][ T3636] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  453.650487][ T3636] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  453.752752][ T3636] bond0 (unregistering): Released all slaves
[  453.782047][ T6221] usb 5-1: USB disconnect, device number 2
[  453.804630][ T6735] netlink: 40 bytes leftover after parsing attributes in process `syz.0.665'.
[  455.157598][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  455.163920][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  455.719835][ T3560] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  455.738147][ T3560] Bluetooth: hci5: Injecting HCI hardware error event
[  455.776780][ T3581] Bluetooth: hci5: hardware error 0x00
[  456.445286][ T6824] loop3: detected capacity change from 0 to 512
[  456.623248][ T6824] EXT4-fs (loop3): Unrecognized mount option """ or missing value
[  456.648947][ T6819] chnl_net:caif_netlink_parms(): no params data found
[  456.669689][ T6832] netlink: 40 bytes leftover after parsing attributes in process `syz.4.696'.
[  456.755976][ T6832] loop4: detected capacity change from 0 to 2048
[  456.844192][ T6832] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  457.069814][ T6819] bridge0: port 1(bridge_slave_0) entered blocking state
[  457.085938][ T6819] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.096237][ T6819] device bridge_slave_0 entered promiscuous mode
[  457.128496][ T6819] bridge0: port 2(bridge_slave_1) entered blocking state
[  457.135579][ T6819] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.145468][ T6819] device bridge_slave_1 entered promiscuous mode
[  457.233636][ T6819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  457.246479][ T6819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  457.332980][ T6827] chnl_net:caif_netlink_parms(): no params data found
[  458.836407][ T6819] team0: Port device team_slave_0 added
[  458.910325][ T6819] team0: Port device team_slave_1 added
[  459.012961][ T3692] Bluetooth: hci1: command 0x0409 tx timeout
[  459.019251][ T3616] Bluetooth: hci2: command 0x0409 tx timeout
[  459.070036][ T6874] loop4: detected capacity change from 0 to 128
[  459.085307][ T6872] netlink: 40 bytes leftover after parsing attributes in process `syz.0.706'.
[  459.096435][ T6827] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.106463][ T6827] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.115715][ T6827] device bridge_slave_0 entered promiscuous mode
[  459.124411][ T6819] batman_adv: batadv0: Adding interface: batadv_slave_0
[  459.133342][ T6872] loop0: detected capacity change from 0 to 2048
[  459.140484][ T6819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.177199][ T6819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  459.326332][ T6827] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.326380][ T6827] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.328932][ T6827] device bridge_slave_1 entered promiscuous mode
[  459.369132][ T6872] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  459.493787][ T6877] xt_hashlimit: size too large, truncated to 1048576
[  459.974657][ T6819] batman_adv: batadv0: Adding interface: batadv_slave_1
[  459.974675][ T6819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.974702][ T6819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.711422][ T6819] device hsr_slave_0 entered promiscuous mode
[  460.734145][ T6819] device hsr_slave_1 entered promiscuous mode
[  460.820691][ T6827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  460.928358][ T6827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  460.949049][ T6884] overlayfs: missing 'lowerdir'
[  461.109630][ T6020] Bluetooth: hci2: command 0x041b tx timeout
[  461.200817][ T6020] Bluetooth: hci1: command 0x041b tx timeout
[  461.772282][ T6827] team0: Port device team_slave_0 added
[  461.927723][ T6827] team0: Port device team_slave_1 added
[  462.013728][ T6819] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.058099][ T6827] batman_adv: batadv0: Adding interface: batadv_slave_0
[  462.065108][ T6827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.121772][ T6827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  462.156888][ T6827] batman_adv: batadv0: Adding interface: batadv_slave_1
[  462.165646][ T6827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  462.223309][ T6827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  462.279475][ T6819] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.362397][ T6827] device hsr_slave_0 entered promiscuous mode
[  462.392415][ T6827] device hsr_slave_1 entered promiscuous mode
[  462.422450][ T6827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  462.444275][ T6827] Cannot create hsr debugfs directory
[  462.551469][ T6819] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.651122][ T6819] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.867684][ T6218] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  462.933466][ T6827] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.960534][ T6819] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  462.982352][ T6819] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  463.001461][ T6819] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  463.020676][ T6819] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  463.054692][ T6827] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  463.127344][ T6827] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  463.224942][ T6827] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  463.236387][ T3698] Bluetooth: hci2: command 0x040f tx timeout
[  463.242617][ T6218] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  463.267480][ T6218] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  463.277275][ T6218] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  463.307746][ T6218] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.321736][ T6819] 8021q: adding VLAN 0 to HW filter on device bond0
[  463.346475][ T6218] usb 4-1: config 0 descriptor??
[  463.361771][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  463.377029][ T3698] Bluetooth: hci1: command 0x040f tx timeout
[  463.380065][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  463.424774][ T6819] 8021q: adding VLAN 0 to HW filter on device team0
[  463.455657][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  463.484061][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  463.513980][ T3761] bridge0: port 1(bridge_slave_0) entered blocking state
[  463.521117][ T3761] bridge0: port 1(bridge_slave_0) entered forwarding state
[  463.568154][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  463.596848][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  463.617763][ T3761] bridge0: port 2(bridge_slave_1) entered blocking state
[  463.624849][ T3761] bridge0: port 2(bridge_slave_1) entered forwarding state
[  463.670448][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  463.685243][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  463.714168][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  463.742157][ T6906] ptrace attach of "./syz-executor exec"[6485] was attempted by "./syz-executor exec"[6906]
[  463.758134][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  463.771236][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  463.782596][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  463.792571][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  463.802643][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  463.832040][ T6819] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  463.852149][ T6819] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  463.861585][ T6218] cp2112 0003:10C4:EA90.0002: item fetching failed at offset 5/7
[  463.867082][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  463.884002][ T6218] cp2112 0003:10C4:EA90.0002: parse failed
[  463.893554][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  463.901634][ T6218] cp2112: probe of 0003:10C4:EA90.0002 failed with error -22
[  463.908855][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  463.918360][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  463.956503][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  463.970274][ T6827] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  463.992825][ T6827] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  464.012243][ T6827] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  464.026316][ T6827] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  464.119296][ T3692] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  464.172036][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  464.180210][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  464.198607][ T6819] 8021q: adding VLAN 0 to HW filter on device batadv0
[  464.215293][ T6827] 8021q: adding VLAN 0 to HW filter on device bond0
[  464.246507][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  464.255607][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  464.269661][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  464.279150][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  464.294307][ T6827] 8021q: adding VLAN 0 to HW filter on device team0
[  464.324890][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  464.337812][ T3692] usb 5-1: device descriptor read/64, error -71
[  464.343964][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  464.363641][ T5489] bridge0: port 1(bridge_slave_0) entered blocking state
[  464.370765][ T5489] bridge0: port 1(bridge_slave_0) entered forwarding state
[  464.393098][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  464.406007][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  464.420439][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  464.431694][ T5489] bridge0: port 2(bridge_slave_1) entered blocking state
[  464.438847][ T5489] bridge0: port 2(bridge_slave_1) entered forwarding state
[  464.466681][ T6819] device veth0_vlan entered promiscuous mode
[  464.473926][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  464.483655][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  464.493809][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  464.504470][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  464.514491][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  464.527100][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  464.542863][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  464.561097][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  464.574124][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  464.588102][ T6819] device veth1_vlan entered promiscuous mode
[  464.617536][ T3692] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  464.625931][ T3988] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  464.638004][ T3988] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  464.654655][ T3988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  464.664929][ T3988] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  464.675285][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  464.694358][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  464.714323][ T6827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  464.726846][ T6827] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  464.739067][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  464.761433][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  464.801840][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  464.817809][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  464.829109][ T6819] device veth0_macvtap entered promiscuous mode
[  464.837705][ T3692] usb 5-1: device descriptor read/64, error -71
[  464.868014][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  464.877749][ T6819] device veth1_macvtap entered promiscuous mode
[  464.907124][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.927753][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.939428][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.950623][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.960901][ T3692] usb usb5-port1: attempt power cycle
[  464.969922][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  464.980805][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  464.991778][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  465.002543][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.012426][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  465.023636][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.035239][ T6819] batman_adv: batadv0: Interface activated: batadv_slave_0
[  465.047990][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  465.061421][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  465.086023][ T6827] 8021q: adding VLAN 0 to HW filter on device batadv0
[  465.103258][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.116741][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.126906][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.137954][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.148186][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.158892][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.170686][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.182425][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.192625][ T6819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  465.203347][ T6819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  465.223853][ T6819] batman_adv: batadv0: Interface activated: batadv_slave_1
[  465.247055][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  465.255934][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  465.280675][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  465.292462][ T5489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  465.307608][    T7] Bluetooth: hci2: command 0x0419 tx timeout
[  465.329709][ T6819] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  465.348850][ T6819] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  465.365098][ T6819] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  465.375645][ T6819] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  465.394897][ T6221] Bluetooth: hci1: command 0x0419 tx timeout
[  465.407517][ T3692] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  465.517832][ T3692] usb 5-1: device descriptor read/8, error -71
[  465.591077][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  465.621582][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  465.716559][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  465.748261][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  465.758010][ T6220] usb 4-1: USB disconnect, device number 2
[  465.769688][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  465.797894][ T3692] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  465.811018][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  465.834473][ T6827] device veth0_vlan entered promiscuous mode
[  465.844579][ T5489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  465.870713][ T5489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  465.897774][ T3692] usb 5-1: device descriptor read/8, error -71
[  465.930155][ T3761] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  466.039845][ T3692] usb usb5-port1: unable to enumerate USB device
[  466.113738][ T6827] device veth1_vlan entered promiscuous mode
[  466.122279][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  466.142000][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.182724][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  466.315272][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  466.389224][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  466.505266][ T6827] device veth0_macvtap entered promiscuous mode
[  467.344218][ T6827] device veth1_macvtap entered promiscuous mode
[  467.358331][ T3782] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  467.366771][ T3782] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  467.701965][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.402554][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.466864][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.505542][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.516324][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.526872][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.547057][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.564741][ T6942] loop4: detected capacity change from 0 to 512
[  468.581679][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.607500][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.625954][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.635907][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  468.655150][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  468.676520][ T6827] batman_adv: batadv0: Interface activated: batadv_slave_0
[  468.783666][ T6942] EXT4-fs (loop4): Mount option "nouser_xattr" will be removed by 3.5
[  468.783666][ T6942] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  468.783666][ T6942] 
[  468.802511][ T6942] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  468.814970][ T3782] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  468.868536][ T3782] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  468.901889][ T6942] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.727: casefold flag without casefold feature
[  468.915536][ T6942] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.727: couldn't read orphan inode 15 (err -117)
[  468.928293][ T6942] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,grpjquota=,errors=continue,errors=continue,nouser_xattr,discard,barrier,norecovery,errors=continue,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  469.458778][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  469.751643][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.802309][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  469.857453][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.908344][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  469.956445][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.976685][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  470.007477][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  470.031315][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  470.047477][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  470.067485][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  470.087985][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  470.109152][ T6827] batman_adv: batadv0: Interface activated: batadv_slave_1
[  470.139411][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  470.168334][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  470.190304][ T6827] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  470.226339][ T6827] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  470.273699][ T6827] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  470.327958][ T6827] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  470.346918][ T6956] loop4: detected capacity change from 0 to 256
[  470.421526][ T6956] exfat: Deprecated parameter 'utf8'
[  470.426883][ T6956] exfat: Deprecated parameter 'namecase'
[  470.465455][ T6956] exfat: Deprecated parameter 'utf8'
[  470.549617][ T6956] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  470.615929][ T6855] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  470.643617][ T6855] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  470.652977][ T6956] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[  470.665013][ T6946] loop0: detected capacity change from 0 to 40427
[  470.707125][ T3782] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  470.740005][ T3782] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  470.766470][ T3782] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  470.781080][ T6946] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  470.797495][ T6946] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  470.807778][ T3698] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  470.880792][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  470.891938][ T6946] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  471.048327][ T3698] usb 4-1: Using ep0 maxpacket: 8
[  471.144702][ T6946] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  471.157796][ T6946] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  471.328543][ T3698] usb 4-1: New USB device found, idVendor=1a0a, idProduct=0103, bcdDevice=ad.1d
[  471.347549][ T3698] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.379506][ T3698] usb 4-1: Product: syz
[  471.383705][ T3698] usb 4-1: Manufacturer: syz
[  471.409012][ T3698] usb 4-1: SerialNumber: syz
[  471.428250][ T3698] usb 4-1: config 0 descriptor??
[  471.482313][ T3698] usb_ehset_test: probe of 4-1:0.0 failed with error -32
[  471.580346][ T3636] device hsr_slave_0 left promiscuous mode
[  471.597102][ T3636] device hsr_slave_1 left promiscuous mode
[  471.611742][ T3636] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  471.643597][ T3636] batman_adv: batadv0: Removing interface: batadv_slave_0
[  471.686073][ T3636] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  471.703524][ T3636] batman_adv: batadv0: Removing interface: batadv_slave_1
[  471.704653][ T6218] usb 4-1: USB disconnect, device number 3
[  471.765196][ T3636] device bridge_slave_1 left promiscuous mode
[  471.785953][ T3636] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.858440][ T3636] device bridge_slave_0 left promiscuous mode
[  471.864711][ T3636] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.917816][ T3636] device hsr_slave_0 left promiscuous mode
[  471.931767][ T3636] device hsr_slave_1 left promiscuous mode
[  471.952835][ T6964] loop2: detected capacity change from 0 to 40427
[  471.969652][ T3636] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  471.977110][ T3636] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.006496][ T3636] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.017629][ T6964] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  472.043994][ T6964] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  472.055472][ T3636] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.085382][ T3636] device bridge_slave_1 left promiscuous mode
[  472.087080][ T6964] F2FS-fs (loop2): invalid crc value
[  472.137201][ T3636] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.170595][ T6964] F2FS-fs (loop2): Found nat_bits in checkpoint
[  472.179132][ T3636] device bridge_slave_0 left promiscuous mode
[  472.185361][ T3636] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.295421][ T3636] device veth1_macvtap left promiscuous mode
[  472.305282][ T3636] device veth0_macvtap left promiscuous mode
[  472.329280][ T3636] device veth1_vlan left promiscuous mode
[  472.335161][ T3636] device veth0_vlan left promiscuous mode
[  472.341525][ T6964] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  472.349062][ T6964] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  472.396548][ T3636] device veth1_macvtap left promiscuous mode
[  472.404175][ T6976] netlink: 104 bytes leftover after parsing attributes in process `syz.3.735'.
[  472.437236][ T3636] device veth0_macvtap left promiscuous mode
[  472.446550][ T3636] device veth1_vlan left promiscuous mode
[  472.462804][ T3636] device veth0_vlan left promiscuous mode
[  473.701208][ T4158] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  473.782869][ T6983] loop3: detected capacity change from 0 to 512
[  473.840803][ T4158] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  474.010064][ T6994] loop4: detected capacity change from 0 to 256
[  474.031054][ T6983] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.737: inode #1: comm syz.3.737: iget: illegal inode #
[  474.073060][ T6983] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.737: error while reading EA inode 1 err=-117
[  474.105174][ T6983] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.737: inode #1: comm syz.3.737: iget: illegal inode #
[  474.129161][ T6983] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.737: error while reading EA inode 1 err=-117
[  474.178614][ T6983] EXT4-fs (loop3): 1 orphan inode deleted
[  474.197732][ T6983] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback.
[  474.280375][ T6973] ptrace attach of "./syz-executor exec"[6819] was attempted by "./syz-executor exec"[6973]
[  475.067607][ T6999] loop0: detected capacity change from 0 to 1024
[  475.218415][ T6221] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  475.332957][ T6999] hfsplus: extend alloc file! (8192,65536,366)
[  475.382094][ T7057] loop4: detected capacity change from 0 to 2048
[  475.407639][ T6221] usb 2-1: device descriptor read/64, error -71
[  475.457838][ T7057] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  475.502101][ T3636] team0 (unregistering): Port device team_slave_1 removed
[  475.568066][ T3636] team0 (unregistering): Port device team_slave_0 removed
[  475.685782][ T3636] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  475.729706][ T3636] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  475.747661][ T3575] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  475.984458][ T3636] bond0 (unregistering): Released all slaves
[  476.017745][ T3575] usb 4-1: Using ep0 maxpacket: 32
[  476.137708][ T3575] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  476.155031][ T3575] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  476.180479][ T3575] usb 4-1: New USB device found, idVendor=056a, idProduct=033e, bcdDevice= 0.00
[  476.182082][ T3636] team0 (unregistering): Port device team_slave_1 removed
[  476.194775][ T3575] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.213818][ T3575] usb 4-1: config 0 descriptor??
[  476.224430][ T3636] team0 (unregistering): Port device team_slave_0 removed
[  476.259305][ T3636] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  476.298402][ T3636] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  476.424545][ T3636] bond0 (unregistering): Released all slaves
[  476.505685][ T7046] netlink: 40 bytes leftover after parsing attributes in process `syz.4.741'.
[  476.577683][ T3575] usbhid 4-1:0.0: can't add hid device: -71
[  476.583706][ T3575] usbhid: probe of 4-1:0.0 failed with error -71
[  476.726657][ T7078] loop4: detected capacity change from 0 to 512
[  476.734375][ T3575] usb 4-1: USB disconnect, device number 4
[  477.168063][ T7087] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  477.862998][ T7094] loop0: detected capacity change from 0 to 512
[  478.006444][ T7094] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  478.079110][ T7094] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  478.404467][ T7103] loop4: detected capacity change from 0 to 128
[  478.992897][ T3988] Bluetooth: hci3: Frame reassembly failed (-84)
[  479.290081][ T7109] loop3: detected capacity change from 0 to 256
[  480.450403][ T7117] netlink: 40 bytes leftover after parsing attributes in process `syz.1.759'.
[  480.542976][ T7117] loop1: detected capacity change from 0 to 2048
[  480.623443][ T7117] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  481.322506][ T3620] Bluetooth: hci3: command 0x1003 tx timeout
[  481.332763][ T3586] Bluetooth: hci3: sending frame failed (-49)
[  481.363710][ T7112] loop2: detected capacity change from 0 to 40427
[  481.456539][ T7112] F2FS-fs (loop2): Unrecognized mount option "errors=continue" or missing value
[  481.882731][ T7128] loop1: detected capacity change from 0 to 4096
[  482.028479][ T6020] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  482.069213][ T7128] ntfs: volume version 3.1.
[  482.287649][ T6020] usb 5-1: Using ep0 maxpacket: 16
[  482.407734][ T6020] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  482.445120][ T6020] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  482.496280][ T6020] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  482.556112][ T6020] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  483.121840][ T6020] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.143752][ T6020] usb 5-1: config 0 descriptor??
[  483.427244][ T3620] Bluetooth: hci3: command 0x1001 tx timeout
[  483.453536][ T7149] loop2: detected capacity change from 0 to 512
[  483.460077][ T3586] Bluetooth: hci3: sending frame failed (-49)
[  483.753312][ T7149] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  484.053836][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.065253][ T7149] EXT4-fs (loop2): 1 truncate cleaned up
[  484.074130][ T7149] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,grpid,noblock_validity,,errors=continue. Quota mode: none.
[  484.188816][ T7149] netlink: 8 bytes leftover after parsing attributes in process `syz.2.770'.
[  484.197599][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.204960][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.212627][ T7149] netlink: 12 bytes leftover after parsing attributes in process `syz.2.770'.
[  484.239775][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.255365][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.256179][ T7155] netlink: 40 bytes leftover after parsing attributes in process `syz.1.771'.
[  484.280697][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.301695][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.335474][ T7155] loop1: detected capacity change from 0 to 2048
[  484.342049][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.349727][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.357016][ T6020] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  484.378647][ T6020] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0003/input/input7
[  484.405123][ T6020] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  484.423854][ T6020] usb 5-1: USB disconnect, device number 7
[  484.514414][ T7155] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  484.672747][ T7157] xt_CT: No such helper "syz0"
[  485.027067][ T7171] loop2: detected capacity change from 0 to 4096
[  485.096697][ T7174] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  485.184964][ T7174] loop1: detected capacity change from 0 to 1024
[  485.223954][ T7171] ntfs: volume version 3.1.
[  485.225634][ T7174] hfsplus: extend alloc file! (8192,65536,366)
[  485.477759][   T21] Bluetooth: hci3: command 0x1009 tx timeout
[  486.644144][ T3698] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  486.701050][ T7196] netlink: 40 bytes leftover after parsing attributes in process `syz.3.785'.
[  486.763502][ T7196] loop3: detected capacity change from 0 to 2048
[  486.847969][ T7196] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  486.954510][ T6020] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  487.007742][ T3698] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  487.044471][ T3698] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.071281][ T3698] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  487.104729][ T3698] usb 3-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  487.124281][ T3698] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.145973][ T3698] usb 3-1: config 0 descriptor??
[  487.197589][ T6020] usb 5-1: Using ep0 maxpacket: 32
[  487.232545][ T7208] loop1: detected capacity change from 0 to 4096
[  487.319088][ T6020] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  487.333231][ T6020] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.351333][ T7208] ntfs: volume version 3.1.
[  487.356289][ T6020] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  487.369573][ T6020] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.387159][ T6020] usb 5-1: config 0 descriptor??
[  487.428886][ T6020] hub 5-1:0.0: USB hub found
[  487.607596][ T6221] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  487.632359][ T3698] uclogic 0003:5543:0003.0004: item fetching failed at offset 5/7
[  487.646626][ T3698] uclogic 0003:5543:0003.0004: parse failed
[  487.663024][ T3698] uclogic: probe of 0003:5543:0003.0004 failed with error -22
[  487.713043][ T7213] loop1: detected capacity change from 0 to 1024
[  487.737624][ T6020] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  487.790703][ T7213] hfsplus: extend alloc file! (8192,65536,366)
[  487.832481][ T3698] usb 3-1: USB disconnect, device number 3
[  487.848879][ T6020] usbhid 5-1:0.0: can't add hid device: -71
[  487.854969][ T6020] usbhid: probe of 5-1:0.0 failed with error -71
[  487.907745][ T6020] usb 5-1: USB disconnect, device number 8
[  487.982915][ T6221] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  488.017066][ T6221] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  488.117621][ T6221] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  488.136918][ T6221] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  488.152062][ T6221] usb 4-1: SerialNumber: syz
[  488.472601][ T6221] usb 4-1: 0:2 : does not exist
[  488.974249][ T7222] chnl_net:caif_netlink_parms(): no params data found
[  489.065053][ T7238] loop2: detected capacity change from 0 to 256
[  489.066073][ T6221] usb 4-1: USB disconnect, device number 5
[  489.240888][ T7238] FAT-fs (loop2): Directory bread(block 64) failed
[  489.270461][ T7238] FAT-fs (loop2): Directory bread(block 65) failed
[  489.277122][ T7238] FAT-fs (loop2): Directory bread(block 66) failed
[  489.293042][ T7238] FAT-fs (loop2): Directory bread(block 67) failed
[  489.320176][ T6355] udevd[6355]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  489.332282][ T7238] FAT-fs (loop2): Directory bread(block 68) failed
[  489.371656][ T7238] FAT-fs (loop2): Directory bread(block 69) failed
[  489.379201][ T7238] FAT-fs (loop2): Directory bread(block 70) failed
[  489.385812][ T7238] FAT-fs (loop2): Directory bread(block 71) failed
[  489.393108][ T7238] FAT-fs (loop2): Directory bread(block 72) failed
[  489.409220][ T7238] FAT-fs (loop2): Directory bread(block 73) failed
[  489.422249][ T7246] loop3: detected capacity change from 0 to 2048
[  489.427665][ T6020] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  489.446517][ T7244] netlink: 40 bytes leftover after parsing attributes in process `syz.3.801'.
[  489.480500][ T7246] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  489.659126][ T7222] bridge0: port 1(bridge_slave_0) entered blocking state
[  489.666219][ T7222] bridge0: port 1(bridge_slave_0) entered disabled state
[  489.699038][ T7222] device bridge_slave_0 entered promiscuous mode
[  489.710761][ T7222] bridge0: port 2(bridge_slave_1) entered blocking state
[  489.718605][ T7222] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.726833][ T7222] device bridge_slave_1 entered promiscuous mode
[  489.787995][ T3636] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.814842][ T7222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  489.829192][ T7222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  489.857906][ T6020] usb 5-1: unable to read config index 0 descriptor/start: -61
[  489.866502][ T6020] usb 5-1: can't read configurations, error -61
[  489.882881][ T7222] team0: Port device team_slave_0 added
[  489.891120][ T7250] loop3: detected capacity change from 0 to 4096
[  489.910524][ T3636] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  489.942845][ T7222] team0: Port device team_slave_1 added
[  490.036918][ T7222] batman_adv: batadv0: Adding interface: batadv_slave_0
[  490.036938][ T7222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  490.036969][ T7222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  490.041176][ T7222] batman_adv: batadv0: Adding interface: batadv_slave_1
[  490.041191][ T7222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  490.041216][ T7222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  490.084229][ T7222] device hsr_slave_0 entered promiscuous mode
[  490.084928][ T7222] device hsr_slave_1 entered promiscuous mode
[  490.085560][ T7222] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  490.085672][ T7222] Cannot create hsr debugfs directory
[  490.348319][ T6020] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  490.392777][   T21] Bluetooth: hci4: command 0x0409 tx timeout
[  490.476316][ T3636] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.538711][ T7255] loop1: detected capacity change from 0 to 1024
[  490.548825][ T7250] ntfs: volume version 3.1.
[  490.563990][ T3636] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.661841][ T7255] hfsplus: extend alloc file! (8192,65536,366)
[  490.759473][ T6020] usb 5-1: unable to read config index 0 descriptor/start: -61
[  490.786186][ T6020] usb 5-1: can't read configurations, error -61
[  490.817483][ T3698] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  490.837871][ T6020] usb usb5-port1: attempt power cycle
[  491.768330][ T6020] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  493.373761][ T3618] Bluetooth: hci4: command 0x041b tx timeout
[  493.388254][ T6020] usb 5-1: device descriptor read/8, error -71
[  495.407771][ T3698] usb 3-1: unable to read config index 0 descriptor/all
[  496.367598][ T3618] Bluetooth: hci4: command 0x040f tx timeout
[  496.371841][ T3698] usb 3-1: can't read configurations, error -71
[  498.377604][ T6220] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  499.274857][ T3575] Bluetooth: hci4: command 0x0419 tx timeout
[  499.383611][ T7292] netlink: 40 bytes leftover after parsing attributes in process `syz.2.811'.
[  499.513287][ T7299] loop2: detected capacity change from 0 to 2048
[  499.584923][ T7222] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  499.622044][ T7222] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  499.640459][ T7222] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  499.653822][ T7299] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  499.675686][ T7222] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  499.685507][ T3575] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  499.950744][ T3575] usb 2-1: Using ep0 maxpacket: 16
[  500.110303][ T7222] 8021q: adding VLAN 0 to HW filter on device bond0
[  500.184261][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  500.199306][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  500.217660][ T3575] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  500.237592][ T3575] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  500.286879][ T7222] 8021q: adding VLAN 0 to HW filter on device team0
[  500.308395][   T26] audit: type=1326 audit(1729562502.360:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7309 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  500.337902][ T3575] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  500.370619][ T3575] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  500.387508][ T3575] usb 2-1: SerialNumber: syz
[  500.396075][   T26] audit: type=1326 audit(1729562502.360:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7309 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  500.417799][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  500.429898][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  500.456327][ T7317] loop4: detected capacity change from 0 to 4096
[  500.462306][ T7041] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.469917][ T7041] bridge0: port 1(bridge_slave_0) entered forwarding state
[  500.480040][ T3575] usb 2-1: 0:2 : does not exist
[  500.513587][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  500.532971][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  500.557848][ T7041] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.564985][ T7041] bridge0: port 2(bridge_slave_1) entered forwarding state
[  500.619397][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  500.634460][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  500.646184][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  500.657157][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  500.670183][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  500.674812][ T7317] ntfs: volume version 3.1.
[  500.715630][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  500.724673][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  500.744195][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  500.750624][ T3575] usb 2-1: USB disconnect, device number 4
[  500.768751][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  500.777071][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  500.869625][ T7222] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  500.918592][ T7222] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  500.970465][ T7323] loop4: detected capacity change from 0 to 256
[  500.981574][ T3636] device hsr_slave_0 left promiscuous mode
[  500.988885][ T3636] device hsr_slave_1 left promiscuous mode
[  500.995536][ T3636] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  501.003896][ T3636] batman_adv: batadv0: Removing interface: batadv_slave_0
[  501.013413][ T3636] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  501.021563][ T3636] batman_adv: batadv0: Removing interface: batadv_slave_1
[  501.029668][ T3636] device bridge_slave_1 left promiscuous mode
[  501.036066][ T3636] bridge0: port 2(bridge_slave_1) entered disabled state
[  501.045129][ T7323] exfat: Deprecated parameter 'utf8'
[  501.054101][ T3636] device bridge_slave_0 left promiscuous mode
[  501.060870][ T3636] bridge0: port 1(bridge_slave_0) entered disabled state
[  501.074714][ T3636] device veth1_macvtap left promiscuous mode
[  501.080994][ T3636] device veth0_macvtap left promiscuous mode
[  501.087097][ T3636] device veth1_vlan left promiscuous mode
[  501.100997][ T3636] device veth0_vlan left promiscuous mode
[  501.109043][ T7323] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  501.151507][ T7325] loop3: detected capacity change from 0 to 512
[  501.222001][ T7325] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  501.334066][ T7325] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  501.695688][ T7338] netlink: 12 bytes leftover after parsing attributes in process `syz.4.820'.
[  502.336934][ T3636] team0 (unregistering): Port device team_slave_1 removed
[  502.373645][ T3636] team0 (unregistering): Port device team_slave_0 removed
[  502.421479][ T3636] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  502.475665][ T3636] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  502.569420][ T3636] bond0 (unregistering): Released all slaves
[  502.639374][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  502.651947][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  502.804673][ T3618] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  502.908878][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  502.917318][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  502.931737][ T7222] 8021q: adding VLAN 0 to HW filter on device batadv0
[  502.948030][ T7352] netlink: 40 bytes leftover after parsing attributes in process `syz.3.823'.
[  502.995574][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  503.014726][ T7352] loop3: detected capacity change from 0 to 2048
[  503.035442][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  503.066544][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  503.075319][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  503.087789][ T3618] usb 5-1: Using ep0 maxpacket: 16
[  503.097062][ T7352] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  503.117828][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  503.151535][ T7041] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  503.184955][ T7222] device veth0_vlan entered promiscuous mode
[  503.225024][ T7222] device veth1_vlan entered promiscuous mode
[  503.247743][ T3618] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  503.282622][ T3618] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  503.319848][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  503.338842][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  503.346599][ T3618] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  503.356232][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  503.371207][ T3618] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.406268][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  503.415191][ T3618] usb 5-1: config 0 descriptor??
[  503.454912][ T7222] device veth0_macvtap entered promiscuous mode
[  503.470335][ T3618] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  503.501840][ T7222] device veth1_macvtap entered promiscuous mode
[  503.542282][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  503.567425][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  503.590298][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  503.623100][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  503.657446][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  503.693048][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  503.718732][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  503.736962][ T7345] ptrace attach of "./syz-executor exec"[6485] was attempted by "./syz-executor exec"[7345]
[  503.763627][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  503.795138][ T7222] batman_adv: batadv0: Interface activated: batadv_slave_0
[  503.833619][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  503.844769][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  503.859000][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  503.884451][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  503.929515][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  503.958290][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  503.995500][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.013304][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.023605][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.040260][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.070691][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  504.111056][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.162360][ T7222] batman_adv: batadv0: Interface activated: batadv_slave_1
[  504.207802][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  504.217135][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  505.038797][ T7222] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  505.047693][ T7222] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  505.064084][ T7222] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  505.173114][ T7222] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  505.767735][ T3698] usb 5-1: USB disconnect, device number 13
[  505.900734][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  505.928403][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  505.967657][ T3575] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  505.982575][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  505.990569][ T7036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  506.010419][ T7036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  506.042919][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  506.247484][ T3575] usb 2-1: Using ep0 maxpacket: 16
[  506.407791][ T3575] usb 2-1: config 0 has an invalid interface number: 2 but max is 0
[  506.419158][ T3575] usb 2-1: config 0 has no interface number 0
[  506.431746][ T3575] usb 2-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  506.598401][ T3575] usb 2-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  506.620423][ T3575] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  506.642378][ T3575] usb 2-1: Product: syz
[  506.669855][ T3575] usb 2-1: SerialNumber: syz
[  506.685247][   T26] audit: type=1326 audit(1729562508.730:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  506.813532][   T26] audit: type=1326 audit(1729562508.730:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  506.880709][ T3575] usb 2-1: config 0 descriptor??
[  506.902012][   T26] audit: type=1326 audit(1729562508.730:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  507.141406][   T26] audit: type=1326 audit(1729562508.730:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  507.251578][   T26] audit: type=1326 audit(1729562508.730:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  507.340707][   T26] audit: type=1326 audit(1729562508.760:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  507.403501][   T26] audit: type=1326 audit(1729562508.760:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  507.467808][   T26] audit: type=1326 audit(1729562508.760:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  507.494705][   T26] audit: type=1326 audit(1729562508.760:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  507.519140][   T26] audit: type=1326 audit(1729562508.760:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7372 comm="syz.4.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5044a47ff9 code=0x7ffc0000
[  507.544070][ T3575] snd-usb-audio: probe of 2-1:0.2 failed with error -2
[  507.731987][ T3575] usb 2-1: USB disconnect, device number 5
[  507.771668][ T6355] udevd[6355]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  507.852741][ T7381] netlink: 12 bytes leftover after parsing attributes in process `syz.4.831'.
[  508.352042][ T7384] loop4: detected capacity change from 0 to 1024
[  508.416396][ T7384] EXT4-fs (loop4): Test dummy encryption mode enabled
[  508.437145][ T7384] EXT4-fs (loop4): Ignoring removed orlov option
[  508.482946][ T7384] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,noquota,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  508.485999][ T7390] netlink: 40 bytes leftover after parsing attributes in process `syz.2.834'.
[  508.566807][ T7392] loop2: detected capacity change from 0 to 2048
[  508.709264][ T7392] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  509.859083][ T7407] loop3: detected capacity change from 0 to 512
[  510.029686][ T7407] EXT4-fs error (device loop3): ext4_orphan_get:1427: comm syz.3.839: bad orphan inode 17
[  510.306431][ T7407] ext4_test_bit(bit=16, block=4) = 1
[  510.328048][ T7407] is_bad_inode(inode)=0
[  510.466963][ T7407] NEXT_ORPHAN(inode)=0
[  510.559680][ T7407] max_ino=32
[  510.697684][ T7407] i_nlink=1
[  510.700911][ T7407] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  511.009600][ T7417] loop4: detected capacity change from 0 to 1024
[  511.107586][ T7418] netlink: 12 bytes leftover after parsing attributes in process `syz.2.842'.
[  511.404198][ T7417] EXT4-fs (loop4): Ignoring removed nobh option
[  511.534005][ T7417] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  511.752188][ T7417] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,resuid=0x0000000000000000,dioread_nolock,usrjquota=,discard,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  513.120615][   T26] kauditd_printk_skb: 21 callbacks suppressed
[  513.120635][   T26] audit: type=1800 audit(1729562515.150:96): pid=7438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.841" name="bus" dev="loop4" ino=18 res=0 errno=0
[  513.238370][ T7443] netlink: 40 bytes leftover after parsing attributes in process `syz.2.847'.
[  513.344659][ T7443] loop2: detected capacity change from 0 to 2048
[  513.358349][ T7448] loop4: detected capacity change from 0 to 1024
[  513.636876][ T7448] EXT4-fs (loop4): Test dummy encryption mode enabled
[  513.678589][ T7443] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  513.720533][ T7448] EXT4-fs (loop4): inline encryption not supported
[  513.851821][ T7448] EXT4-fs (loop4): Ignoring removed orlov option
[  514.052669][ T7448] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,inlinecrypt,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  514.282993][ T7448] fscrypt (loop4): Error allocating 'xts(aes)' transform: -4
[  514.328445][ T7455] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  515.649838][ T6218] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  515.805344][ T7478] loop0: detected capacity change from 0 to 256
[  516.078491][ T6218] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  516.144607][ T6218] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  516.179855][ T6218] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  516.406322][ T6218] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.416747][ T6218] usb 5-1: config 0 descriptor??
[  516.594132][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  516.600586][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  516.636864][ T7486] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  516.685596][ T7486] loop3: detected capacity change from 0 to 1024
[  516.743909][ T7486] hfsplus: extend alloc file! (8192,65536,366)
[  516.965755][ T7496] loop0: detected capacity change from 0 to 4096
[  517.121910][ T7502] "syz.3.863" (7502) uses obsolete ecb(arc4) skcipher
[  517.133501][ T7496] ntfs: volume version 3.1.
[  517.603080][ T7510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.865'.
[  518.159595][ T6218] uclogic 0003:256C:006D.0005: failed retrieving string descriptor #200: -71
[  518.216386][ T6218] uclogic 0003:256C:006D.0005: failed retrieving pen parameters: -71
[  518.246334][ T6218] uclogic 0003:256C:006D.0005: failed probing pen v2 parameters: -71
[  518.310834][ T7519] netlink: 40 bytes leftover after parsing attributes in process `syz.1.867'.
[  518.493578][ T6218] uclogic 0003:256C:006D.0005: failed probing parameters: -71
[  519.043345][ T6218] uclogic: probe of 0003:256C:006D.0005 failed with error -71
[  519.349229][ T7528] syz.4.870[7528] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  519.349338][ T7528] syz.4.870[7528] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  519.465342][ T6218] usb 5-1: USB disconnect, device number 14
[  519.717972][ T7535] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  519.731773][ T7540] loop1: detected capacity change from 0 to 4096
[  519.790563][ T7535] loop2: detected capacity change from 0 to 1024
[  519.856782][ T7540] ntfs: volume version 3.1.
[  519.877645][ T7535] hfsplus: extend alloc file! (8192,65536,366)
[  522.351370][ T7560] netlink: 40 bytes leftover after parsing attributes in process `syz.4.882'.
[  522.370200][ T7558] netlink: 272 bytes leftover after parsing attributes in process `syz.3.880'.
[  522.417836][ T7562] loop1: detected capacity change from 0 to 256
[  522.643589][ T7566] loop3: detected capacity change from 0 to 4096
[  524.658883][ T7577] loop2: detected capacity change from 0 to 4096
[  524.727822][ T7581] "syz.0.889" (7581) uses obsolete ecb(arc4) skcipher
[  524.849819][ T7566] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  524.956627][ T7566] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #15: comm syz.3.885: corrupted inode contents
[  524.970720][ T7577] ntfs: volume version 3.1.
[  525.022446][ T7566] EXT4-fs error (device loop3): ext4_dirty_inode:6010: inode #15: comm syz.3.885: mark_inode_dirty error
[  525.045576][ T7588] loop1: detected capacity change from 0 to 1024
[  525.069659][ T7588] hfsplus: extend alloc file! (8192,65536,366)
[  525.117950][ T7566] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #15: comm syz.3.885: corrupted inode contents
[  525.183024][ T7566] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #15: comm syz.3.885: mark_inode_dirty error
[  525.222715][ T7566] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #15: comm syz.3.885: corrupted inode contents
[  525.248454][ T7566] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #15: comm syz.3.885: mark_inode_dirty error
[  525.260686][ T7566] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #15: comm syz.3.885: corrupted inode contents
[  525.295874][ T7566] EXT4-fs error (device loop3): ext4_truncate:4272: inode #15: comm syz.3.885: mark_inode_dirty error
[  525.322203][ T7566] EXT4-fs error (device loop3) in ext4_setattr:5578: Corrupt filesystem
[  525.351159][ T7592] EXT4-fs error (device loop3): ext4_do_update_inode:5174: inode #15: comm syz.3.885: corrupted inode contents
[  525.487316][ T6504] EXT4-fs warning (device loop3): ext4_evict_inode:285: couldn't mark inode dirty (err -117)
[  525.745080][ T7604] netlink: 'syz.4.895': attribute type 1 has an invalid length.
[  525.752937][ T7604] netlink: 'syz.4.895': attribute type 2 has an invalid length.
[  526.651038][ T7607] loop2: detected capacity change from 0 to 2048
[  526.968712][ T7607] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  527.012888][ T7613] netlink: 40 bytes leftover after parsing attributes in process `syz.3.894'.
[  528.333379][ T7631] loop0: detected capacity change from 0 to 512
[  528.452837][ T7631] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  528.536896][ T7631] EXT4-fs (loop0): 1 truncate cleaned up
[  528.591859][ T7631] EXT4-fs (loop0): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  528.643519][ T7633] loop1: detected capacity change from 0 to 1024
[  528.686383][ T7629] loop2: detected capacity change from 0 to 4096
[  528.701724][ T7633] hfsplus: extend alloc file! (8192,65536,366)
[  528.882982][ T7629] ntfs: volume version 3.1.
[  530.433956][ T7652] loop4: detected capacity change from 0 to 2048
[  530.565453][ T7652] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  531.506745][ T7673] loop4: detected capacity change from 0 to 4096
[  531.685258][ T7673] ntfs: volume version 3.1.
[  531.763072][ T7669] chnl_net:caif_netlink_parms(): no params data found
[  531.783294][ T7656] loop2: detected capacity change from 0 to 40427
[  531.832270][ T7656] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  531.841631][ T7656] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  531.864674][ T7656] F2FS-fs (loop2): invalid crc value
[  531.938640][ T7656] F2FS-fs (loop2): Found nat_bits in checkpoint
[  531.996171][ T7656] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  531.995716][ T7669] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.996253][ T7669] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.004914][ T7656] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  532.036759][ T7669] device bridge_slave_0 entered promiscuous mode
[  532.140566][ T7669] bridge0: port 2(bridge_slave_1) entered blocking state
[  532.165174][ T7669] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.194710][ T7669] device bridge_slave_1 entered promiscuous mode
[  532.736794][ T7669] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  532.811107][ T7669] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  533.005079][ T7669] team0: Port device team_slave_0 added
[  533.042153][ T7669] team0: Port device team_slave_1 added
[  533.159409][ T7700] netlink: 12 bytes leftover after parsing attributes in process `syz.1.923'.
[  533.452138][ T7697] loop4: detected capacity change from 0 to 1024
[  533.595380][ T6221] Bluetooth: hci0: command 0x0409 tx timeout
[  533.615978][ T7669] batman_adv: batadv0: Adding interface: batadv_slave_0
[  533.666655][ T7697] hfsplus: extend alloc file! (8192,65536,366)
[  533.672359][ T7669] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  533.700919][ T7669] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  533.723126][ T7669] batman_adv: batadv0: Adding interface: batadv_slave_1
[  533.741696][ T7669] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  533.797465][ T7669] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  533.992277][ T7711] loop1: detected capacity change from 0 to 2048
[  534.035840][ T7669] device hsr_slave_0 entered promiscuous mode
[  534.100665][ T7669] device hsr_slave_1 entered promiscuous mode
[  534.136598][ T7669] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  534.191937][ T7669] Cannot create hsr debugfs directory
[  534.745955][ T7669] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  534.882789][ T7711] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  534.914281][ T7718] loop2: detected capacity change from 0 to 4096
[  534.949319][ T7669] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  535.257449][ T7718] ntfs: volume version 3.1.
[  535.305255][ T7669] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  535.682436][ T1075] Bluetooth: hci0: command 0x041b tx timeout
[  536.381951][ T7669] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.754891][ T7747] netlink: 12 bytes leftover after parsing attributes in process `syz.2.933'.
[  537.177964][ T7744] loop4: detected capacity change from 0 to 1024
[  537.213204][ T7744] hfsplus: extend alloc file! (8192,65536,366)
[  537.226205][ T7726] loop1: detected capacity change from 0 to 40427
[  537.292330][ T7669] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  537.310076][ T7669] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  537.320308][ T7669] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  537.337771][ T7669] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  537.404174][ T7752] loop3: detected capacity change from 0 to 512
[  537.433281][ T7726] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  537.445857][ T7726] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  537.483757][ T7669] 8021q: adding VLAN 0 to HW filter on device bond0
[  537.782921][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  537.913804][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  538.093089][ T7669] 8021q: adding VLAN 0 to HW filter on device team0
[  538.161370][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  538.196188][ T1075] Bluetooth: hci0: command 0x040f tx timeout
[  538.224347][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  538.240284][ T7726] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  538.249743][ T7752] EXT4-fs (loop3): orphan cleanup on readonly fs
[  538.288067][ T3665] bridge0: port 1(bridge_slave_0) entered blocking state
[  538.295180][ T3665] bridge0: port 1(bridge_slave_0) entered forwarding state
[  538.298064][ T7752] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.938: bg 0: block 248: padding at end of block bitmap is not set
[  538.303120][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  538.325766][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  538.335414][ T3665] bridge0: port 2(bridge_slave_1) entered blocking state
[  538.342537][ T3665] bridge0: port 2(bridge_slave_1) entered forwarding state
[  538.356121][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  538.364190][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  538.380314][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  538.399340][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  538.408486][ T7752] Quota error (device loop3): write_blk: dquota write failed
[  538.416440][ T7752] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  538.426799][ T7752] EXT4-fs error (device loop3): ext4_acquire_dquot:6197: comm syz.3.938: Failed to acquire dquot type 1
[  538.430488][ T7762] loop2: detected capacity change from 0 to 2048
[  538.458593][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  538.460398][ T7752] EXT4-fs (loop3): 1 truncate cleaned up
[  538.482779][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  538.491042][ T7752] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  538.493768][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  538.527092][ T7762] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  538.529934][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  538.546280][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  538.558647][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  538.574003][ T7669] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  538.590750][ T7669] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  538.638792][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  538.652046][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  539.338941][ T7669] 8021q: adding VLAN 0 to HW filter on device batadv0
[  539.468454][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  539.476004][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  539.518332][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  539.527263][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  539.547081][ T7669] device veth0_vlan entered promiscuous mode
[  539.577577][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  539.598542][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  539.630040][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  539.646425][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  539.727081][ T7669] device veth1_vlan entered promiscuous mode
[  539.819594][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  539.820138][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  539.820666][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  539.936279][ T7794] netlink: 12 bytes leftover after parsing attributes in process `syz.4.948'.
[  540.234042][ T3665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  540.278101][   T21] Bluetooth: hci0: command 0x0419 tx timeout
[  540.390401][ T7669] device veth0_macvtap entered promiscuous mode
[  540.404830][ T7669] device veth1_macvtap entered promiscuous mode
[  540.434643][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.457841][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.477558][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.509827][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.549241][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.571634][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.619497][ T7797] loop2: detected capacity change from 0 to 1024
[  540.640122][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.652614][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.662659][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.673320][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.684660][ T7669] batman_adv: batadv0: Interface activated: batadv_slave_0
[  540.710082][ T7797] hfsplus: extend alloc file! (8192,65536,366)
[  540.718583][ T7808] netlink: 40 bytes leftover after parsing attributes in process `syz.1.953'.
[  540.744271][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  540.755158][ T7810] loop1: detected capacity change from 0 to 2048
[  540.768576][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  540.806761][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  540.829993][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  540.876341][ T7810] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  541.106344][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.120729][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.137048][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.149108][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.187557][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.204484][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.215564][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.234792][ T7669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.247850][ T7669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.275123][ T7669] batman_adv: batadv0: Interface activated: batadv_slave_1
[  541.286611][ T7669] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  541.295596][ T7669] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  541.306758][ T7669] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  541.324945][ T7669] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  541.344890][ T7049] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  541.372447][ T7049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  541.503026][ T7821] loop2: detected capacity change from 0 to 256
[  541.536162][ T7049] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  541.555264][ T7049] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  541.715028][ T7821] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  542.050740][ T3781] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  542.106163][ T3781] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  542.159917][ T3781] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  542.183234][ T7827] exFAT-fs (loop2): hint_cluster is invalid (17)
[  542.194485][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  542.492557][ T7827] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  542.669292][ T7827] exFAT-fs (loop2): Filesystem has been set read-only
[  542.768821][ T7840] netlink: 12 bytes leftover after parsing attributes in process `syz.4.960'.
[  544.081090][ T7858] netlink: 'syz.0.916': attribute type 1 has an invalid length.
[  544.081156][ T7858] netlink: 'syz.0.916': attribute type 2 has an invalid length.
[  545.719250][ T3620] Bluetooth: hci6: command 0x0406 tx timeout
[  545.846370][ T7867] netlink: 40 bytes leftover after parsing attributes in process `syz.2.966'.
[  545.903166][ T7867] loop2: detected capacity change from 0 to 2048
[  545.917651][ T6220] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  545.957497][ T7867] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  546.963878][ T6220] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  547.267492][ T6220] usb 2-1: string descriptor 0 read error: -71
[  547.273848][ T6220] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  547.795327][ T7890] netlink: 12 bytes leftover after parsing attributes in process `syz.0.973'.
[  549.160905][ T7893] loop3: detected capacity change from 0 to 1024
[  549.202817][ T6220] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.212707][ T6220] usb 2-1: config 0 descriptor??
[  549.237928][ T6220] usb 2-1: can't set config #0, error -71
[  549.246465][ T6220] usb 2-1: USB disconnect, device number 6
[  549.273385][ T7900] loop4: detected capacity change from 0 to 512
[  549.273894][ T7898] loop2: detected capacity change from 0 to 256
[  549.553691][ T7898] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  550.025139][ T7900] EXT4-fs (loop4): 1 orphan inode deleted
[  550.031456][ T7036] hfsplus: b-tree write err: -5, ino 8
[  550.037831][ T7900] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  550.062927][ T7900] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  550.081789][ T7911] exFAT-fs (loop2): hint_cluster is invalid (17)
[  550.105352][ T7911] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  550.114910][ T7911] exFAT-fs (loop2): Filesystem has been set read-only
[  550.136453][ T7913] netlink: 40 bytes leftover after parsing attributes in process `syz.0.980'.
[  550.183773][ T7913] loop0: detected capacity change from 0 to 2048
[  550.847087][ T7913] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  551.042188][ T7934] netlink: 'syz.1.985': attribute type 1 has an invalid length.
[  551.049987][ T7934] netlink: 'syz.1.985': attribute type 2 has an invalid length.
[  552.150582][ T7944] netlink: 12 bytes leftover after parsing attributes in process `syz.3.986'.
[  553.331782][ T7958] loop3: detected capacity change from 0 to 1024
[  553.607573][ T6220] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  553.647609][ T7960] loop0: detected capacity change from 0 to 512
[  553.786737][ T7960] EXT4-fs (loop0): 1 orphan inode deleted
[  553.799497][ T7960] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  553.817192][ T7960] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  553.877788][ T6220] usb 5-1: Using ep0 maxpacket: 8
[  554.007904][ T6220] usb 5-1: config 135 has an invalid interface number: 230 but max is 0
[  554.033626][ T6220] usb 5-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  554.054699][ T6220] usb 5-1: config 135 has no interface number 0
[  554.062693][ T6220] usb 5-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[  554.074498][ T6220] usb 5-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[  554.088956][ T6220] usb 5-1: config 135 interface 230 has no altsetting 0
[  554.349533][ T3665] hfsplus: b-tree write err: -5, ino 8
[  554.655908][ T7972] loop3: detected capacity change from 0 to 256
[  554.707793][ T6220] usb 5-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  554.729422][ T6220] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.738022][ T6220] usb 5-1: Product: syz
[  554.738510][ T7976] loop1: detected capacity change from 0 to 2048
[  554.742335][ T6220] usb 5-1: Manufacturer: syz
[  554.760559][ T7974] loop2: detected capacity change from 0 to 256
[  554.773599][ T6220] usb 5-1: SerialNumber: syz
[  554.824701][ T7972] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  554.830572][ T7976] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  554.848121][ T7974] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  555.057711][ T6220] usb 5-1: Found UVC 0.00 device syz (18ec:3288)
[  555.075674][ T6220] usb 5-1: No valid video chain found.
[  555.077154][ T7979] exFAT-fs (loop2): hint_cluster is invalid (17)
[  555.094908][ T7979] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[  555.106271][ T6220] usb 5-1: USB disconnect, device number 15
[  555.108795][ T7979] exFAT-fs (loop2): Filesystem has been set read-only
[  556.258611][ T8001] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1002'.
[  557.665951][ T3781] tipc: Subscription rejected, illegal request
[  557.676346][ T8007] loop2: detected capacity change from 0 to 512
[  557.921383][ T8010] netlink: 'syz.4.1004': attribute type 1 has an invalid length.
[  557.929325][ T8010] netlink: 'syz.4.1004': attribute type 2 has an invalid length.
[  558.397046][ T8007] EXT4-fs (loop2): 1 orphan inode deleted
[  558.508435][ T8007] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  558.569406][ T8007] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  558.994042][ T8024] loop3: detected capacity change from 0 to 2048
[  559.053829][ T8024]  loop3: p2 < > p4
[  559.169401][ T8024] loop3: p4 size 8192 extends beyond EOD, truncated
[  559.465241][ T8029] loop4: detected capacity change from 0 to 2048
[  559.523310][ T3692] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  559.569239][ T8029] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  559.822248][ T8034] loop4: detected capacity change from 0 to 256
[  559.904257][ T3692] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  559.926468][ T3692] usb 4-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00
[  559.936048][ T3692] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.328048][ T8046] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1016'.
[  561.758889][ T3692] usb 4-1: config 0 descriptor??
[  561.769217][ T8034] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  561.844293][ T8049] loop0: detected capacity change from 0 to 512
[  563.537714][ T3692] usbhid 4-1:0.0: can't add hid device: -71
[  563.543732][ T3692] usbhid: probe of 4-1:0.0 failed with error -71
[  563.576540][ T8049] EXT4-fs (loop0): 1 orphan inode deleted
[  563.587502][ T8049] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  563.599254][ T3692] usb 4-1: USB disconnect, device number 7
[  563.675307][ T8067] loop3: detected capacity change from 0 to 512
[  563.700397][ T8049] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  563.706452][ T8062] loop1: detected capacity change from 0 to 1024
[  563.876245][ T8067] EXT4-fs (loop3): 1 orphan inode deleted
[  563.979898][ T8067] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  564.011097][ T8067] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  564.025966][ T8071] loop2: detected capacity change from 0 to 2048
[  564.171267][ T8074] syz.0.1018[8074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.171363][ T8074] syz.0.1018[8074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.644761][ T8071] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  564.683295][    T9] hfsplus: b-tree write err: -5, ino 8
[  564.950897][ T8079] loop1: detected capacity change from 0 to 512
[  565.570181][ T8079] EXT4-fs (loop1): Test dummy encryption mode enabled
[  565.651203][ T8088] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1028'.
[  565.990319][ T8079] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:163: inode #12: comm syz.1.1025: inline data xattr refers to an external xattr inode
[  566.045282][ T8079] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.1025: couldn't read orphan inode 12 (err -117)
[  566.085137][ T8079] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000001,init_itable=0x0000000000000000,nolazytime,grpid,prjquota,norecovery,lazytime,errors=continue,auto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  566.169852][ T8079] EXT4-fs error (device loop1): ext4_add_entry:2486: inode #2: comm syz.1.1025: Directory hole found for htree leaf block 0
[  566.371657][ T8101] EXT4-fs error (device loop1): ext4_add_entry:2486: inode #2: comm syz.1.1025: Directory hole found for htree leaf block 0
[  566.513060][ T8079] EXT4-fs error (device loop1): ext4_add_entry:2486: inode #2: comm syz.1.1025: Directory hole found for htree leaf block 0
[  569.120099][ T8114] loop3: detected capacity change from 0 to 256
[  569.413362][ T8114] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  569.741691][ T8121] loop1: detected capacity change from 0 to 1024
[  570.400522][ T8125] exFAT-fs (loop3): hint_cluster is invalid (17)
[  570.547654][ T8132] loop2: detected capacity change from 0 to 512
[  570.558184][ T8125] exFAT-fs (loop3): error, invalid access to FAT (entry 0xffffffff)
[  570.581949][ T8125] exFAT-fs (loop3): Filesystem has been set read-only
[  570.590081][ T8130] loop4: detected capacity change from 0 to 512
[  570.776158][    T9] hfsplus: b-tree write err: -5, ino 8
[  570.808301][ T8130] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  570.837604][ T8132] EXT4-fs (loop2): 1 orphan inode deleted
[  570.902993][ T8132] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  570.943759][ T8130] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  570.966406][ T8132] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  571.169908][ T8150] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1041'.
[  571.616849][ T8152] Invalid ELF header magic: != ELF
[  573.888435][ T8171] loop2: detected capacity change from 0 to 512
[  574.117751][ T8171] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  574.380662][ T8171] EXT4-fs (loop2): 1 truncate cleaned up
[  574.420558][ T8171] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,,errors=continue. Quota mode: none.
[  575.024690][ T8181] loop4: detected capacity change from 0 to 256
[  575.254478][ T8181] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  575.747719][ T3618] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  575.987576][ T3618] usb 3-1: device descriptor read/64, error -71
[  576.056629][ T8189] exFAT-fs (loop4): hint_cluster is invalid (17)
[  576.073406][ T8189] exFAT-fs (loop4): error, invalid access to FAT (entry 0xffffffff)
[  576.090561][ T8189] exFAT-fs (loop4): Filesystem has been set read-only
[  576.118858][ T8191] loop3: detected capacity change from 0 to 1024
[  576.323418][ T8168] 9pnet: Insufficient options for proto=fd
[  576.417657][ T3618] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  576.682400][ T8199] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1054'.
[  577.093947][ T3618] usb 3-1: device descriptor read/64, error -71
[  577.145402][    T9] hfsplus: b-tree write err: -5, ino 8
[  577.389298][ T3618] usb usb3-port1: attempt power cycle
[  577.396911][ T8209] loop2: detected capacity change from 0 to 512
[  578.159638][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  578.171858][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  578.359892][ T8209] EXT4-fs (loop2): 1 orphan inode deleted
[  578.367577][ T8209] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  578.385330][ T8209] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  579.296478][ T3698] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  579.458538][ T8237] loop4: detected capacity change from 0 to 256
[  579.678004][ T3698] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  579.731917][ T3698] usb 4-1: config 0 has no interface number 0
[  579.811441][ T8237] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  579.873508][ T3698] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  580.082492][ T3698] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  580.325804][ T3698] usb 4-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  580.342994][   T21] Bluetooth: hci2: command 0x0406 tx timeout
[  580.349203][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  580.371320][ T3698] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.396718][ T8241] exFAT-fs (loop4): hint_cluster is invalid (17)
[  580.492403][ T3698] usb 4-1: config 0 descriptor??
[  580.559458][ T8241] exFAT-fs (loop4): error, invalid access to FAT (entry 0xffffffff)
[  580.568383][ T3698] usb 4-1: can't set config #0, error -71
[  580.585416][ T3698] usb 4-1: USB disconnect, device number 8
[  580.662804][ T8248] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1066'.
[  581.033121][ T8241] exFAT-fs (loop4): Filesystem has been set read-only
[  581.329085][ T8255] loop4: detected capacity change from 0 to 1024
[  582.137480][ T3698] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  582.457682][ T3698] usb 4-1: Using ep0 maxpacket: 16
[  582.587904][ T3698] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  582.709129][ T3781] hfsplus: b-tree write err: -5, ino 8
[  582.767782][ T3698] usb 4-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[  582.787325][ T3698] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.795633][ T3698] usb 4-1: Product: syz
[  582.798035][ T8253] 9pnet: Insufficient options for proto=fd
[  582.850850][ T3698] usb 4-1: Manufacturer: syz
[  582.873586][ T3698] usb 4-1: SerialNumber: syz
[  582.911808][ T3698] usb 4-1: config 0 descriptor??
[  583.788540][ T3698] usb 4-1: can't set config #0, error -71
[  583.817705][ T3698] usb 4-1: USB disconnect, device number 9
[  584.083289][ T8284] loop4: detected capacity change from 0 to 256
[  584.157648][ T8289] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1078'.
[  584.472336][ T8287] loop2: detected capacity change from 0 to 256
[  584.598118][ T8292] loop1: detected capacity change from 0 to 512
[  584.611787][ T8287] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  584.633458][ T8284] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011e5d, chksum : 0x639e3878, utbl_chksum : 0xe619d30d)
[  585.335796][ T8292] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  585.410947][ T8292] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  585.693973][ T8310] loop0: detected capacity change from 0 to 1024
[  585.752693][ T8317] overlayfs: missing 'workdir'
[  586.118932][ T8325] loop3: detected capacity change from 0 to 256
[  586.971022][  T752] hfsplus: b-tree write err: -5, ino 8
[  588.250495][ T8342] loop4: detected capacity change from 0 to 256
[  588.354773][ T8344] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1091'.
[  588.716553][ T8342] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  589.054460][ T8349] exFAT-fs (loop4): hint_cluster is invalid (17)
[  589.068721][ T8349] exFAT-fs (loop4): error, invalid access to FAT (entry 0xffffffff)
[  589.080175][ T8349] exFAT-fs (loop4): Filesystem has been set read-only
[  590.571312][ T8374] loop2: detected capacity change from 0 to 1024
[  592.094866][ T8388] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1105'.
[  592.546367][    T9] hfsplus: b-tree write err: -5, ino 8
[  592.856102][ T8392] loop1: detected capacity change from 0 to 256
[  592.920149][ T8390] overlayfs: failed to clone upperpath
[  592.921716][ T8392] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  593.185627][ T8401] exFAT-fs (loop1): hint_cluster is invalid (17)
[  593.932989][ T8406] loop3: detected capacity change from 0 to 256
[  594.599984][ T8399] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  594.622021][ T8401] exFAT-fs (loop1): error, invalid access to FAT (entry 0xffffffff)
[  594.793233][ T8401] exFAT-fs (loop1): Filesystem has been set read-only
[  597.120757][ T8440] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1117'.
[  598.227480][ T6068] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  598.237470][ T8452] loop1: detected capacity change from 0 to 256
[  598.324198][ T8452] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  598.505439][ T8458] exFAT-fs (loop1): hint_cluster is invalid (17)
[  598.528474][ T8433] 9pnet: Insufficient options for proto=fd
[  598.559766][ T8458] exFAT-fs (loop1): error, invalid access to FAT (entry 0xffffffff)
[  598.598540][ T6068] usb 3-1: config 0 has an invalid interface number: 20 but max is 0
[  598.623798][ T8458] exFAT-fs (loop1): Filesystem has been set read-only
[  598.631174][ T6068] usb 3-1: config 0 has no interface number 0
[  598.649173][ T6068] usb 3-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  598.829003][ T6068] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  598.848924][ T6068] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.856962][ T6068] usb 3-1: Product: syz
[  598.998614][ T6068] usb 3-1: Manufacturer: syz
[  599.003259][ T6068] usb 3-1: SerialNumber: syz
[  602.267753][ T8477] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1129'.
[  602.493835][ T6068] usb 3-1: config 0 descriptor??
[  602.517522][ T6068] usb 3-1: can't set config #0, error -71
[  602.527875][ T6068] usb 3-1: USB disconnect, device number 9
[  602.579360][ T8480] loop4: detected capacity change from 0 to 1024
[  604.240920][ T8491] loop2: detected capacity change from 0 to 512
[  604.385154][ T3761] hfsplus: b-tree write err: -5, ino 8
[  605.101412][ T8509] loop0: detected capacity change from 0 to 256
[  605.182335][ T8509] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  605.333831][ T8510] exFAT-fs (loop0): hint_cluster is invalid (17)
[  605.360478][ T8510] exFAT-fs (loop0): error, invalid access to FAT (entry 0xffffffff)
[  605.369677][ T8510] exFAT-fs (loop0): Filesystem has been set read-only
[  605.472987][ T8516] loop1: detected capacity change from 0 to 512
[  605.558152][ T8516] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  605.636583][ T8516] EXT4-fs (loop1): 1 truncate cleaned up
[  605.661067][ T8516] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nombcache,debug_want_extra_isize=0x0000000000000006,lazytime,noblock_validity,quota,,errors=continue. Quota mode: writeback.
[  606.672311][ T6819] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /98/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  606.732637][ T6819] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  606.949198][ T6819] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /98/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  607.044976][ T8528] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1143'.
[  607.338650][ T6819] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  607.445625][ T6819] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /98/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  607.524559][ T6819] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  607.628774][ T8535] "syz.0.1144" (8535) uses obsolete ecb(arc4) skcipher
[  607.723093][ T6819] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /98/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  608.088919][ T6819] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  608.325843][ T6819] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /98/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  608.374845][ T6819] EXT4-fs error (device loop1): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  608.633335][ T8541] loop3: detected capacity change from 0 to 1024
[  609.051312][ T7036] hfsplus: b-tree write err: -5, ino 8
[  609.209673][ T8547] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1150'.
[  609.264968][ T8549] fuse: Bad value for 'fd'
[  609.359386][ T8547] loop0: detected capacity change from 0 to 2048
[  609.366614][ T8533] 9pnet: Insufficient options for proto=fd
[  609.395260][ T3761] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  609.483919][ T8547] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  609.572722][ T8553] loop4: detected capacity change from 0 to 512
[  609.767761][ T8553] EXT4-fs (loop4): Ignoring removed orlov option
[  609.803497][ T8553] EXT4-fs (loop4): Test dummy encryption mode enabled
[  609.866393][ T3761] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  609.881799][ T8553] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a014e09c, mo2=0002]
[  609.916214][ T8553] System zones: 1-12
[  609.984964][ T3761] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  609.995467][ T8553] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.1151: casefold flag without casefold feature
[  610.020570][ T8553] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1151: couldn't read orphan inode 15 (err -117)
[  610.178022][ T8553] EXT4-fs (loop4): mounted filesystem without journal. Opts: orlov,minixdf,max_dir_size_kb=0x0000000000009c7c,debug,grpquota,errors=continue,test_dummy_encryption,auto_da_alloc,nodiscard,,errors=continue. Quota mode: writeback.
[  610.253628][ T3761] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  610.458218][ T8565] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1155'.
[  611.078620][ T8567] xt_bpf: check failed: parse error
[  611.995002][ T8571] loop3: detected capacity change from 0 to 256
[  612.115451][ T8562] chnl_net:caif_netlink_parms(): no params data found
[  612.129189][ T8571] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  612.187478][ T6068] Bluetooth: hci1: command 0x0409 tx timeout
[  613.264251][ T8581] "syz.0.1158" (8581) uses obsolete ecb(arc4) skcipher
[  613.607240][ T8586] loop2: detected capacity change from 0 to 1024
[  613.624284][ T8583] exFAT-fs (loop3): hint_cluster is invalid (17)
[  614.267939][ T3616] Bluetooth: hci1: command 0x041b tx timeout
[  614.611504][ T8562] bridge0: port 1(bridge_slave_0) entered blocking state
[  614.634543][ T3636] hfsplus: b-tree write err: -5, ino 8
[  614.706904][ T8562] bridge0: port 1(bridge_slave_0) entered disabled state
[  614.767382][ T8562] device bridge_slave_0 entered promiscuous mode
[  615.017450][ T8562] bridge0: port 2(bridge_slave_1) entered blocking state
[  615.024559][ T8562] bridge0: port 2(bridge_slave_1) entered disabled state
[  615.077589][ T8562] device bridge_slave_1 entered promiscuous mode
[  615.199131][ T8608] netlink: 'syz.2.1163': attribute type 1 has an invalid length.
[  615.206956][ T8608] netlink: 'syz.2.1163': attribute type 2 has an invalid length.
[  615.968160][ T8562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  616.025841][ T8562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  616.119724][ T8614] loop3: detected capacity change from 0 to 256
[  616.204677][ T8614] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  616.287266][ T8562] team0: Port device team_slave_0 added
[  616.382922][ T8562] team0: Port device team_slave_1 added
[  617.411431][ T3620] Bluetooth: hci1: command 0x040f tx timeout
[  617.437493][ T8562] batman_adv: batadv0: Adding interface: batadv_slave_0
[  617.445376][ T8562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  617.479452][ T8562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  617.495819][ T8562] batman_adv: batadv0: Adding interface: batadv_slave_1
[  617.533129][ T8627] loop3: detected capacity change from 0 to 256
[  617.539542][ T8562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  617.744768][ T8562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  617.858578][ T8632] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1168'.
[  618.742643][ T8641] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1167'.
[  618.785251][ T8642] "syz.4.1170" (8642) uses obsolete ecb(arc4) skcipher
[  619.705416][ T3575] Bluetooth: hci1: command 0x0419 tx timeout
[  619.783834][ T8562] device hsr_slave_0 entered promiscuous mode
[  619.810689][ T8562] device hsr_slave_1 entered promiscuous mode
[  619.831430][ T8562] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  619.859493][ T8562] Cannot create hsr debugfs directory
[  619.964315][ T8644] netlink: 'syz.2.1169': attribute type 12 has an invalid length.
[  620.141935][ T8649] loop0: detected capacity change from 0 to 256
[  620.233634][ T8649] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  620.293645][ T8653] loop3: detected capacity change from 0 to 1024
[  621.232245][ T8660] exFAT-fs (loop0): hint_cluster is invalid (17)
[  621.342302][ T7045] hfsplus: b-tree write err: -5, ino 8
[  621.366328][ T8665] loop2: detected capacity change from 0 to 1024
[  621.406769][ T8660] exFAT-fs (loop0): error, invalid access to FAT (entry 0xffffffff)
[  621.417586][ T8660] exFAT-fs (loop0): Filesystem has been set read-only
[  621.510790][ T8672] netlink: 'syz.4.1178': attribute type 1 has an invalid length.
[  621.518691][ T8672] netlink: 'syz.4.1178': attribute type 2 has an invalid length.
[  622.215938][ T8665] EXT4-fs (loop2): Ignoring removed nobh option
[  622.262542][ T8665] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  622.385898][ T8665] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,resuid=0x0000000000000000,dioread_nolock,usrjquota=,discard,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  624.154206][ T8686] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1179'.
[  624.383365][   T26] audit: type=1326 audit(1729562625.810:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  624.446883][   T26] audit: type=1326 audit(1729562625.810:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  624.469733][   T26] audit: type=1326 audit(1729562625.950:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  624.512874][   T26] audit: type=1326 audit(1729562625.950:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  624.587664][   T26] audit: type=1326 audit(1729562625.950:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  624.612155][   T26] audit: type=1326 audit(1729562626.080:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  624.636764][   T26] audit: type=1326 audit(1729562626.080:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  624.730003][   T26] audit: type=1326 audit(1729562626.080:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  625.034220][   T26] audit: type=1326 audit(1729562626.130:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  625.195468][   T26] audit: type=1326 audit(1729562626.130:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8664 comm="syz.2.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f103e2a0ff9 code=0x7ffc0000
[  626.161342][ T8707] "syz.0.1183" (8707) uses obsolete ecb(arc4) skcipher
[  626.793757][ T8562] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  626.847290][ T8562] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  626.901415][ T8716] loop0: detected capacity change from 0 to 1024
[  626.927552][ T3761] device hsr_slave_0 left promiscuous mode
[  626.950819][ T3761] device hsr_slave_1 left promiscuous mode
[  626.988124][ T3761] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  626.999601][ T3761] batman_adv: batadv0: Removing interface: batadv_slave_0
[  627.031584][ T3761] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  627.084374][ T3761] batman_adv: batadv0: Removing interface: batadv_slave_1
[  627.135572][ T3761] device bridge_slave_1 left promiscuous mode
[  627.162875][ T3761] bridge0: port 2(bridge_slave_1) entered disabled state
[  627.175747][ T3761] device bridge_slave_0 left promiscuous mode
[  627.182646][ T3761] bridge0: port 1(bridge_slave_0) entered disabled state
[  627.210689][ T3761] device veth1_macvtap left promiscuous mode
[  627.228355][ T3761] device veth0_macvtap left promiscuous mode
[  627.235917][ T3761] device veth1_vlan left promiscuous mode
[  627.248632][ T3761] device veth0_vlan left promiscuous mode
[  627.315912][ T8691] 9pnet: Insufficient options for proto=fd
[  627.673800][    T9] hfsplus: b-tree write err: -5, ino 8
[  627.791765][ T8734] loop4: detected capacity change from 0 to 256
[  627.891364][ T8739] netlink: 'syz.0.1189': attribute type 1 has an invalid length.
[  627.899194][ T8739] netlink: 'syz.0.1189': attribute type 2 has an invalid length.
[  628.594633][ T8734] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  628.766323][ T8741] exFAT-fs (loop4): hint_cluster is invalid (17)
[  628.805462][ T8741] exFAT-fs (loop4): error, invalid access to FAT (entry 0xffffffff)
[  628.824008][ T8741] exFAT-fs (loop4): Filesystem has been set read-only
[  629.192151][ T8751] loop4: detected capacity change from 0 to 512
[  629.368764][ T3761] team0 (unregistering): Port device team_slave_1 removed
[  629.421223][ T3761] team0 (unregistering): Port device team_slave_0 removed
[  629.451424][ T8751] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  629.465873][ T3761] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  629.479076][ T8751] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  629.553006][ T8766] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1192'.
[  629.995682][ T3761] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  630.261384][ T3761] bond0 (unregistering): Released all slaves
[  631.133278][ T8782] "syz.4.1195" (8782) uses obsolete ecb(arc4) skcipher
[  631.507604][ T8562] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  631.628885][ T8562] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  631.901141][ T8784] loop3: detected capacity change from 0 to 1024
[  632.052658][ T8784] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  632.067772][ T8792] loop4: detected capacity change from 0 to 256
[  632.117907][ T8784] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,bsddf,nombcache,norecovery,debug_want_extra_isize=0x0000000000000006,lazytime,mblk_io_submit,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  632.207248][ T8792] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  632.233569][ T8562] 8021q: adding VLAN 0 to HW filter on device bond0
[  632.408314][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  632.455683][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  633.052472][ T8772] 9pnet: Insufficient options for proto=fd
[  633.099468][ T8562] 8021q: adding VLAN 0 to HW filter on device team0
[  633.152337][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  633.163941][ T8803] exFAT-fs (loop4): hint_cluster is invalid (17)
[  633.209368][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  633.231424][  T752] bridge0: port 1(bridge_slave_0) entered blocking state
[  633.238542][  T752] bridge0: port 1(bridge_slave_0) entered forwarding state
[  633.267020][ T8803] exFAT-fs (loop4): error, invalid access to FAT (entry 0xffffffff)
[  633.295456][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  633.303211][ T8803] exFAT-fs (loop4): Filesystem has been set read-only
[  633.329377][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  633.349625][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  633.418565][  T752] bridge0: port 2(bridge_slave_1) entered blocking state
[  633.425715][  T752] bridge0: port 2(bridge_slave_1) entered forwarding state
[  633.466117][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  633.539594][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  633.598355][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  633.618543][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  633.633693][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  633.648453][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  633.663275][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  633.676379][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  633.692818][ T8562] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  633.710108][ T8562] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  633.729423][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  633.748442][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  633.765243][  T752] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  635.020176][ T8831] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1205'.
[  635.149295][ T8831] loop4: detected capacity change from 0 to 2048
[  635.232365][ T8831] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  635.267560][ T8562] 8021q: adding VLAN 0 to HW filter on device batadv0
[  635.295428][ T8844] netlink: 'syz.2.1206': attribute type 1 has an invalid length.
[  635.303734][ T8844] netlink: 'syz.2.1206': attribute type 2 has an invalid length.
[  636.058096][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  636.065618][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  636.112954][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  636.122573][ T6855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  636.184386][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  636.213598][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  636.375157][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  636.442601][ T7036] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  637.095603][ T8855] loop0: detected capacity change from 0 to 512
[  637.681491][ T8855] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
[  637.681491][ T8855] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  637.681491][ T8855] 
[  637.681808][ T8562] device veth0_vlan entered promiscuous mode
[  637.700101][ T8855] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  637.772564][ T8562] device veth1_vlan entered promiscuous mode
[  637.859593][ T8855] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.1208: casefold flag without casefold feature
[  637.872877][ T8855] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.1208: couldn't read orphan inode 15 (err -117)
[  637.886218][ T8855] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,journal_dev=0x0000000000000007,quota,grpjquota=,errors=continue,errors=continue,nouser_xattr,discard,barrier,norecovery,errors=continue,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  639.006463][ T8863] "syz.4.1209" (8863) uses obsolete ecb(arc4) skcipher
[  639.173376][ T8562] device veth0_macvtap entered promiscuous mode
[  639.186971][ T8562] device veth1_macvtap entered promiscuous mode
[  639.240520][    C0] ------------[ cut here ]------------
[  639.240589][    C0] 
[  639.240594][    C0] ======================================================
[  639.240601][    C0] WARNING: possible circular locking dependency detected
[  639.240607][    C0] 5.15.168-syzkaller #0 Not tainted
[  639.240618][    C0] ------------------------------------------------------
[  639.240623][    C0] kworker/0:9/6020 is trying to acquire lock:
[  639.240633][    C0] ffffffff8c7fc478 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x1c/0xa0
[  639.240687][    C0] 
[  639.240687][    C0] but task is already holding lock:
[  639.240692][    C0] ffff8880b9028098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260
[  639.240733][    C0] 
[  639.240733][    C0] which lock already depends on the new lock.
[  639.240733][    C0] 
[  639.240738][    C0] 
[  639.240738][    C0] the existing dependency chain (in reverse order) is:
[  639.240743][    C0] 
[  639.240743][    C0] -> #3 (&base->lock){-.-.}-{2:2}:
[  639.240764][    C0]        lock_acquire+0x1db/0x4f0
[  639.240780][    C0]        _raw_spin_lock_irqsave+0xd1/0x120
[  639.240800][    C0]        lock_timer_base+0x120/0x260
[  639.240826][    C0]        __mod_timer+0x1d6/0xeb0
[  639.240843][    C0]        queue_delayed_work_on+0x156/0x250
[  639.240874][    C0]        enqueue_task+0x2fe/0x3a0
[  639.240890][    C0]        wake_up_new_task+0x515/0xb60
[  639.240907][    C0]        kernel_clone+0x44e/0x960
[  639.240922][    C0]        kernel_thread+0x168/0x1e0
[  639.240936][    C0]        rest_init+0x21/0x330
[  639.240952][    C0]        start_kernel+0x48c/0x540
[  639.240966][    C0]        secondary_startup_64_no_verify+0xb1/0xbb
[  639.240984][    C0] 
[  639.240984][    C0] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  639.241004][    C0]        lock_acquire+0x1db/0x4f0
[  639.241017][    C0]        _raw_spin_lock_nested+0x2d/0x40
[  639.241034][    C0]        raw_spin_rq_lock_nested+0x26/0x140
[  639.241050][    C0]        task_fork_fair+0x5d/0x350
[  639.241065][    C0]        sched_cgroup_fork+0x2d3/0x330
[  639.241082][    C0]        copy_process+0x224a/0x3ef0
[  639.241096][    C0]        kernel_clone+0x210/0x960
[  639.241110][    C0]        kernel_thread+0x168/0x1e0
[  639.241124][    C0]        rest_init+0x21/0x330
[  639.241140][    C0]        start_kernel+0x48c/0x540
[  639.241153][    C0]        secondary_startup_64_no_verify+0xb1/0xbb
[  639.241169][    C0] 
[  639.241169][    C0] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  639.241188][    C0]        lock_acquire+0x1db/0x4f0
[  639.241201][    C0]        _raw_spin_lock_irqsave+0xd1/0x120
[  639.241218][    C0]        try_to_wake_up+0xae/0x1300
[  639.241234][    C0]        up+0x6e/0x90
[  639.241248][    C0]        __up_console_sem+0x11a/0x1e0
[  639.241264][    C0]        console_unlock+0x1145/0x12b0
[  639.241278][    C0]        process_one_work+0x8a1/0x10c0
[  639.241294][    C0]        worker_thread+0xaca/0x1280
[  639.241310][    C0]        kthread+0x3f6/0x4f0
[  639.241323][    C0]        ret_from_fork+0x1f/0x30
[  639.241339][    C0] 
[  639.241339][    C0] -> #0 ((console_sem).lock){-.-.}-{2:2}:
[  639.241359][    C0]        validate_chain+0x1649/0x5930
[  639.241373][    C0]        __lock_acquire+0x1295/0x1ff0
[  639.241387][    C0]        lock_acquire+0x1db/0x4f0
[  639.241400][    C0]        _raw_spin_lock_irqsave+0xd1/0x120
[  639.241416][    C0]        down_trylock+0x1c/0xa0
[  639.241432][    C0]        __down_trylock_console_sem+0x105/0x250
[  639.241448][    C0]        console_trylock_spinning+0x8a/0x3f0
[  639.241463][    C0]        vprintk_emit+0xa6/0x150
[  639.241477][    C0]        _printk+0xd1/0x120
[  639.241494][    C0]        report_bug+0x1e5/0x2e0
[  639.241511][    C0]        handle_bug+0x3d/0x70
[  639.241525][    C0]        exc_invalid_op+0x16/0x40
[  639.241539][    C0]        asm_exc_invalid_op+0x16/0x20
[  639.241556][    C0]        copy_from_user_nofault+0x15c/0x1c0
[  639.241571][    C0]        bpf_probe_read_compat+0xe4/0x180
[  639.241586][    C0]        bpf_prog_3743bef762c7e242+0x38/0x5f0
[  639.241599][    C0]        bpf_trace_run3+0x1d1/0x380
[  639.241613][    C0]        enqueue_timer+0x3ae/0x540
[  639.241627][    C0]        __mod_timer+0xa60/0xeb0
[  639.241642][    C0]        mrp_join_timer+0x14b/0x180
[  639.241674][    C0]        call_timer_fn+0x16d/0x560
[  639.241688][    C0]        __run_timers+0x67c/0x890
[  639.241701][    C0]        run_timer_softirq+0x63/0xf0
[  639.241719][    C0]        handle_softirqs+0x3a7/0x930
[  639.241734][    C0]        __irq_exit_rcu+0x157/0x240
[  639.241749][    C0]        irq_exit_rcu+0x5/0x20
[  639.241763][    C0]        sysvec_apic_timer_interrupt+0xa0/0xc0
[  639.241780][    C0]        asm_sysvec_apic_timer_interrupt+0x16/0x20
[  639.241800][    C0]        lockdep_unregister_key+0x54e/0x5c0
[  639.241822][    C0]        pwq_unbound_release_workfn+0x23d/0x290
[  639.241840][    C0]        process_one_work+0x8a1/0x10c0
[  639.241857][    C0]        worker_thread+0xaca/0x1280
[  639.241873][    C0]        kthread+0x3f6/0x4f0
[  639.241887][    C0]        ret_from_fork+0x1f/0x30
[  639.241904][    C0] 
[  639.241904][    C0] other info that might help us debug this:
[  639.241904][    C0] 
[  639.241908][    C0] Chain exists of:
[  639.241908][    C0]   (console_sem).lock --> &rq->__lock --> &base->lock
[  639.241908][    C0] 
[  639.241934][    C0]  Possible unsafe locking scenario:
[  639.241934][    C0] 
[  639.241938][    C0]        CPU0                    CPU1
[  639.241942][    C0]        ----                    ----
[  639.241946][    C0]   lock(&base->lock);
[  639.241955][    C0]                                lock(&rq->__lock);
[  639.241966][    C0]                                lock(&base->lock);
[  639.241977][    C0]   lock((console_sem).lock);
[  639.241986][    C0] 
[  639.241986][    C0]  *** DEADLOCK ***
[  639.241986][    C0] 
[  639.241989][    C0] 6 locks held by kworker/0:9/6020:
[  639.241999][    C0]  #0: ffff888017070938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  639.242042][    C0]  #1: ffffc90003197d20 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  639.242091][    C0]  #2: ffffc90000007be0 ((&app->join_timer)#2){+.-.}-{0:0}, at: call_timer_fn+0xbe/0x560
[  639.242133][    C0]  #3: ffff888068bd14c8 (&app->lock#2){+.-.}-{2:2}, at: mrp_join_timer+0xc8/0x180
[  639.242175][    C0]  #4: ffff8880b9028098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260
[  639.242234][    C0]  #5: ffffffff8c91fc20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[  639.242277][    C0] 
[  639.242277][    C0] stack backtrace:
[  639.242281][    C0] CPU: 0 PID: 6020 Comm: kworker/0:9 Not tainted 5.15.168-syzkaller #0
[  639.242300][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  639.242313][    C0] Workqueue: events pwq_unbound_release_workfn
[  639.242333][    C0] Call Trace:
[  639.242339][    C0]  <IRQ>
[  639.242345][    C0]  dump_stack_lvl+0x1e3/0x2d0
[  639.242366][    C0]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  639.242390][    C0]  ? print_circular_bug+0x12b/0x1a0
[  639.242410][    C0]  check_noncircular+0x2f8/0x3b0
[  639.242431][    C0]  ? add_chain_block+0x850/0x850
[  639.242449][    C0]  ? lockdep_lock+0x11f/0x2a0
[  639.242470][    C0]  ? _find_first_zero_bit+0xcf/0xf0
[  639.242493][    C0]  validate_chain+0x1649/0x5930
[  639.242522][    C0]  ? reacquire_held_locks+0x660/0x660
[  639.242540][    C0]  ? data_push_tail+0x693/0x700
[  639.242564][    C0]  ? desc_read+0x3d0/0x3d0
[  639.242583][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  639.242609][    C0]  ? mark_lock+0x98/0x340
[  639.242628][    C0]  __lock_acquire+0x1295/0x1ff0
[  639.242653][    C0]  lock_acquire+0x1db/0x4f0
[  639.242681][    C0]  ? down_trylock+0x1c/0xa0
[  639.242699][    C0]  ? vsnprintf+0x1c70/0x1c70
[  639.242719][    C0]  ? read_lock_is_recursive+0x10/0x10
[  639.242737][    C0]  ? memcpy+0x3c/0x60
[  639.242755][    C0]  ? vsnprintf+0x1b93/0x1c70
[  639.242775][    C0]  ? _prb_commit+0x30a/0x3e0
[  639.242794][    C0]  ? prb_reserve+0x1240/0x1240
[  639.242819][    C0]  _raw_spin_lock_irqsave+0xd1/0x120
[  639.242838][    C0]  ? down_trylock+0x1c/0xa0
[  639.242856][    C0]  ? _raw_spin_lock+0x40/0x40
[  639.242876][    C0]  ? vprintk_store+0xf1b/0x1300
[  639.242894][    C0]  down_trylock+0x1c/0xa0
[  639.242914][    C0]  __down_trylock_console_sem+0x105/0x250
[  639.242950][    C0]  ? printk_parse_prefix+0x2c0/0x2c0
[  639.242980][    C0]  ? vprintk_emit+0xa6/0x150
[  639.242997][    C0]  ? console_trylock+0x70/0x70
[  639.243018][    C0]  ? vprintk_emit+0xa6/0x150
[  639.243034][    C0]  console_trylock_spinning+0x8a/0x3f0
[  639.243052][    C0]  ? vprintk_emit+0x150/0x150
[  639.243069][    C0]  ? reacquire_held_locks+0x660/0x660
[  639.243085][    C0]  ? validate_chain+0x112/0x5930
[  639.243104][    C0]  ? validate_chain+0x112/0x5930
[  639.243121][    C0]  ? validate_chain+0x112/0x5930
[  639.243139][    C0]  vprintk_emit+0xa6/0x150
[  639.243156][    C0]  _printk+0xd1/0x120
[  639.243174][    C0]  ? mark_lock+0x98/0x340
[  639.243190][    C0]  ? report_bug+0x16e/0x2e0
[  639.243208][    C0]  ? panic+0x860/0x860
[  639.243226][    C0]  ? __lock_acquire+0x1295/0x1ff0
[  639.243244][    C0]  ? find_bug+0x9c/0x350
[  639.243264][    C0]  ? copy_from_user_nofault+0x15c/0x1c0
[  639.243281][    C0]  report_bug+0x1e5/0x2e0
[  639.243302][    C0]  handle_bug+0x3d/0x70
[  639.243318][    C0]  exc_invalid_op+0x16/0x40
[  639.243335][    C0]  asm_exc_invalid_op+0x16/0x20
[  639.243354][    C0] RIP: 0010:copy_from_user_nofault+0x15c/0x1c0
[  639.243385][    C0] Code: db 48 c7 c0 f2 ff ff ff 48 0f 44 c5 eb 0c e8 fb c7 d5 ff 48 c7 c0 f2 ff ff ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 e4 c7 d5 ff <0f> 0b e9 1e ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c ef fe ff
[  639.243399][    C0] RSP: 0018:ffffc90000007850 EFLAGS: 00010046
[  639.243412][    C0] RAX: ffffffff81aaab4c RBX: 0000000000000000 RCX: ffff8880274b8000
[  639.243425][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  639.243435][    C0] RBP: dffffc0000000000 R08: ffffffff81aaaa5d R09: ffffed1004e97001
[  639.243448][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000100
[  639.243459][    C0] R13: 0000000000000008 R14: 0000000000000100 R15: ffffc900000078c8
[  639.243473][    C0]  ? copy_from_user_nofault+0x6d/0x1c0
[  639.243488][    C0]  ? copy_from_user_nofault+0x15c/0x1c0
[  639.243509][    C0]  bpf_probe_read_compat+0xe4/0x180
[  639.243527][    C0]  bpf_prog_3743bef762c7e242+0x38/0x5f0
[  639.243541][    C0]  bpf_trace_run3+0x1d1/0x380
[  639.243558][    C0]  ? bpf_trace_run2+0x340/0x340
[  639.243573][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  639.243591][    C0]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  639.243609][    C0]  ? _raw_spin_lock+0x40/0x40
[  639.243629][    C0]  enqueue_timer+0x3ae/0x540
[  639.243646][    C0]  __mod_timer+0xa60/0xeb0
[  639.243667][    C0]  ? mod_timer_pending+0x20/0x20
[  639.243688][    C0]  ? prandom_u32+0x218/0x260
[  639.243707][    C0]  mrp_join_timer+0x14b/0x180
[  639.243723][    C0]  call_timer_fn+0x16d/0x560
[  639.243738][    C0]  ? mrp_init_applicant+0x500/0x500
[  639.243754][    C0]  ? __run_timers+0x890/0x890
[  639.243770][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  639.243788][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  639.243804][    C0]  ? mrp_init_applicant+0x500/0x500
[  639.243825][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  639.243844][    C0]  ? mrp_init_applicant+0x500/0x500
[  639.243876][    C0]  __run_timers+0x67c/0x890
[  639.243897][    C0]  ? detach_timer+0x2f0/0x2f0
[  639.243911][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  639.243932][    C0]  ? ktime_get_real_ts64+0x460/0x460
[  639.243953][    C0]  run_timer_softirq+0x63/0xf0
[  639.243973][    C0]  handle_softirqs+0x3a7/0x930
[  639.243991][    C0]  ? __irq_exit_rcu+0x157/0x240
[  639.244009][    C0]  ? do_softirq+0x240/0x240
[  639.244024][    C0]  ? hrtimer_interrupt+0x76b/0x980
[  639.244042][    C0]  ? irqtime_account_irq+0xd0/0x1e0
[  639.244062][    C0]  __irq_exit_rcu+0x157/0x240
[  639.244079][    C0]  ? irq_exit_rcu+0x20/0x20
[  639.244100][    C0]  irq_exit_rcu+0x5/0x20
[  639.244115][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  639.244135][    C0]  </IRQ>
[  639.244139][    C0]  <TASK>
[  639.244145][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  639.244166][    C0] RIP: 0010:lockdep_unregister_key+0x54e/0x5c0
[  639.244184][    C0] Code: 00 00 00 0f 85 8b 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bf 41 d1 08 41 f7 c4 00 02 00 00 74 86 fb 45 84 f6 <75> 85 eb 96 0f 0b 45 31 f6 e9 1a ff ff ff 0f 0b e9 5a fe ff ff 0f
[  639.244197][    C0] RSP: 0018:ffffc90003197b40 EFLAGS: 00000202
[  639.244210][    C0] RAX: dffffc0000000000 RBX: 1ffff92000632f70 RCX: ffffffff96869f03
[  639.244223][    C0] RDX: 0000000000000001 RSI: ffffffff8a8b3880 RDI: ffffffff8ad90280
[  639.244236][    C0] RBP: ffffc90003197c08 R08: dffffc0000000000 R09: fffffbfff20e29e6
[  639.244249][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000a03
[  639.244260][    C0] R13: 1ffff92000632f6c R14: ffff888065285101 R15: ffffc90003197b80
[  639.244283][    C0]  ? lockdep_reset_lock+0x3f0/0x3f0
[  639.244301][    C0]  ? print_irqtrace_events+0x210/0x210
[  639.244317][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  639.244340][    C0]  pwq_unbound_release_workfn+0x23d/0x290
[  639.244362][    C0]  process_one_work+0x8a1/0x10c0
[  639.244388][    C0]  ? worker_detach_from_pool+0x260/0x260
[  639.244408][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  639.244427][    C0]  ? kthread_data+0x4e/0xc0
[  639.244443][    C0]  ? wq_worker_running+0x97/0x170
[  639.244462][    C0]  worker_thread+0xaca/0x1280
[  639.244491][    C0]  kthread+0x3f6/0x4f0
[  639.244506][    C0]  ? rcu_lock_release+0x20/0x20
[  639.244524][    C0]  ? kthread_blkcg+0xd0/0xd0
[  639.244541][    C0]  ret_from_fork+0x1f/0x30
[  639.244565][    C0]  </TASK>
[  640.527305][    C0] WARNING: CPU: 0 PID: 6020 at mm/maccess.c:226 copy_from_user_nofault+0x15c/0x1c0
[  640.536598][    C0] Modules linked in:
[  640.540472][    C0] CPU: 0 PID: 6020 Comm: kworker/0:9 Not tainted 5.15.168-syzkaller #0
[  640.548691][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  640.558749][    C0] Workqueue: events pwq_unbound_release_workfn
[  640.564893][    C0] RIP: 0010:copy_from_user_nofault+0x15c/0x1c0
[  640.571028][    C0] Code: db 48 c7 c0 f2 ff ff ff 48 0f 44 c5 eb 0c e8 fb c7 d5 ff 48 c7 c0 f2 ff ff ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 e4 c7 d5 ff <0f> 0b e9 1e ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c ef fe ff
[  640.590626][    C0] RSP: 0018:ffffc90000007850 EFLAGS: 00010046
[  640.596672][    C0] RAX: ffffffff81aaab4c RBX: 0000000000000000 RCX: ffff8880274b8000
[  640.604644][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  640.612595][    C0] RBP: dffffc0000000000 R08: ffffffff81aaaa5d R09: ffffed1004e97001
[  640.620547][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000100
[  640.628499][    C0] R13: 0000000000000008 R14: 0000000000000100 R15: ffffc900000078c8
[  640.636450][    C0] FS:  0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  640.645356][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  640.651924][    C0] CR2: 0000000000000100 CR3: 000000005df95000 CR4: 00000000003506f0
[  640.659909][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  640.667877][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  640.675841][    C0] Call Trace:
[  640.679104][    C0]  <IRQ>
[  640.681930][    C0]  ? __warn+0x15b/0x300
[  640.686065][    C0]  ? copy_from_user_nofault+0x15c/0x1c0
[  640.691606][    C0]  ? report_bug+0x1b7/0x2e0
[  640.696093][    C0]  ? handle_bug+0x3d/0x70
[  640.700403][    C0]  ? exc_invalid_op+0x16/0x40
[  640.705061][    C0]  ? asm_exc_invalid_op+0x16/0x20
[  640.710069][    C0]  ? copy_from_user_nofault+0x6d/0x1c0
[  640.715504][    C0]  ? copy_from_user_nofault+0x15c/0x1c0
[  640.721027][    C0]  ? copy_from_user_nofault+0x15c/0x1c0
[  640.726553][    C0]  bpf_probe_read_compat+0xe4/0x180
[  640.731734][    C0]  bpf_prog_3743bef762c7e242+0x38/0x5f0
[  640.737260][    C0]  bpf_trace_run3+0x1d1/0x380
[  640.741921][    C0]  ? bpf_trace_run2+0x340/0x340
[  640.746750][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  640.752648][    C0]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  640.758091][    C0]  ? _raw_spin_lock+0x40/0x40
[  640.762753][    C0]  enqueue_timer+0x3ae/0x540
[  640.767329][    C0]  __mod_timer+0xa60/0xeb0
[  640.771747][    C0]  ? mod_timer_pending+0x20/0x20
[  640.776667][    C0]  ? prandom_u32+0x218/0x260
[  640.781238][    C0]  mrp_join_timer+0x14b/0x180
[  640.785898][    C0]  call_timer_fn+0x16d/0x560
[  640.790465][    C0]  ? mrp_init_applicant+0x500/0x500
[  640.795643][    C0]  ? __run_timers+0x890/0x890
[  640.800300][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  640.805478][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  640.810659][    C0]  ? mrp_init_applicant+0x500/0x500
[  640.815838][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  640.821016][    C0]  ? mrp_init_applicant+0x500/0x500
[  640.826189][    C0]  __run_timers+0x67c/0x890
[  640.830670][    C0]  ? detach_timer+0x2f0/0x2f0
[  640.835331][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  640.841287][    C0]  ? ktime_get_real_ts64+0x460/0x460
[  640.846549][    C0]  run_timer_softirq+0x63/0xf0
[  640.851291][    C0]  handle_softirqs+0x3a7/0x930
[  640.856033][    C0]  ? __irq_exit_rcu+0x157/0x240
[  640.860861][    C0]  ? do_softirq+0x240/0x240
[  640.865342][    C0]  ? hrtimer_interrupt+0x76b/0x980
[  640.870427][    C0]  ? irqtime_account_irq+0xd0/0x1e0
[  640.875621][    C0]  __irq_exit_rcu+0x157/0x240
[  640.880279][    C0]  ? irq_exit_rcu+0x20/0x20
[  640.884766][    C0]  irq_exit_rcu+0x5/0x20
[  640.888983][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  640.894594][    C0]  </IRQ>
[  640.897505][    C0]  <TASK>
[  640.900765][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  640.906722][    C0] RIP: 0010:lockdep_unregister_key+0x54e/0x5c0
[  640.912856][    C0] Code: 00 00 00 0f 85 8b 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bf 41 d1 08 41 f7 c4 00 02 00 00 74 86 fb 45 84 f6 <75> 85 eb 96 0f 0b 45 31 f6 e9 1a ff ff ff 0f 0b e9 5a fe ff ff 0f
[  640.932451][    C0] RSP: 0018:ffffc90003197b40 EFLAGS: 00000202
[  640.938496][    C0] RAX: dffffc0000000000 RBX: 1ffff92000632f70 RCX: ffffffff96869f03
[  640.946446][    C0] RDX: 0000000000000001 RSI: ffffffff8a8b3880 RDI: ffffffff8ad90280
[  640.954396][    C0] RBP: ffffc90003197c08 R08: dffffc0000000000 R09: fffffbfff20e29e6
[  640.962356][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000a03
[  640.970346][    C0] R13: 1ffff92000632f6c R14: ffff888065285101 R15: ffffc90003197b80
[  640.978326][    C0]  ? lockdep_reset_lock+0x3f0/0x3f0
[  640.983512][    C0]  ? print_irqtrace_events+0x210/0x210
[  640.988946][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  640.994820][    C0]  pwq_unbound_release_workfn+0x23d/0x290
[  641.000523][    C0]  process_one_work+0x8a1/0x10c0
[  641.005448][    C0]  ? worker_detach_from_pool+0x260/0x260
[  641.011061][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  641.016598][    C0]  ? kthread_data+0x4e/0xc0
[  641.021086][    C0]  ? wq_worker_running+0x97/0x170
[  641.026097][    C0]  worker_thread+0xaca/0x1280
[  641.030768][    C0]  kthread+0x3f6/0x4f0
[  641.034819][    C0]  ? rcu_lock_release+0x20/0x20
[  641.039673][    C0]  ? kthread_blkcg+0xd0/0xd0
[  641.044252][    C0]  ret_from_fork+0x1f/0x30
[  641.048656][    C0]  </TASK>
[  641.051668][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  641.058931][    C0] CPU: 0 PID: 6020 Comm: kworker/0:9 Not tainted 5.15.168-syzkaller #0
[  641.067146][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  641.077188][    C0] Workqueue: events pwq_unbound_release_workfn
[  641.083330][    C0] Call Trace:
[  641.086589][    C0]  <IRQ>
[  641.089436][    C0]  dump_stack_lvl+0x1e3/0x2d0
[  641.094098][    C0]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  641.099708][    C0]  ? panic+0x860/0x860
[  641.103763][    C0]  ? copy_from_user_nofault+0x110/0x1c0
[  641.109288][    C0]  ? copy_from_user_nofault+0x110/0x1c0
[  641.114812][    C0]  panic+0x318/0x860
[  641.118687][    C0]  ? __warn+0x16a/0x300
[  641.122819][    C0]  ? fb_is_primary_device+0xd0/0xd0
[  641.128000][    C0]  ? ret_from_fork+0x1f/0x30
[  641.132573][    C0]  ? copy_from_user_nofault+0x15c/0x1c0
[  641.138099][    C0]  __warn+0x2b2/0x300
[  641.142065][    C0]  ? copy_from_user_nofault+0x15c/0x1c0
[  641.147592][    C0]  report_bug+0x1b7/0x2e0
[  641.151910][    C0]  handle_bug+0x3d/0x70
[  641.156041][    C0]  exc_invalid_op+0x16/0x40
[  641.160522][    C0]  asm_exc_invalid_op+0x16/0x20
[  641.165354][    C0] RIP: 0010:copy_from_user_nofault+0x15c/0x1c0
[  641.171483][    C0] Code: db 48 c7 c0 f2 ff ff ff 48 0f 44 c5 eb 0c e8 fb c7 d5 ff 48 c7 c0 f2 ff ff ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 e4 c7 d5 ff <0f> 0b e9 1e ff ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c ef fe ff
[  641.191064][    C0] RSP: 0018:ffffc90000007850 EFLAGS: 00010046
[  641.197128][    C0] RAX: ffffffff81aaab4c RBX: 0000000000000000 RCX: ffff8880274b8000
[  641.205083][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  641.213036][    C0] RBP: dffffc0000000000 R08: ffffffff81aaaa5d R09: ffffed1004e97001
[  641.220984][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000100
[  641.228931][    C0] R13: 0000000000000008 R14: 0000000000000100 R15: ffffc900000078c8
[  641.236883][    C0]  ? copy_from_user_nofault+0x6d/0x1c0
[  641.242319][    C0]  ? copy_from_user_nofault+0x15c/0x1c0
[  641.247849][    C0]  bpf_probe_read_compat+0xe4/0x180
[  641.253032][    C0]  bpf_prog_3743bef762c7e242+0x38/0x5f0
[  641.258551][    C0]  bpf_trace_run3+0x1d1/0x380
[  641.263219][    C0]  ? bpf_trace_run2+0x340/0x340
[  641.268066][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  641.273946][    C0]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  641.279386][    C0]  ? _raw_spin_lock+0x40/0x40
[  641.284045][    C0]  enqueue_timer+0x3ae/0x540
[  641.288612][    C0]  __mod_timer+0xa60/0xeb0
[  641.293012][    C0]  ? mod_timer_pending+0x20/0x20
[  641.297931][    C0]  ? prandom_u32+0x218/0x260
[  641.302506][    C0]  mrp_join_timer+0x14b/0x180
[  641.307176][    C0]  call_timer_fn+0x16d/0x560
[  641.311769][    C0]  ? mrp_init_applicant+0x500/0x500
[  641.316947][    C0]  ? __run_timers+0x890/0x890
[  641.321603][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  641.326783][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  641.331959][    C0]  ? mrp_init_applicant+0x500/0x500
[  641.337133][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  641.342313][    C0]  ? mrp_init_applicant+0x500/0x500
[  641.347491][    C0]  __run_timers+0x67c/0x890
[  641.351980][    C0]  ? detach_timer+0x2f0/0x2f0
[  641.356649][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  641.362607][    C0]  ? ktime_get_real_ts64+0x460/0x460
[  641.367876][    C0]  run_timer_softirq+0x63/0xf0
[  641.372625][    C0]  handle_softirqs+0x3a7/0x930
[  641.377374][    C0]  ? __irq_exit_rcu+0x157/0x240
[  641.382212][    C0]  ? do_softirq+0x240/0x240
[  641.386692][    C0]  ? hrtimer_interrupt+0x76b/0x980
[  641.391780][    C0]  ? irqtime_account_irq+0xd0/0x1e0
[  641.396957][    C0]  __irq_exit_rcu+0x157/0x240
[  641.401610][    C0]  ? irq_exit_rcu+0x20/0x20
[  641.406095][    C0]  irq_exit_rcu+0x5/0x20
[  641.410313][    C0]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  641.415961][    C0]  </IRQ>
[  641.418872][    C0]  <TASK>
[  641.421782][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  641.427745][    C0] RIP: 0010:lockdep_unregister_key+0x54e/0x5c0
[  641.433901][    C0] Code: 00 00 00 0f 85 8b 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 bf 41 d1 08 41 f7 c4 00 02 00 00 74 86 fb 45 84 f6 <75> 85 eb 96 0f 0b 45 31 f6 e9 1a ff ff ff 0f 0b e9 5a fe ff ff 0f
[  641.453482][    C0] RSP: 0018:ffffc90003197b40 EFLAGS: 00000202
[  641.459538][    C0] RAX: dffffc0000000000 RBX: 1ffff92000632f70 RCX: ffffffff96869f03
[  641.467495][    C0] RDX: 0000000000000001 RSI: ffffffff8a8b3880 RDI: ffffffff8ad90280
[  641.475465][    C0] RBP: ffffc90003197c08 R08: dffffc0000000000 R09: fffffbfff20e29e6
[  641.483414][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000a03
[  641.491373][    C0] R13: 1ffff92000632f6c R14: ffff888065285101 R15: ffffc90003197b80
[  641.499329][    C0]  ? lockdep_reset_lock+0x3f0/0x3f0
[  641.504505][    C0]  ? print_irqtrace_events+0x210/0x210
[  641.509938][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  641.515811][    C0]  pwq_unbound_release_workfn+0x23d/0x290
[  641.521512][    C0]  process_one_work+0x8a1/0x10c0
[  641.526454][    C0]  ? worker_detach_from_pool+0x260/0x260
[  641.532090][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  641.537622][    C0]  ? kthread_data+0x4e/0xc0
[  641.542109][    C0]  ? wq_worker_running+0x97/0x170
[  641.547133][    C0]  worker_thread+0xaca/0x1280
[  641.551824][    C0]  kthread+0x3f6/0x4f0
[  641.555877][    C0]  ? rcu_lock_release+0x20/0x20
[  641.560706][    C0]  ? kthread_blkcg+0xd0/0xd0
[  641.565272][    C0]  ret_from_fork+0x1f/0x30
[  641.569669][    C0]  </TASK>
[  641.572967][    C0] Kernel Offset: disabled
[  641.577297][    C0] Rebooting in 86400 seconds..