last executing test programs:

15.089121358s ago: executing program 4 (id=316):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
chdir(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x50080, 0x0)
ioctl$TIOCGSID(r0, 0x5429, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44900000c63d5f852c6769643d", @ANYRESOCT, @ANYRESOCT=0x0, @ANYRES8, @ANYRES32, @ANYRES8, @ANYBLOB="2c6e03d465636f6d706f73652c6769643d29ab72f4a2f73b811c7fd9bae7ecd520839bd791f81b6637f549a77ac6cb621635f9c08b2615964a3c43b727df50d049dc760465dea7349206240e6fb4756f276c72f20bab7d507fe4853b18ebe583cbf9009044b021249834326e80399ca072639251325e38177eef4f05093acfe76553919ecca99460ea4ebdbcef9c4e0ed3f10f86889116979b7aa52b38442546b806d6b8964f99a04195ad43adb611", @ANYRES16, @ANYBLOB="4599"], 0x1, 0x701, &(0x7f00000009c0)="$eJzs3UtoHOcdAPD/rFaPVcGREz/SEsgSQ1oqaksWSqte6pZSdAglpIeeF1uOF6/lIClFNqVR+rj3kFNP6UG30ENJ74b23BAo6VHHQCGXnHRTmdmZ3Vlptbuy9Yrz+4mZ+Wa+x3zzn52ZfSC+AL6xlmej+iSSWJ59czNd39leaI1tL0zm2a2ImIiISkQ1Ikk3JauR5d7Kp/h25Dml5QEfNpfe/vyrnS/aa9V8yspXBtXrY+Lgpq18inpEjOXLg8YPafGT/bvvae/2oe2NKukcYRqwa0Xg4i/P1Co8s70Dtjp5H/8nm3fK9Kl+lOsWOKeS9nMz173UZyKmI2Iqov3Uz+8OldPv4fHaOusOAAAAwFHVjl7lhd3Yjc24cBLdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdVPv5/kk+VIl2PpBj/fyLfFnn6HBo+EOJnk+3lk5PvDAAAAAAAAACcuFd3Yzc240Kxvpdkv/m/VvqN/1vxXqzHSqzF9diMRmzERqzFfETMlBqa2GxsbKzNZzUjLg2oeTM+7VPz5uF9vNW7mhzHcQMAAAAAAADAOTY1JP/++MFtv4/l7u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHiQRY+1FNl0q0jNRqUbEVFFuK+LTiJg4294eSdJv45PT7wcAAAA8k6ne1WRqhDovvB+7sRkXivW9JPvMfyX7vDwV78VqbEQzNqIVK3En/wydfuqv7GwvtHa2Fx6k08F2f/rlkbqetRjt7x767/nlrEQt7kYz23I9bkcSe5lK3srLO9sL6fJB/359kPYp+UluQG/GSuk76ezqJ1n6z73fIlSPdIgj2t9o5dCSM1nueCcic3nf0hoXiwj0j8TQs1MduKf5qHS++bk0eE/9Y/7B4L1P7yvV95ubM7E/Ejej0jlDVwZHIuK7//j41/daq/fv3V2fPT+H1Nf7Q0vsj8RCKRJXn6NIDDeXReJyZ305fhG/itn4cvKtWItm/CYasREr9SK/kb+e0/nM4Eh9Nl1ee2tYT9Jrst65f/XrUz16+hT1+HmWasRr2Tm9EM1I4mFErMQb2d/NmO/cDbpn+PIIV31lhDttybXvZYtOmKJ2eNm/jdbkcUnjerEU1/I9dybLK2/pRunFvlEqnnWjP49Kqt/JE2kLfxj4fDht+yMxX4rES4e9Xtoh/eteOl9vrd5fu9d4d8T9vZ4v0+voTwOeEifymB4oPcMvxlR+cBezeZJdU3NZ3kudXhXx+m8zYj7Lu9RppfeJm+Zd7tRrX6m/jIdxp+dK/WEsxmIsZaWvZKXHDzyx0ryrnZZ67+FpXvpOq9r5Yaf8futhtNrvhyK2vva3bYDn2fT3pydq/6v9u/ZR7Y+1e7U3p342+aPJVyZi/F/jP67Ojb1eeSX5e3wUv+t+/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7e+qPH9xut1spa/0Slf1YyuFajtVcMJDagTE8iyYfKGaFwsv7o8d7QBgcnJvPuPWX140wUozUOL1w/wW4kW/vP19Twc1GM8jTCLpJ8mMrSSysinrrPxZ67W8bPwancn6gfuVb9wHHlieIFWyp89Fdvrd/5GouIfoWH3DjGjuHmA5ypGxsP3r2x/ujxD5oPGu+svLOyOr64uDS3tPjGwo27zdbKXHteqnD6o+oBJ6T8dqJjIiJeHV53wECtAAAAAAAAAAAAwAk6jf+FOOtjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7elmej+iSSmJ+7Ppeu72wvtNKpSHdLViOiEhHJbyOSf0bcivYUM6XmksP282Fz6e3Pv9r5ottWtShfidg6tN6gNru28inqETGWL59BT3u3h7c30U1O9slOOkeRBuxaETg4a/8PAAD//9qm8z8=")
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000004c0)={0xc5, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x7})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000680)="66420f3841c5b9f60200000f3266baf80cb870047a85ef66bafc0c66ed66b80c008ee80fe9b300000100b9220000400f322e0f211c26460fc7b0003000000f78e2b8010000000f01c1", 0x49}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0xce942, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb})

14.554797033s ago: executing program 0 (id=321):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014e40900b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000018500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

14.061022345s ago: executing program 0 (id=322):
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0, @ANYRESDEC=0x0, @ANYRES32=0x0, @ANYRESDEC], 0x1, 0x675, &(0x7f0000001280)="$eJzs3U9sHFcdB/DvrDd2NpTUTZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJiXukcuECtx7xsRKCSy+YC4tmdtbe2ruOHWyvUz6faPzemzfz3u/9dnZnd63IAf5vXT2f5oMUuXr+5eWyvboy015dmbndqyeZSNJImlVRpPhXp9P5ILmS7pbnkhT1cMWwee4vzL764cerH3VbzXqrjm9sd97O3Ku3nE0yVpeb3H7U8a4NHm/D0YcNV6yvsEzYuV7iYNSOJOlU/nG/u+cHf35ivadPa9DZD73ygcdA0b1vbjGZHKuf6OX7gO5dsXvPfqzdG3UAAAAAcACeXMtalnN81HEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46T4SmusLOqt0aufTdH7+//j9b7U9cOiWI9qFx7sRyQAAAAAAAAAcMDOrGUtyznea3eK6nf+L1SNk9XPz+St3M18FnMhy5nLUpaymOkkk30DjS/PLS0tTvefOTH4zEsDz7z0kEAn6rK1RwsHAAAAAAAAgE+Xn+bqxu//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMCiSsW5RbSd79ck0mkkmesfdS/6aZHy00f7vHow6AAAAADgAT65lLcs53mt3iuoz/zPV5/6jeSt3spSFLKWd+VyvvgvofupvrK7MtFdXZm6X29Zxv/nPXYVRjZjudw+DZz5dHdHKjSxUey7kWt5IO9fTqM4sne7FMziun5QxFd+o7TCy63VZrvy9utzi3V0tdphdfpkyWWXkyHpGpurYymw8tX0mdvnobJ5pOo31YE9ummnTIs48Ss6P1WW5nl8Oy/lIbM7Epb6r75ntc5584Y+//97N9p1bN2/cPX94lrQzY3XZqX62tmZipi8Tz3Yz8P3XPo2Z2GKqysSp9fbVfCev5XzO5pUsZiE/zFyWMp+z+XZVm6uv56Lv+9Qh18yVT7ReeVgk4/UV2n2wdhfTC9W5x7OQ7+aNXM98Xqz+Xcp0vprLuZzZvkf41A5eaRtDnvWdzw4M/twX60orya/q8nAo8/pUX177X3Mnq77+PRtZOrH396Pm5+pKOcfP6vJw2JyJ6b5MPL19Jn5bvazcbd+5tXhz7s2dTXfivbpSPo9+cajuEuX1cqJ8sKrWJ6+Osu/pgX3TVd/J9b7Glr5Tvb6//ebXL1XHDHumjtfv4Zpfn91yxyr7nh04y0zVd7qvb9D7LQAOvWNfOjbe+nvrL633Wz9v3Wy9fPRbE1+beH48R/505KXm1NjnG88Xf8j7+fHG538AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODR3X37nVtz7fb84qZKM513h3TtS+U/Q7qKJHs4V+/PmQ095sieL/C5J5KDyeHWyniSA590YOXfnU6n3lMchni2r3RKE+ns+1zNJIO6zow+CSN+YQL23cWl229evPv2O19euD33+vzr83dmL1+enZq9/OLMxRsL7fmp7s9RRwnsh42b/qgjAQAAAAAAAAAAAHbqIP47wfDZjx7kUgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH1NXzaT5IkempC1Nle3Vlpl1uvfrGkc0kjSTFj5Lig+RKulsm+4Yrhs1zf2H21Q8/Xv1oY6xm7/jGduftzL16y9kkY3W5V+Nd28l4v9uus1hfYZmwc73Ewaj9NwAA//8CiAVm")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000701269d5c9a2cd037bdcfc17138070d00328b4c5cdcd2e80fa54602e2525aaf2f10127250d362ab1d138de9ca7bd41ded4118d45dc1e6829f511cdab9e325a74c1b5e9f2a5306771aba140930f6c4a573a53c03774e0a9411071af7b750fa81ddc00a8594fde4eb4e67643d625bded3b61a997d2272a13c73e0e35075792"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
semget$private(0x0, 0x4000000009, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x0, 0x4}], 0x1)
semop(0x0, &(0x7f0000000500)=[{}], 0x1)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000300)=ANY=[@ANYBLOB="000075b8b62e943fefae1913e055b8852885f3200b41a4a7e940141a3e9a708cfa000f58442c767bb8bac7e75a49ac5762e52f7f3bf6909e28d3468821124bce8d75bf8584dedd275c45e85bfa22d157b6d5ac4e569df05173d6ff9d8ed3bdf95c41f60f6a1b456842fecd0f09b6ab9136de2336b349cfe9cd3089334f040f00000000"], 0x1, 0x5d4, &(0x7f0000000cc0)="$eJzs3cFvHFcdB/DvbhxnHaR04yZtQJWwilQhLJJdWyIpF6AUZKEKVeLA2SJOYmWTVvYWuT2AQRwqTv0TysH/AOJYJB9oj3Dq2ahHJO6+uZrZWXttb107dr3r9vORZt9782be/t5vZicza0Ub4BtrYTYTm6llYfaNtaK9tTHf2dqYf9KvJ7mSpJ40ktSK1f9I8lmynt6Sb/c7BspDPv2o8fCTDz5+v9dqVEu5fe2o/Y5nN5ZmL9ayPKvx5k493v4ZTieZOV18cDZ2+v47tPuUn0sAYJzVkkvD1jeTq9XNevEc0Lsr7t1jX2jrow4AAAAAzsFz29nOWq6NOg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SKrf/69VS71fn0mt//v/k9W6VPULbXPUAQAAAAAAAADAGfjudrazlmv99k6t/Jv/y2XjRvn6rbyT1SxlJbezlsV0081K2kmaAwNNri12uyvtY+w5N3TPufOZLwAAAAAAAAB8Tf05C3t//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHFQSy71inK50a83U59I0kgyWWy3nvynX7/INkcdAAAAAJyD57aznbVc67d3auUz/wvlc38j7+RpullON50s5X75XUDvqb++tTHf2dqYf1Ish8f92f9PFEY5YnrfPQx/51vlFlN5kOVyze38Lm+lk/upl3sWbvXjGR7Xn4qYaj+pHDOy+1VZzPxXVTkemmVGLu9mpFXFVmTj+tGZOOHROfhO7dR3v/m58RXk/GpVFvN5faxzPjdw9r1wdCaS6d/+9e6jztPHjx6szo7PlJ7RwUzMD2TixW9UJlplJm7uthfyy/wms5nJm1nJcn6fxXSzlJm8XtYWq/O5eG0enamf7mu9+WWRTFbHpXcVPVlML5f7Xstyfp23cr88oq3czd3M5Ud5Na19R/jm0Lj/uFN1l5/6+sk+9d/7flW5nOQXVTkeirxeH8jr4DW3WfYNrtnL0vTZXxsnvlNVirPntbG7Nl4/8K9EPxPPH52Jv5Unzmrn6eOVR4tvH/P9XqnKIgM/P5SJnUunntAzK86X6eJgla39Z0fR9/zQvnbZd2O3r36o7+Zu35d9Uiere7jDI82VfS8O7evtd2ugb9j9FgBj7+oPrk5O/W/q31MfTv1l6tHUG43Xrty78tJkLv/r8o8nWpdeqb9U+3s+zB/2nv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnt/rue48XO52lFRUVFZXdyqivTMBX7U73ydt3Vt9974fLTxYfLj1cevpq6969drt9t3XnwXJnqXoddZQAwFnau+kfdSQAAAAAAAAAAAAAAMAXOY//TjzqOQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9vC7OZ2Ewt7dbtVtHe2pjvFEu/vrdlI0mtqPwzyWfJenpLmgPD1b7ofT79qPHwkw8+fn9vrEZ/+9pR+x3PvljqB2I67Xhzpx5vb4YzSaarEkbu8wAAAP//Z8wF+Q==")
r3 = open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4a"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00')
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='setgroups\x00')
read$FUSE(r5, &(0x7f00000042c0)={0x2020}, 0x2020)
semctl$GETVAL(0x0, 0x0, 0xc, 0x0)
ioctl$BLKREPORTZONE(r3, 0xc0101282, &(0x7f0000000680)=ANY=[])
r6 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000340)='dns_resolver\x00', 0x0, &(0x7f0000000580)="fb9c", 0x2, r6)
unlink(&(0x7f0000000280)='./file1\x00')
lremovexattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@known='user.incfs.size\x00')

13.368038024s ago: executing program 3 (id=324):
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x3, 0x3498, @ipv4={'\x00', '\xff\xff', @remote}, 0x8002}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_BIND_MAP(0xf, &(0x7f0000000000)={r2, r1}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @private=0xa010100}, 0x10)
close(r3)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x4c, 0x4c, 0x2, [@const={0x0, 0x0, 0x0, 0x9, 0x3}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8, 0x0, 0x8}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2}}]}}, 0x0, 0x66, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
sendmsg$IPSET_CMD_TYPE(r3, 0x0, 0x4000010)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r5, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r5, 0x0)
ioctl$FIBMAP(r5, 0x1, &(0x7f0000000000))
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000400)='cdg\x00', 0x4)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000300)='./bus\x00', 0x1008002, &(0x7f0000000280)={[{@grpquota}, {@delalloc}, {@noblock_validity}, {@debug}, {@nouid32}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000f80)=""/4096, 0x1000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

12.803979772s ago: executing program 3 (id=327):
socket$nl_route(0x10, 0x3, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280), 0x80100, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
socket(0x80000000000000a, 0x2, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

11.561382177s ago: executing program 3 (id=329):
socket(0x840000000002, 0x80000, 0x2000000)
socket$unix(0x1, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000023b000/0x18000)=nil, 0x0, 0x0, 0x52, &(0x7f00000001c0)=[@cstype0={0x4, 0x2}, @dstype3], 0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r5 = syz_open_procfs$namespace(0x0, &(0x7f00000047c0)='ns/net\x00')
ioctl$NS_GET_USERNS(r5, 0xb701, 0x0)
fanotify_init(0x200, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f0000000a40)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d63703433372c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dddf2bd6c2c6e6f6465636f6d706f73652c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d85f194712c626172726965722c63726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c666f7263652c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c63726561746f723da9076de42c656172726965722c6e6f626172726965722c6e6f6465636f6d706f73652c6d61736b3d5e4d41595f524541442c7063723d30303030303030303030303030303030303030302c636f6e746578743d756e636f6e66696e65645f752c7375626a5f757365723d626172727565722c61707072616973655f747970653d696d617369672c666f776e65723d", @ANYRESDEC=0x0, @ANYBLOB="2c6f626a5f726f6c653d060a387b2640402c66736d616769633d3078303030303030303030303030303038302c66736d616769633d3078303030303030303030303030303030332c657569643d", @ANYRESDEC=0xee01, @ANYBLOB=',\x00', @ANYRES16, @ANYRESHEX, @ANYRESDEC=r4], 0x1, 0x6da, &(0x7f0000004980)="$eJzs3UtoHOcdAPD/rFarXRUcOfEjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpsimN0se9h5x6Sg+6hR5Keje054ZAyVXHQCGXnHRTmdmZ1Ur7lKzHJv39xMx8M99z/rMzsw/EBPB/a3k2ys8iieXZN7fS9d2dhebEzsJUnt2MiEpElCLKrUUka5Hl3smn+Ha6MS+f9Ovnw9Wltz//aveL1lo5n7LypUH1eqh0b9rOp6hHxES+7DbZp8VPjnZ/qL27fdsbVdLewzRgN4rAxV+eq1V4bvtdttt5H/8nmw+qfpzzFhhTSeu+2WUmYjoiqhGtu35+dSid7+hO3/ZFDwAAAACOq3b8Ki/sxV5sxaWzGA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8U+XP/0/yqVSk65EUz/+v5NsiT4+h4Q9C/GyqtXx29oMBAAAAAAAAgDP36l7sxVZcKtb3k+w3/9c6fuP/VrwXG7ES63EztqIRm7EZ6zEfETMdDVW2Gpub6/NZzYgrA2rejk971Lzdf4x3TnmfAQAAAAAAAGDMVYfkP5zs3vb7WD74/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZBEjHRWmTTlSI9E6VyRFQjopKW2474tEh/TSS9Nj47/3EAAADAc6keXk2qI9R54f3Yi624VKzvJ9ln/mvZ5+VqvBdrsRmrsRnNWIl7+Wfo9FN/aXdnobm7s/Aonbrb/emXxxp61mK0vnvo3fPLWYla3I/VbMvNuBtJ7GdKeSsv7+4spMtHvcf1QTqm5Ce5AaOZ6EjfS2fXP8nSfz78LUL5WLt4QqW+OTNZ7mQ7InP52NIal4sI9I7E0KNTHtjTfJTa3/xcGdxT75h/MLj36SOlen5zcyGORuJ2lNpH6NrgSER89x8f//pBc+3hg/sbs+OzSz29P7TE0UgsdETi+jcoEsPNZZG42l5fjl/Er2I2vpx6K9ZjNX4TjdiMlXqR38hfz+l8ZnCkPpvuXHtr2EjSc7Levn71GlM9Do0p6vHzLNWI17JjeilWI4nHEbESb2R/t2O+fTU4OMJXRzjrSyNcaTvc+F62aIcpav3L/m20Jk9LGtfLHXHtvObOZHmdWw6i9GLPKBX3utHvRx3K38kTaQt/GHh/OG9HIzHfEYmX+r1eWiH9634632iuPVx/0Hh3xP5ez5fpefSnsbpLpEf4xajmO3c5myfZOTWX5b3UvsMejlcl/8WlpdSVd7Vdr3Wm/jIex71DZ+oPYzEWYykrfS0rPdl1x0rzrrdbOnwNT/PSd1rl9g87ne+3Hkez9X4IgPE2/f3pSu2/tX/XPqr9sfag9mb1Z1M/mnqlEpP/mvxxeW7i9dIryd/jo/jdwed/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5DaePH3YaDZX1nsnSr2zksG1Gs394kFiA8ocSiT5o3JGKJxsPHm6P7TBwYmpfHgnrH6aieJpjcML189wGMn20eNVHX4siqc8jdBF0hXwtPKJx1z0fLBlcgwO5dFE/fQaLF6wHVnHf/XWeh2viYjoVXjIhWPiNK4+wEW6tfno3VsbT57+YPVR452Vd1bWJhcXl+aWFt9YuHV/tbky15p3VDiXh98C56Hz7URbJSJeHV53wINaAQAAAAAAAAAAgDN0Hv8LcdH7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHy9Lc9G+VkkMT93cy5d391ZaKZTkT4oWY6IUkQkv41I/hlxJ1pTzHQ0l/Tr58PVpbc//2r3i4O2ykX5UsR233qj2c6nqEfERL48rfbuDm+vcpCc6pGdtCOTBuxGETi4aP8LAAD//7co7JU=")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f00000004c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa10053, 0x0, 0xfd, 0x0, &(0x7f00000000c0))
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
renameat2(r6, &(0x7f0000000300)='./file0\x00', r6, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

11.408968891s ago: executing program 2 (id=330):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x6, 0x15, &(0x7f0000001480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f900001ab703000008000000b704000000001500850000003300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

10.271093247s ago: executing program 3 (id=332):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c710016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa73d897e3896d863081b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbd744e517e65ddab19e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f200004304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188541c300f5c1bf56705ba12d198e897186b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710f7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47cbb0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9ea410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be0a33c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06a6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c6062368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c5bed4b0d73dffb17a88aaad5921aee7dae6a2f3009d9cb434898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a64d903b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e7ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000006a728258ca3d846a000e80d5f43109a48ddc54cec5d7f78c80e010ed02ffc0846577cafcd9e0ad83149bfb08ba7b5b431311041deb5e5d65610ad6e8d6ed55e900071b4d37d9fadb17a0407e7251866b63faccfe936980f59ceaa9d6b6863024b482023799a4f30a225b560f320e89ed44130e78f8cf000ac3c743b08d4256f282fc36162ac4b59527a3b67560313914ff6ac4ac43cd0e79d6372da631de3fde6c29de3b43d3046df23019ecadd57f175a2443928b1bcb9be16f54936796c3b928dc07c70771622cef2fafeb239a3ca4"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x40000000}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='rcu_utilization\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8000000, 0x3, 0x2d0, 0x0, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x200, 0xffffffff, 0xffffffff, 0x200, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [], 'ip6tnl0\x00', 'nicvf0\x00', {}, {}, 0x3a}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [], [], 'veth1\x00', 'veth0_to_hsr\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x386)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000001c0)={@empty, 0x5, 0x0, 0x0, 0x4, 0x7ff, 0x7}, 0x20)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc0185502, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0xc842, &(0x7f00000023c0)=ANY=[], 0x7, 0x6ed, &(0x7f0000000900)="$eJzs3U1sHGcZAOB31uv1roHUadOkoEhdNVJBWCR2jAvmQkAIfKhQVQ6cV4nTWNk4le0iJ0LU4efOoQfEqRx8qzigco8EZ6pKqFcfOFRC6qUn34xmdmZ3bY9314lju/R5rJn5Zr7feWdnZn9kTQBfWovTUX0cSSxOv76Rrm9vzbXHtuYm8ux2RNQiohJR7SwiWcnzvno5bqTLr6cb823JYf28t7zw5iefb3/aWavmU1Y+GVSvRO3gps18imZEjOXLg8YPafHD/d3vae/moe2NqreHacCu5MuIPz9Vq/DUdg/Y7OZ98O9sPqj6Uc5b4IxKOvfNA6YiJiOiHhHZe4L86lA52dEdv83THgAAAAAcVePoVZ7biZ3YiHPPYjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/yp//n+ST5Ui3YykeP5/Ld8WefoMGv4gxI8nOsvHz34wAAAAAAAAAPDMvbwTO7ER54r13ST7zf+Vvt/4vxLvxFosxWpcjY1oxXqsx2rMRsRUX0O1jdb6+upsVjPiwoCa1+OjkprXDx/jjWPeZwAAAAAAAAA44+pD8u+OH9z221js/f4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABnQRIx1llk04UiPRWVakTUi3KbER9FRO10R3skSdnGxyc/DgAAAHgq9b2rSX2EOs+9GzuxEeeK9d0k+8x/Mfu8XI93YiXWYznWox1LcSv/DJ1+6q9sb821t7fm7qXTwXZ/9NmRhp61GJ3vHsp7fikr0YjbsZxtuRo3I4ndTCVv5aXtrbl0ea98XI/SMSU/zA0YzVhf+lY6u/Rhlv7j3m8RqkfaxSdUOTRnKssd70ZkJh9bWuN8EYHySAw9OtWBPc1GpfvNz4XBPZXH/NHg3if3lSr95uZU7I/E9ah0j9DFwZGI+ObfP/jlnfbK3Tu316bPzi6VendoiW4kvltcZnqRuDRyJBrHPfBTMJPt+4vd9cX4afwipuOziTdiNZbjV9GK9VhqFvmt/PWczqcGR+rjyf61N4aNJD0nm93rV9mYmrFnTNGMn2SpVrySHdNzsRxJ3I+IpXgt+7ses92rQe8IvzjCWV8Z4Urb58q3skU3TDHgtfHX0Zo8Lmlcz/fFtf+aO5Xl9W/pRen50igV97rR70d9qt/IE2kLvxt4fzhp+yMx2xeJFw57vXRC+pfddL7WXrm7eqf19oj9vZov0/PoD2fqLlGLR/F81POdO5/Nk+ycmsmO/gvdO+zeeNXyX1w6Kvvzfvanbr3OmfrzuB+39pyp34v5mI+FrKWLWenxA3esNO9St6X+vLksL32nVe3+sNP/fut+tDvvhwA42ya/PVlr/Lfxr8b7jd837jRer/944vsTl2sx/s/xH1Rnxl6tXE7+Fu/Hb3qf/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCe39uDh3Va7vbRanqiUZyWDa7Xau8WDxAaU2ZNI8kfljFA4WXvwcHdog4MTE/nwnrD6cSaKx6gNL9x8hsNINvcfr/rwY1E85WmELpIDAU8rP/GYi557W8bPwKHcn2geX4PFC7Yva/RX73++1qncKDteYxFRVmvIhWNsT4vAF9C19XtvX1t78PA7y/daby29tbQyPj+/MLMw/9rctdvL7aWZzryvwok8/BY4Cf1vJ7pqEfHy8Lpu/gAAAAAAAAAAAHA6TuJ/IU57HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAvtsXpqD6OJGZnrs6k69tbc+10KtK9ktWIqERE8uuI5B8RN6IzxVRfc8lh/by3vPDmJ59vf9prq1qUr0RsHlpvNJv5FM2IGMuXx9XezeHt1XrJiZLspBuZNGBXisDBaftfAAAA//+o7+kR")
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0x100, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000002380)=""/129, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='freezer.self_freezing\x00', 0x275a, 0x0)
getdents64(0xffffffffffffffff, &(0x7f0000000000)=""/40, 0x28)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r6, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x2, 0x4000, 0x2000, &(0x7f000000e000/0x2000)=nil})
r7 = semget$private(0x0, 0x6, 0x0)
semctl$GETZCNT(r7, 0x0, 0xe, 0x0)

10.252292759s ago: executing program 4 (id=333):
r0 = socket$inet6(0xa, 0x80803, 0x84)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00')
pread64(r1, &(0x7f0000000340)=""/254, 0xfe, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@private, @in=@remote, 0x0, 0x80, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev={0xfe, 0x80, '\x00', 0xe}, 0x0, 0x32}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x5}}, 0xe8)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x84}, 0x1c)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_TARGET={0x8, 0x1, 0xd}]}}]}, 0x3c}}, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000300), 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x2d, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, @func, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}]}, &(0x7f0000000240)='GPL\x00', 0xc6, 0x0, 0x0, 0x41000, 0x2, '\x00', r5, 0x0, r1, 0x8, &(0x7f0000000280)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x5, 0xa, 0x1ff, 0xffffff63}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000440)=[r6], &(0x7f0000000480)=[{0x5, 0x5, 0x10, 0xc}, {0x2, 0x1, 0x8, 0xc}], 0x10, 0x0, @void, @value}, 0x94)
open(&(0x7f0000000140)='./file0\x00', 0x4c0, 0x112)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x460200, 0x0)
r7 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r7, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x4e23}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000080)="080064d02a780996", 0x8}], 0x1, &(0x7f0000000680)}, 0x0)

9.225007056s ago: executing program 4 (id=335):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x80, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000740)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}})
umount2(&(0x7f0000000180)='./file0\x00', 0xb)

9.223967326s ago: executing program 1 (id=336):
unshare(0x20000600)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sync()
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

8.987041236s ago: executing program 4 (id=337):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x22, &(0x7f0000000ac0)=@raw=[@jmp, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x38}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}}, @jmp, @kfunc={0x85, 0x0, 0x2, 0x0, 0x80001}, @ringbuf_query], &(0x7f0000000440)='GPL\x00', 0x401, 0x93, &(0x7f0000000480)=""/147, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7, &(0x7f0000000780), &(0x7f0000000980)=[{0x1, 0x1}, {0x1, 0x0, 0xf, 0x1}, {0x5, 0x2, 0x6}, {0x0, 0x2, 0x0, 0x7}, {0x0, 0x1}, {0x0, 0x0, 0x5, 0x5}, {0x0, 0x3, 0x1000000, 0x8}], 0x10, 0x7, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x144, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r5}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r5}, 0x38)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@ipv4_delrule={0x24, 0x1e, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8}]}, 0x24}}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="48020000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78430800050000000000f80108808c000080200004000a00000000000000fe800000000000000000000000000000000000001400040002000000e0000001000000000000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff260004000a00000000000000fe880000000000000000000000000001000000000800030000000000060005000000000068010080fc00098070000080060001000200000008000200ac1414bb0500030000000000060001000a00000014000200ff0100000000000000000000000000010500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac141400050003000000000088000080060001000200000008000200e00000020500030000000000060001000a00000014000200fc0100000000000000000000000000000500030000000000060001000a00000014000200fe8000000000000000000000000000000500038000000000060001000a0000001400020000000000000000000000ffffac1414000500030000000000240002002767b524f45e9dfaf001c414581741c92349c3b6661d9864680582bd184ef1a6200004000a00000000000000fe8000000000000000000000000000aa0000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080007000000000008000100", @ANYRES32=r6], 0x248}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r8}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x1000000, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)

8.691912761s ago: executing program 3 (id=338):
syz_open_dev$MSR(0x0, 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0xfffe, 0x7, @loopback}}}, 0x88)
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
mmap(&(0x7f0000bfd000/0x400000)=nil, 0x400000, 0x0, 0x12, r0, 0x0)

8.617109977s ago: executing program 0 (id=339):
creat(0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x80, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r2 = accept$alg(r1, 0x0, 0x0)
r3 = dup(r2)
write$FUSE_INIT(r3, &(0x7f0000000080)={0x4f}, 0xfffffdef)

8.323535982s ago: executing program 1 (id=340):
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_submit(0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0x40046208, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00'}, 0x10)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27)
socket$packet(0x11, 0x2, 0x300)
syz_emit_ethernet(0x4a, &(0x7f0000001080)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, {[], {{0x0, 0x8906, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

7.771774969s ago: executing program 4 (id=341):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020782500000000002020207b1af8ff00000000bfa1000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x15, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800a8099e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xffffffffffffff6f, 0x0, &(0x7f00000000c0)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = dup(r1)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r6, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r8 = fanotify_init(0x200, 0x0)
fanotify_mark(r8, 0x21, 0x4800103e, r7, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1a0e2c5ffd4d08004500003c000000000006b07800000000ffffffff00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a01100009078000000080a0000000000000000fe06e2d4c3d9000000"], 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
setsockopt$packet_int(r9, 0x107, 0xe, &(0x7f0000000180)=0x7, 0x4)

7.584175125s ago: executing program 2 (id=342):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000701269d5c9a2cd037bdcfc17138070d00328b4c5cdcd2e80fa54602e2525aaf2f10127250d362ab1d138de9ca7bd41ded4118d45dc1e6829f511cdab9e325a74c1b5e9f2a5306771aba140930f6c4a573a53c03774e0a9411071af7b750fa81ddc00a8594fde4eb4e67643d625bded3b61a997d2272a13c73e0e35075792"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
semget$private(0x0, 0x4000000009, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x0, 0x4}], 0x1)
semop(0x0, &(0x7f0000000500)=[{}], 0x1)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000300)=ANY=[@ANYBLOB="000075b8b62e943fefae1913e055b8852885f3200b41a4a7e940141a3e9a708cfa000f58442c767bb8bac7e75a49ac5762e52f7f3bf6909e28d3468821124bce8d75bf8584dedd275c45e85bfa22d157b6d5ac4e569df05173d6ff9d8ed3bdf95c41f60f6a1b456842fecd0f09b6ab9136de2336b349cfe9cd3089334f040f00000000"], 0x1, 0x5d4, &(0x7f0000000cc0)="$eJzs3cFvHFcdB/DvbhxnHaR04yZtQJWwilQhLJJdWyIpF6AUZKEKVeLA2SJOYmWTVvYWuT2AQRwqTv0TysH/AOJYJB9oj3Dq2ahHJO6+uZrZWXttb107dr3r9vORZt9782be/t5vZicza0Ub4BtrYTYTm6llYfaNtaK9tTHf2dqYf9KvJ7mSpJ40ktSK1f9I8lmynt6Sb/c7BspDPv2o8fCTDz5+v9dqVEu5fe2o/Y5nN5ZmL9ayPKvx5k493v4ZTieZOV18cDZ2+v47tPuUn0sAYJzVkkvD1jeTq9XNevEc0Lsr7t1jX2jrow4AAAAAzsFz29nOWq6NOg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SKrf/69VS71fn0mt//v/k9W6VPULbXPUAQAAAAAAAADAGfjudrazlmv99k6t/Jv/y2XjRvn6rbyT1SxlJbezlsV0081K2kmaAwNNri12uyvtY+w5N3TPufOZLwAAAAAAAAB8Tf05C3t//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHFQSy71inK50a83U59I0kgyWWy3nvynX7/INkcdAAAAAJyD57aznbVc67d3auUz/wvlc38j7+RpullON50s5X75XUDvqb++tTHf2dqYf1Ish8f92f9PFEY5YnrfPQx/51vlFlN5kOVyze38Lm+lk/upl3sWbvXjGR7Xn4qYaj+pHDOy+1VZzPxXVTkemmVGLu9mpFXFVmTj+tGZOOHROfhO7dR3v/m58RXk/GpVFvN5faxzPjdw9r1wdCaS6d/+9e6jztPHjx6szo7PlJ7RwUzMD2TixW9UJlplJm7uthfyy/wms5nJm1nJcn6fxXSzlJm8XtYWq/O5eG0enamf7mu9+WWRTFbHpXcVPVlML5f7Xstyfp23cr88oq3czd3M5Ud5Na19R/jm0Lj/uFN1l5/6+sk+9d/7flW5nOQXVTkeirxeH8jr4DW3WfYNrtnL0vTZXxsnvlNVirPntbG7Nl4/8K9EPxPPH52Jv5Unzmrn6eOVR4tvH/P9XqnKIgM/P5SJnUunntAzK86X6eJgla39Z0fR9/zQvnbZd2O3r36o7+Zu35d9Uiere7jDI82VfS8O7evtd2ugb9j9FgBj7+oPrk5O/W/q31MfTv1l6tHUG43Xrty78tJkLv/r8o8nWpdeqb9U+3s+zB/2nv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnt/rue48XO52lFRUVFZXdyqivTMBX7U73ydt3Vt9974fLTxYfLj1cevpq6969drt9t3XnwXJnqXoddZQAwFnau+kfdSQAAAAAAAAAAAAAAMAXOY//TjzqOQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9vC7OZ2Ewt7dbtVtHe2pjvFEu/vrdlI0mtqPwzyWfJenpLmgPD1b7ofT79qPHwkw8+fn9vrEZ/+9pR+x3PvljqB2I67Xhzpx5vb4YzSaarEkbu8wAAAP//Z8wF+Q==")
r4 = open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4a"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00')
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='setgroups\x00')
read$FUSE(r6, &(0x7f00000042c0)={0x2020}, 0x2020)
semctl$GETVAL(0x0, 0x0, 0xc, 0x0)
ioctl$BLKREPORTZONE(r4, 0xc0101282, &(0x7f0000000680)=ANY=[])
r7 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000340)='dns_resolver\x00', 0x0, &(0x7f0000000580)="fb9c", 0x2, r7)
unlink(&(0x7f0000000280)='./file1\x00')
lremovexattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@known='user.incfs.size\x00')

2.773813204s ago: executing program 0 (id=343):
socket(0x840000000002, 0x80000, 0x2000000)
socket$unix(0x1, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f000023b000/0x18000)=nil, 0x0, 0x0, 0x52, &(0x7f00000001c0)=[@cstype0={0x4, 0x2}, @dstype3], 0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r5 = syz_open_procfs$namespace(0x0, &(0x7f00000047c0)='ns/net\x00')
ioctl$NS_GET_USERNS(r5, 0xb701, 0x0)
fanotify_init(0x200, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f0000000a40)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d63703433372c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dddf2bd6c2c6e6f6465636f6d706f73652c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d85f194712c626172726965722c63726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c666f7263652c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c63726561746f723da9076de42c656172726965722c6e6f626172726965722c6e6f6465636f6d706f73652c6d61736b3d5e4d41595f524541442c7063723d30303030303030303030303030303030303030302c636f6e746578743d756e636f6e66696e65645f752c7375626a5f757365723d626172727565722c61707072616973655f747970653d696d617369672c666f776e65723d", @ANYRESDEC=0x0, @ANYBLOB="2c6f626a5f726f6c653d060a387b2640402c66736d616769633d3078303030303030303030303030303038302c66736d616769633d3078303030303030303030303030303030332c657569643d", @ANYRESDEC=0xee01, @ANYBLOB=',\x00', @ANYRES16, @ANYRESHEX, @ANYRESDEC=r4], 0x1, 0x6da, &(0x7f0000004980)="$eJzs3UtoHOcdAPD/rFarXRUcOfEjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpsimN0se9h5x6Sg+6hR5Keje054ZAyVXHQCGXnHRTmdmZ1Ur7lKzHJv39xMx8M99z/rMzsw/EBPB/a3k2ys8iieXZN7fS9d2dhebEzsJUnt2MiEpElCLKrUUka5Hl3smn+Ha6MS+f9Ovnw9Wltz//aveL1lo5n7LypUH1eqh0b9rOp6hHxES+7DbZp8VPjnZ/qL27fdsbVdLewzRgN4rAxV+eq1V4bvtdttt5H/8nmw+qfpzzFhhTSeu+2WUmYjoiqhGtu35+dSid7+hO3/ZFDwAAAACOq3b8Ki/sxV5sxaWzGA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8U+XP/0/yqVSk65EUz/+v5NsiT4+h4Q9C/GyqtXx29oMBAAAAAAAAgDP36l7sxVZcKtb3k+w3/9c6fuP/VrwXG7ES63EztqIRm7EZ6zEfETMdDVW2Gpub6/NZzYgrA2rejk971Lzdf4x3TnmfAQAAAAAAAGDMVYfkP5zs3vb7WD74/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZBEjHRWmTTlSI9E6VyRFQjopKW2474tEh/TSS9Nj47/3EAAADAc6keXk2qI9R54f3Yi624VKzvJ9ln/mvZ5+VqvBdrsRmrsRnNWIl7+Wfo9FN/aXdnobm7s/Aonbrb/emXxxp61mK0vnvo3fPLWYla3I/VbMvNuBtJ7GdKeSsv7+4spMtHvcf1QTqm5Ce5AaOZ6EjfS2fXP8nSfz78LUL5WLt4QqW+OTNZ7mQ7InP52NIal4sI9I7E0KNTHtjTfJTa3/xcGdxT75h/MLj36SOlen5zcyGORuJ2lNpH6NrgSER89x8f//pBc+3hg/sbs+OzSz29P7TE0UgsdETi+jcoEsPNZZG42l5fjl/Er2I2vpx6K9ZjNX4TjdiMlXqR38hfz+l8ZnCkPpvuXHtr2EjSc7Levn71GlM9Do0p6vHzLNWI17JjeilWI4nHEbESb2R/t2O+fTU4OMJXRzjrSyNcaTvc+F62aIcpav3L/m20Jk9LGtfLHXHtvObOZHmdWw6i9GLPKBX3utHvRx3K38kTaQt/GHh/OG9HIzHfEYmX+r1eWiH9634632iuPVx/0Hh3xP5ez5fpefSnsbpLpEf4xajmO3c5myfZOTWX5b3UvsMejlcl/8WlpdSVd7Vdr3Wm/jIex71DZ+oPYzEWYykrfS0rPdl1x0rzrrdbOnwNT/PSd1rl9g87ne+3Hkez9X4IgPE2/f3pSu2/tX/XPqr9sfag9mb1Z1M/mnqlEpP/mvxxeW7i9dIryd/jo/jdwed/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5DaePH3YaDZX1nsnSr2zksG1Gs394kFiA8ocSiT5o3JGKJxsPHm6P7TBwYmpfHgnrH6aieJpjcML189wGMn20eNVHX4siqc8jdBF0hXwtPKJx1z0fLBlcgwO5dFE/fQaLF6wHVnHf/XWeh2viYjoVXjIhWPiNK4+wEW6tfno3VsbT57+YPVR452Vd1bWJhcXl+aWFt9YuHV/tbky15p3VDiXh98C56Hz7URbJSJeHV53wINaAQAAAAAAAAAAgDN0Hv8LcdH7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHy9Lc9G+VkkMT93cy5d391ZaKZTkT4oWY6IUkQkv41I/hlxJ1pTzHQ0l/Tr58PVpbc//2r3i4O2ykX5UsR233qj2c6nqEfERL48rfbuDm+vcpCc6pGdtCOTBuxGETi4aP8LAAD//7co7JU=")
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f00000004c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa10053, 0x0, 0xfd, 0x0, &(0x7f00000000c0))
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
renameat2(r6, &(0x7f0000000300)='./file0\x00', r6, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

2.558174193s ago: executing program 1 (id=344):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000020000000000000000000000850000005400000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.508019497s ago: executing program 2 (id=345):
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x400, 0x0)

2.362042639s ago: executing program 1 (id=346):
r0 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, <r1=>0x0, <r2=>0x0}, &(0x7f0000000140)=0xc)
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000540)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r1, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX=r2, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d11f57832035e96a1513231140da182ca77aeedc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x81, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r3, &(0x7f0000000280)='./file0\x00', 0x200)

2.298708845s ago: executing program 4 (id=347):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
r5 = open(0x0, 0x0, 0x0)
getdents(r5, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r4, 0xc1004110, &(0x7f0000000000)={0x0, [0x8, 0xffff133a, 0x1], [{0x35, 0x0, 0x0, 0x1}], 0xc})

2.251791418s ago: executing program 3 (id=348):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000580)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f00"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000000)={0x18}, 0x18)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000740)={'tunl0\x00', &(0x7f0000000680)={'syztnl2\x00', <r2=>0x0, 0x80, 0x51, 0x3, 0x4c8, {{0x5, 0x4, 0x0, 0x4, 0x14, 0x65, 0x0, 0x3, 0x29, 0x0, @loopback, @loopback}}}})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000040)=ANY=[@ANYBLOB="9ce17774", @ANYRES64=r2, @ANYRES32=0x0, @ANYBLOB="14000200697036746e6c3000000000000000000008000100", @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0x200440c0}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000000)="240000005800410f9c00f4f90085b3a85c91fddf080001000501009f0800028001000000", 0x24)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)

1.204211198s ago: executing program 0 (id=350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioprio_get$uid(0x3, 0x0)

1.203888788s ago: executing program 1 (id=351):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000400)="bb", 0x1}], 0x1}}], 0x2, 0x16da)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000140)=""/195)

1.200961838s ago: executing program 2 (id=352):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000140)={0x2, 0x0, @ioapic={0x5000, 0x7e6f2ec2, 0x0, 0xeffffdf9, 0x0, [{0x0, 0x0, 0x10, '\x00', 0xff}, {0x19, 0x0, 0x0, '\x00', 0x36}, {0x0, 0x4, 0x0, '\x00', 0xff}, {0x0, 0x3, 0x7f}, {0xc, 0x0, 0x0, '\x00', 0xfd}, {0x0, 0x0, 0x0, '\x00', 0x3}, {0x4, 0x0, 0x0, '\x00', 0x3}, {0x3a, 0x2}, {0x0, 0x6}, {0x0, 0x1}, {}, {0x0, 0x7, 0x7}, {0x0, 0x0, 0xff}, {0x0, 0x4}, {0x0, 0x2, 0x0, '\x00', 0x3}, {0x4, 0x1}, {0xff, 0x0, 0x0, '\x00', 0xfc}, {0x1, 0x0, 0x3}, {0x0, 0x0, 0x8}, {}, {0x40, 0x1}, {0x0, 0x40}, {0xec}, {0x6, 0x0, 0x20}]}})

694.260511ms ago: executing program 2 (id=353):
openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x100c0e, &(0x7f0000000980)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x81}}, {@jqfmt_vfsv0}, {@barrier_val={'barrier', 0x3d, 0xd01f}}, {@user_xattr}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@resuid}]}, 0x3, 0x43d, &(0x7f0000000140)="$eJzs3MtvG0UYAPBv10lKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jcqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZvYjp0mqRMX/PtJ287sjjPzeXfsmZ1sAuhbo9k/ScSeiPg9Iobr2eYCo/X/bi5dnvl76fJMEtXqW38ltXI3li7PFEWL1+3OM2NpRPpZEofa1Dt/8dLZ6UqlfCHPTyyce39i/uKlZ8+cmz5dPl0+P3XixPFjky88P/VcV+LM2nTj4Edzhw+89s7VN2ZOXn3352+TIv6WOLpkdK2DT1SrXa6ut/Y2pJOBHjaEDSlFRHa6Bmv9fzhKsXLyhuPVT3vaOGBLVavV6u7OhxerwP9YEr1uAdAbxRd9Nv8ttm0aetwRrr9UnwBlcd/Mt/qRgUjzMoMt89tuGo2Ik4v/fJVtsTX3IQAAmnyfjX+eaTf+S+P+hnJ352tDIxFxT0Tsi4h7I2J/RNwXUSv7QEQ8uMH6WxdJVo9/0mubCmydsvHfi/naVvP4rxj9xUgpz+2txT+YnDpTKR/N35OxGNyR5SfXqOOHV377otOxxvFftmX1F2PBvB3XBnY0v2Z2emH6dmJudP2TiIMD7eJPllcCkog4EBEHN1nHmae+Odzp2K3jX0MX1pmqX0c8WT//i9ESfyFZe31y4q6olI9OFFfFar/8euXNTvXfVvxdkJ3/XW2v/+X4R5LG9dr5jddx5Y/PO85pNnv9DyVv19JD+b4PpxcWLkxGDCWv1xvduH9q5bVFviifxT92pH3/3xcr78ShiMgu4oci4uGIeCRv+6MR8VhEHFkj/p9efvy9zce/tbL4Zzd0/lcSQ9G6p32idPbH75oqHdlI/Nn5P15LjeV71vP5t552be5qBgAAgP+eNCL2RJKOL6fTdHy8/vvy+2NXWpmbX3j61NwH52frzwiMxGBa3OkabrgfOplP6/P8jqnmfPlYft/4y9LOWn58Zq4y2+vgoc/t7tD/M3+Wet06YMt5Xgv6l/4P/Uv/h/6l/0P/atP/d/aiHcD2a/f9/3EP2gFsv5b+b9kP+oj5P/Qv/R/6l/4PfWl+Z9z6IXkJiVWJSLv+k4ei/pc+7owA+zzR608mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7vg3AAD//8Bg4v4=")
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xa, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000d80), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
gettid()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
mount$fuse(0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000300)={0x28, 0x4, 0x0, {0x1, 0xf0}}, 0x28)
mkdir(0x0, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000009c0)={'#! ', './file1/file1'}, 0x11)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
pipe(&(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000300)="b57bf1a7", 0x4)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc04dc1f56bb6e284f5fa35c66", 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x0)
splice(r1, 0x0, r4, 0x0, 0x1e8641, 0xc)
preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x9)

174.663965ms ago: executing program 0 (id=354):
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
read(r0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x335, @tick=0x2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt$inet_tcp_buf(r0, 0x6, 0x1a, &(0x7f0000000040), 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1f, 0x7, 0xc, 0xffffffff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r3)
sendmsg$NFNL_MSG_CTHELPER_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000109010200000000000000000a000000080003400000007f08000540000700040c00048008000140fffffffe0800064000000001080005400000000f100002000c00028005000100210000000900010073797a31000000000800064000000001"], 0x64}, 0x1, 0x0, 0x0, 0x24040040}, 0x8000)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r4, 0x5)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
flock(r5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)

103.297872ms ago: executing program 2 (id=355):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000701269d5c9a2cd037bdcfc17138070d00328b4c5cdcd2e80fa54602e2525aaf2f10127250d362ab1d138de9ca7bd41ded4118d45dc1e6829f511cdab9e325a74c1b5e9f2a5306771aba140930f6c4a573a53c03774e0a9411071af7b750fa81ddc00a8594fde4eb4e67643d625bded3b61a997d2272a13c73e0e35075792"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
semget$private(0x0, 0x4000000009, 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x0, 0x4}], 0x1)
semop(0x0, &(0x7f0000000500)=[{}], 0x1)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000300)=ANY=[@ANYBLOB="000075b8b62e943fefae1913e055b8852885f3200b41a4a7e940141a3e9a708cfa000f58442c767bb8bac7e75a49ac5762e52f7f3bf6909e28d3468821124bce8d75bf8584dedd275c45e85bfa22d157b6d5ac4e569df05173d6ff9d8ed3bdf95c41f60f6a1b456842fecd0f09b6ab9136de2336b349cfe9cd3089334f040f00000000"], 0x1, 0x5d4, &(0x7f0000000cc0)="$eJzs3cFvHFcdB/DvbhxnHaR04yZtQJWwilQhLJJdWyIpF6AUZKEKVeLA2SJOYmWTVvYWuT2AQRwqTv0TysH/AOJYJB9oj3Dq2ahHJO6+uZrZWXttb107dr3r9vORZt9782be/t5vZicza0Ub4BtrYTYTm6llYfaNtaK9tTHf2dqYf9KvJ7mSpJ40ktSK1f9I8lmynt6Sb/c7BspDPv2o8fCTDz5+v9dqVEu5fe2o/Y5nN5ZmL9ayPKvx5k493v4ZTieZOV18cDZ2+v47tPuUn0sAYJzVkkvD1jeTq9XNevEc0Lsr7t1jX2jrow4AAAAAzsFz29nOWq6NOg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SKrf/69VS71fn0mt//v/k9W6VPULbXPUAQAAAAAAAADAGfjudrazlmv99k6t/Jv/y2XjRvn6rbyT1SxlJbezlsV0081K2kmaAwNNri12uyvtY+w5N3TPufOZLwAAAAAAAAB8Tf05C3t//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHFQSy71inK50a83U59I0kgyWWy3nvynX7/INkcdAAAAAJyD57aznbVc67d3auUz/wvlc38j7+RpullON50s5X75XUDvqb++tTHf2dqYf1Ish8f92f9PFEY5YnrfPQx/51vlFlN5kOVyze38Lm+lk/upl3sWbvXjGR7Xn4qYaj+pHDOy+1VZzPxXVTkemmVGLu9mpFXFVmTj+tGZOOHROfhO7dR3v/m58RXk/GpVFvN5faxzPjdw9r1wdCaS6d/+9e6jztPHjx6szo7PlJ7RwUzMD2TixW9UJlplJm7uthfyy/wms5nJm1nJcn6fxXSzlJm8XtYWq/O5eG0enamf7mu9+WWRTFbHpXcVPVlML5f7Xstyfp23cr88oq3czd3M5Ud5Na19R/jm0Lj/uFN1l5/6+sk+9d/7flW5nOQXVTkeirxeH8jr4DW3WfYNrtnL0vTZXxsnvlNVirPntbG7Nl4/8K9EPxPPH52Jv5Unzmrn6eOVR4tvH/P9XqnKIgM/P5SJnUunntAzK86X6eJgla39Z0fR9/zQvnbZd2O3r36o7+Zu35d9Uiere7jDI82VfS8O7evtd2ugb9j9FgBj7+oPrk5O/W/q31MfTv1l6tHUG43Xrty78tJkLv/r8o8nWpdeqb9U+3s+zB/2nv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnt/rue48XO52lFRUVFZXdyqivTMBX7U73ydt3Vt9974fLTxYfLj1cevpq6969drt9t3XnwXJnqXoddZQAwFnau+kfdSQAAAAAAAAAAAAAAMAXOY//TjzqOQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9vC7OZ2Ewt7dbtVtHe2pjvFEu/vrdlI0mtqPwzyWfJenpLmgPD1b7ofT79qPHwkw8+fn9vrEZ/+9pR+x3PvljqB2I67Xhzpx5vb4YzSaarEkbu8wAAAP//Z8wF+Q==")
r4 = open(&(0x7f0000000040)='./bus\x00', 0x1451c2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4a"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/ipc\x00')
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='setgroups\x00')
read$FUSE(r6, &(0x7f00000042c0)={0x2020}, 0x2020)
semctl$GETVAL(0x0, 0x0, 0xc, 0x0)
ioctl$BLKREPORTZONE(r4, 0xc0101282, &(0x7f0000000680)=ANY=[])
r7 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000340)='dns_resolver\x00', 0x0, &(0x7f0000000580)="fb9c", 0x2, r7)
unlink(&(0x7f0000000280)='./file1\x00')
lremovexattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@known='user.incfs.size\x00')

0s ago: executing program 1 (id=356):
r0 = syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x2000c12, &(0x7f00000001c0)=ANY=[], 0x1, 0xa1b, &(0x7f0000001500)="$eJzs3UtsXfWdB/Dv8SMxBiUBMgyDgNyESTDgcWxnSCZiwST2TWLGj5HtSESzIAxxRpl4hpa0EqBKBKntqqiVWnXR7lBX7QaJTdlU7Npdu+qiEmLVPeoqVReuzr3Xjh/3+trGjxA+H+v4nsfv/P+/8/zn3lyff/hqWTi4YmphoTbUdC/NbL587fTlX+58wtzLzo9+/uFHH5TD+7ezL515sfh10pOkknQleTzpHhmdnppoU9DN5GqST5Miyf7UXzfkaoof5qG705+m+HlZb0v7Nloy7SzwtbbX5x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyLipHRwcGhYl/GJi+/WqlLKmuMjE5PFVlYWLtkcZ26T2q9fheftK03KcohPT2LXX0/fjjJRE9t/LEklWN5sr7kyVqH5OnJuw8+duilR7s6Ftdvlc2Xsn/jxd56592br8/Pz73VOmThvfo2bE9u95iL1cmxmamxiXMXq5WxmanK2dOnB09eujBTuTA2Xp25MjNbnaiMTFfPzU5NV/pGnqsMnT17qlIduDJ1efLi6MB4dXHmmX8ZHhw8XXll4D+r56ZnpiZPvjIwM3JpbHx8bPJiLaZcXMacKU/E/xibrcxWz01UKtdvzM+dWpVT5+qdXQYNtduSMmi4XdDw4PDw0NDw8ND7jd6zl2acfvHsi2cGB7sGV8maiB06abm3PND6MO/EbRy2pKPe/ud/xzOWyVzOq6k0/RnJaKYzlYkWyxsW2//jJ6vr1ru8/W+08l3LFj9R/jqWpxuTPS3a/xa57N7PrbyTd3Mzr2c+85nLW3ue0e7+XEw1kxnLTKYylomcq82pNOZUcjanczqDeS2XciQzqeRCxjKeamZyJTOZTbV2Ro1kOtWcy2ymMp1K+jKS51LJUM7mbE6lkmoGciVTuZzJXMxoztVKuZ4btf1+ap0cl4KGNhI0vE7Q6sa8PNc31/5X79d/CbJh238Thy1aaLT/+9qH9o3sRkIAAADAtvun3+XA4Ud++1lS5Kna5/IXxsarL+91WgAAAMA2KsrhyfKlu5x8qqf2/n9wr9MCAAAAtlFR+xu7IklvjtTHFv8SyocAAAAAcJ+oPa7n6RRH7s7w/h8AAADuM+2fsd82ouhffPxv5Vr99Vojoj5V9F4YG68OjEyNvzSUE7WnDCR5am1pnUnRXfvzg+dztB51tLf+2nu3xLLOnjJqaOCloTyfY40N6XumfHmmr0nkcD3y2Xrks8sjO7Mi8lQZCQD3u2PrtMcbbf+fT389ov+JWpPf9USTNnhQywoA94qlPnb+2ujSrEn734h4ulX7/6/rvP8vIx7J9SP1rxQM5I28mflcS38a3zg40qzUxd4I6l9D6G/zaUBv4ysLfzjTkf41nwf0LG3r8ti5DKe/6ScCy8otFnM4VY/r3JljAAC77di67fDG2v/+Nu//F9vc733mK4UAcC9Y6sF+EyPvbSZ47q1be72NAMBKWmkAAAAAAAAAAAAAAAAAAAAAAAAAAADYfht6gP/vTyTz83PJFjoL2PJIz2YyXH+kI7uU856PdCbZq9pfzqbXKo/xl6j0Vw80Vv/z3u/5+25kj29MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7Ioi6Ww2vyPZn2Qwycndz2rn3N7rBLZLZd+WVivu5E7ezoFtzwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Guu8fz/jtRfH6zPSldHcjzJ1ST/tdc5bqc7e53Azijah/xfPfDu8/87ku4sFOmqH/YU3SOj01MTZVHF/nL55x9+9EE5tC97ba8KZQFlDSs6l2jUsGxO98q1Hq6t1Ts6d+vmt978RmX0fO3EPD97YXx04uL0v98NfKz4OKmkPixazPc7x3/zo2WzGx0lFB+XW9rc6nov1OodXVvvPzZbu0W9G3Bjfm64rGm2+urst///xtvLFj2So8kzfUnfypr+pxxa1HR09f5cqfii+H5xID/N1drxL/dGsVCUh+hgbfsfuH5jfm7gjTfnry3l9N6KnA7lSJJrSc/GczrS+tysnXUd3WWtg7Wg8tfhNuWta1mJQy3268O1U6Z3U9tQaXN9tdnvjYxONc3ox998NCc2faRPtKmxqeKL4k/Fpfwx313W/0dHefyPp+nV2aSIWuSyM2X5shWXV0c9srblw8sXvLa6zJZXJVuxsH/dxT/If+fflo5/x7L7f+NY7c79aFmNza+LZPPXxS8OrmlR7qrtlsOrWqTG3afVOo08D9ejWuT5D3mhXuYm7igvtGuxd+j6/1nRl7/ktv5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAe1+RdDab35EcT3IoycFyupIsrI65vYX6OnqLraS5bW4nf1tYWLMp95mi5cEp7uRO3s6B3c4IAAAAAAAAgJ1xfvTzDz/6oBxq/x/fmX/uaCypJF1JDhU/6R4ZnZ6aaFNQd3J18b/0ezaXw9Xy10N3pz8tpx5vs9Lefn0AAL7S/h4AAP//925w5w==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r2}, 0xc)

kernel console output (not intermixed with test programs):

 a L4 protocol and not use inversions on it
[   73.341199][ T3737] loop4: detected capacity change from 0 to 1024
[   73.476596][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   73.638576][ T3737] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   73.698839][   T26] audit: type=1800 audit(1729096838.279:2): pid=3733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5" name="bus" dev="loop4" ino=18 res=0 errno=0
[   73.810197][ T1228] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.896536][ T1228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.909335][   T26] audit: type=1800 audit(1729096838.309:3): pid=3733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5" name="bus" dev="loop4" ino=18 res=0 errno=0
[   73.995951][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   74.036729][ T3747] binder: BC_ATTEMPT_ACQUIRE not supported
[   74.042579][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.042631][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.044184][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   74.051961][ T3747] binder: 3743:3747 ioctl c0306201 20000100 returned -22
[   74.085147][ T3747] loop0: detected capacity change from 0 to 256
[   74.092059][ T3747] =======================================================
[   74.092059][ T3747] WARNING: The mand mount option has been deprecated and
[   74.092059][ T3747]          and is ignored by this kernel. Remove the mand
[   74.092059][ T3747]          option from the mount to silence this warning.
[   74.092059][ T3747] =======================================================
[   74.143543][ T3747] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   74.154485][ T3747] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[   74.181818][ T3747] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   74.220645][ T3639] EXT4-fs (loop4): unmounting filesystem.
[   74.280438][ T3683] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   74.398507][ T3752] loop4: detected capacity change from 0 to 16
[   74.428060][ T3752] erofs: (device loop4): mounted with root inode @ nid 36.
[   74.540015][ T3683] usb 4-1: Using ep0 maxpacket: 16
[   74.567994][ T3752] syz.4.7: attempt to access beyond end of device
[   74.567994][ T3752] loop4: rw=0, sector=8, nr_sectors = 32 limit=16
[   74.740038][ T3683] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.758359][ T3683] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.769727][ T3683] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   74.787712][ T3683] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   74.803461][ T3683] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.833628][ T3683] usb 4-1: config 0 descriptor??
[   75.101450][ T3760] loop1: detected capacity change from 0 to 1024
[   75.126047][ T3760] hfsplus: extend alloc file! (8192,65536,366)
[   75.288056][ T3763] loop0: detected capacity change from 0 to 1024
[   75.472807][ T3683] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max
[   75.840588][ T3683] microsoft 0003:045E:07DA.0001: No inputs registered, leaving
[   75.915923][ T3683] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[   75.952534][ T3683] microsoft 0003:045E:07DA.0001: no inputs found
[   75.972943][ T3683] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway
[   75.988670][ T3770] loop2: detected capacity change from 0 to 512
[   76.014513][ T3770] EXT4-fs (loop2): orphan cleanup on readonly fs
[   76.033978][ T3683] usb 4-1: USB disconnect, device number 2
[   76.046444][ T3770] EXT4-fs warning (device loop2): ext4_enable_quotas:7035: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   76.062326][ T3770] EXT4-fs (loop2): Cannot turn on quotas: error -22
[   76.071181][ T3770] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #13: comm syz.2.13: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   76.091073][ T3770] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.13: couldn't read orphan inode 13 (err -117)
[   76.106943][ T3770] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   76.133415][ T3770] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   76.133479][    T9] hfsplus: b-tree write err: -5, ino 4
[   76.148400][ T3770] EXT4-fs warning (device loop2): read_mmp_block:115: Error -117 while reading MMP block 2
[   76.205196][ T3647] EXT4-fs (loop2): unmounting filesystem.
[   76.609250][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.617532][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[   76.625839][    T0] NOHZ tick-stop error: local softirq work is pending, handler #30a!!!
[   76.634149][    T0] NOHZ tick-stop error: local softirq work is pending, handler #30a!!!
[   76.642449][    T0] NOHZ tick-stop error: local softirq work is pending, handler #30a!!!
[   76.650742][    T0] NOHZ tick-stop error: local softirq work is pending, handler #30a!!!
[   77.634858][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   77.643207][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   77.651512][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   77.659844][    T0] NOHZ tick-stop error: local softirq work is pending, handler #182!!!
[   78.156990][ T3777] sched: RT throttling activated
[   78.687976][   T26] audit: type=1326 audit(1729096843.269:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3784 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05777dff9 code=0x7ffc0000
[   78.879294][   T26] audit: type=1326 audit(1729096843.269:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3784 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05777dff9 code=0x7ffc0000
[   78.960122][   T26] audit: type=1326 audit(1729096843.269:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3784 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fd05777dff9 code=0x7ffc0000
[   79.067357][   T26] audit: type=1326 audit(1729096843.269:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3784 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05777dff9 code=0x7ffc0000
[   79.118948][   T26] audit: type=1326 audit(1729096843.269:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3784 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fd05777dff9 code=0x7ffc0000
[   79.168690][   T26] audit: type=1326 audit(1729096843.269:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3784 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05777dff9 code=0x7ffc0000
[   79.261454][   T26] audit: type=1326 audit(1729096843.269:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3784 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fd05777dff9 code=0x7ffc0000
[   79.508688][   T26] audit: type=1326 audit(1729096843.269:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3784 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd05777dff9 code=0x7ffc0000
[   80.272997][ T3798] loop3: detected capacity change from 0 to 128
[   81.275914][ T3810] loop2: detected capacity change from 0 to 2048
[   81.425851][ T3810] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[   81.477032][ T3810] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[   81.492401][  T152] cfg80211: failed to load regulatory.db
[   81.510860][ T3810] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[   81.518608][ T3810] UDF-fs: Scanning with blocksize 512 failed
[   81.616156][ T3810] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   85.968383][ T3654] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   85.979530][ T3654] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   85.988511][ T3654] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   85.998849][ T3654] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   86.019987][ T3654] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   86.028697][ T3654] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   87.281527][ T3838] chnl_net:caif_netlink_parms(): no params data found
[   87.335931][ T3838] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.343259][ T3838] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.351897][ T3838] device bridge_slave_0 entered promiscuous mode
[   87.360509][ T3838] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.367696][ T3838] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.377970][ T3838] device bridge_slave_1 entered promiscuous mode
[   87.408212][ T3838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.420556][ T3838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.477821][ T3838] team0: Port device team_slave_0 added
[   87.587534][ T3766] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.699710][ T3838] team0: Port device team_slave_1 added
[   87.834776][ T3766] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.873702][ T3838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.889929][ T3838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.976476][ T3838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.011907][ T3838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.019164][ T3838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.118489][ T3838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.130583][ T3656] Bluetooth: hci5: command tx timeout
[   88.195069][ T3766] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.217491][ T3654] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   88.226422][ T3654] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   88.234453][ T3654] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   88.245110][ T3654] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   88.253520][ T3654] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   88.261847][ T3654] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   88.398524][ T3654] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   88.408761][ T3654] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   88.420336][ T3654] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   88.428887][ T3654] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   88.437077][ T3654] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   88.444491][ T3654] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   88.494889][ T3867] loop2: detected capacity change from 0 to 1024
[   88.506204][ T3766] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.545590][ T3838] device hsr_slave_0 entered promiscuous mode
[   88.570931][ T3838] device hsr_slave_1 entered promiscuous mode
[   88.587491][ T3838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.597424][ T3838] Cannot create hsr debugfs directory
[   88.729788][ T3656] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   88.739628][ T3656] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   88.748190][ T3656] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   88.759787][ T3656] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   88.767801][ T3656] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   89.012772][ T3872] hfsplus: extend alloc file! (8192,512,16777719)
[   89.263552][ T3656] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   89.520014][   T46] hfsplus: b-tree write err: -5, ino 8
[   89.599232][ T3875] loop2: detected capacity change from 0 to 128
[   89.855849][ T3766] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.917198][ T3864] chnl_net:caif_netlink_parms(): no params data found
[   90.043024][ T3766] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.200095][ T3656] Bluetooth: hci5: command tx timeout
[   90.280079][ T3656] Bluetooth: hci1: command tx timeout
[   90.291162][ T3838] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.337305][ T3766] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.507952][ T3838] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.521063][ T3656] Bluetooth: hci2: command tx timeout
[   90.604786][ T3766] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.654458][ T3862] chnl_net:caif_netlink_parms(): no params data found
[   90.750115][ T3838] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.919589][ T3838] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.956527][ T3864] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.970164][ T3864] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.993959][ T3864] device bridge_slave_0 entered promiscuous mode
[   91.034645][ T3864] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.048924][ T3864] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.058677][ T3864] device bridge_slave_1 entered promiscuous mode
[   91.084462][ T3868] chnl_net:caif_netlink_parms(): no params data found
[   91.298669][ T3864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.316634][ T3862] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.327464][ T3862] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.330207][ T3656] Bluetooth: hci4: command tx timeout
[   91.335965][ T3862] device bridge_slave_0 entered promiscuous mode
[   91.361565][ T3864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.392249][ T3862] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.399407][ T3862] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.445890][ T3862] device bridge_slave_1 entered promiscuous mode
[   91.902181][ T3864] team0: Port device team_slave_0 added
[   91.922299][ T3838] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   91.976837][ T3862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.006931][ T3864] team0: Port device team_slave_1 added
[   92.125116][ T3838] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   92.157776][ T3868] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.176062][ T3868] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.217620][ T3868] device bridge_slave_0 entered promiscuous mode
[   92.243860][ T3862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.290152][ T3656] Bluetooth: hci5: command tx timeout
[   92.331734][ T3864] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.338814][ T3864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.365453][ T3656] Bluetooth: hci1: command tx timeout
[   92.374895][ T3864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.463560][ T3838] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   92.513755][ T3868] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.530473][ T3868] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.538998][ T3868] device bridge_slave_1 entered promiscuous mode
[   92.579004][ T3864] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.589470][ T3864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.618183][ T3656] Bluetooth: hci2: command tx timeout
[   92.624571][ T3864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.696294][ T3838] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   92.850800][ T3862] team0: Port device team_slave_0 added
[   92.898558][ T3868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.912073][ T3868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.931619][ T3862] team0: Port device team_slave_1 added
[   93.005943][ T3864] device hsr_slave_0 entered promiscuous mode
[   93.022492][ T3864] device hsr_slave_1 entered promiscuous mode
[   93.030551][ T3864] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.038145][ T3864] Cannot create hsr debugfs directory
[   93.202428][ T3862] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.209509][ T3862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.237739][ T3862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.271010][ T3868] team0: Port device team_slave_0 added
[   93.313665][ T3862] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.341873][ T3862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.386619][ T3862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.400055][ T3656] Bluetooth: hci4: command tx timeout
[   93.434089][ T3868] team0: Port device team_slave_1 added
[   94.277827][ T3868] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.296554][ T3868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.351830][ T3868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.362858][ T3656] Bluetooth: hci5: command tx timeout
[   94.429395][ T3942] loop2: detected capacity change from 0 to 512
[   94.440080][ T3656] Bluetooth: hci1: command tx timeout
[   94.537657][ T3732] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   94.627903][ T3942] loop2: detected capacity change from 0 to 512
[   94.646110][ T3868] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.658989][ T3868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.685718][ T3656] Bluetooth: hci2: command tx timeout
[   94.726158][ T3942] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   94.734885][ T3868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.779756][ T3862] device hsr_slave_0 entered promiscuous mode
[   94.791861][ T3942] EXT4-fs (loop2): invalid journal inode
[   94.797788][ T3942] EXT4-fs (loop2): can't get journal size
[   94.804482][ T3862] device hsr_slave_1 entered promiscuous mode
[   94.823105][ T3862] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.840824][ T3862] Cannot create hsr debugfs directory
[   94.890687][ T3942] EXT4-fs (loop2): 1 truncate cleaned up
[   94.917445][ T3942] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   95.029347][   T26] audit: type=1800 audit(1729096859.609:12): pid=3942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.46" name="bus" dev="loop2" ino=18 res=0 errno=0
[   95.083653][ T3838] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.090683][   T26] audit: type=1804 audit(1729096859.669:13): pid=3942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.46" name="/newroot/17/file0/bus" dev="loop2" ino=18 res=1 errno=0
[   95.254838][ T3868] device hsr_slave_0 entered promiscuous mode
[   95.290670][ T3868] device hsr_slave_1 entered promiscuous mode
[   95.307057][ T3868] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   95.330151][ T3868] Cannot create hsr debugfs directory
[   95.379095][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.402557][ T3647] EXT4-fs (loop2): unmounting filesystem.
[   95.409603][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.480309][ T3656] Bluetooth: hci4: command tx timeout
[   95.607569][ T3838] 8021q: adding VLAN 0 to HW filter on device team0
[   95.641790][ T3956] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.649773][ T3956] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.701770][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.712082][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.722538][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.729668][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.748513][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.759967][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.768787][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.775984][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.785018][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   95.961513][ T3864] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.987166][ T3961] loop2: detected capacity change from 0 to 1024
[   95.999180][ T3961] hfsplus: extend alloc file! (8192,65536,366)
[   96.031065][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   96.039252][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   96.414535][ T3965] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns
[   96.550410][ T3656] Bluetooth: hci1: command tx timeout
[   96.626511][ T3766] device hsr_slave_0 left promiscuous mode
[   96.650303][ T3766] device hsr_slave_1 left promiscuous mode
[   96.680354][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   96.687902][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_0
[   96.729763][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   96.737469][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_1
[   96.761037][ T3656] Bluetooth: hci2: command tx timeout
[   96.768451][ T3766] device bridge_slave_1 left promiscuous mode
[   96.800800][ T3766] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.815160][ T3766] device bridge_slave_0 left promiscuous mode
[   96.857449][ T3766] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.912593][ T3766] device hsr_slave_0 left promiscuous mode
[   96.951110][ T3766] device hsr_slave_1 left promiscuous mode
[   96.960325][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   96.967793][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.014148][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.029368][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.050558][ T3766] device bridge_slave_1 left promiscuous mode
[   97.056832][ T3766] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.098408][ T3766] device bridge_slave_0 left promiscuous mode
[   97.130166][ T3766] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.262386][ T3766] device veth1_macvtap left promiscuous mode
[   97.268873][ T3766] device veth0_macvtap left promiscuous mode
[   97.277400][ T3980] loop2: detected capacity change from 0 to 128
[   97.284475][ T3766] device veth1_vlan left promiscuous mode
[   97.299757][ T3766] device veth0_vlan left promiscuous mode
[   97.340960][ T3766] device veth1_macvtap left promiscuous mode
[   97.347868][ T3766] device veth0_macvtap left promiscuous mode
[   97.380113][ T3766] device veth1_vlan left promiscuous mode
[   97.390797][ T3980] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   97.396226][ T3766] device veth0_vlan left promiscuous mode
[   97.401800][ T3980] ext4 filesystem being mounted at /22/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[   97.560264][ T3656] Bluetooth: hci4: command tx timeout
[   97.581318][ T3980] process 'syz.2.51' launched './file0' with NULL argv: empty string added
[   97.780012][ T3647] EXT4-fs (loop2): unmounting filesystem.
[   97.895052][ T3985] loop2: detected capacity change from 0 to 1024
[   98.352874][ T3987] hfsplus: extend alloc file! (8192,512,16777719)
[   98.495955][ T3766] team0 (unregistering): Port device team_slave_1 removed
[   98.539748][ T3766] team0 (unregistering): Port device team_slave_0 removed
[   98.577238][ T3766] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   98.621224][ T3766] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   98.799914][   T56] hfsplus: b-tree write err: -5, ino 8
[   99.120583][ T3766] bond0 (unregistering): Released all slaves
[   99.190062][  T152] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   99.380045][  T152] usb 3-1: device descriptor read/64, error -71
[   99.504458][ T3766] team0 (unregistering): Port device team_slave_1 removed
[   99.543412][ T3766] team0 (unregistering): Port device team_slave_0 removed
[   99.584110][ T3766] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.622568][ T3766] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.654543][  T152] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   99.850041][  T152] usb 3-1: device descriptor read/64, error -71
[   99.970419][  T152] usb usb3-port1: attempt power cycle
[  100.019660][ T3766] bond0 (unregistering): Released all slaves
[  100.106451][ T3864] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.128634][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  100.141645][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  100.157114][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  100.167016][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  100.177702][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  100.188426][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.197727][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  100.282343][ T3864] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.304241][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  100.313378][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  100.329176][ T3838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  100.394767][  T152] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  100.457087][ T3864] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.490265][  T152] usb 3-1: device descriptor read/8, error -71
[  100.728482][ T3864] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  100.759577][ T3864] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  100.760043][  T152] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  100.786967][ T3864] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  100.807806][ T3864] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  100.860393][  T152] usb 3-1: device descriptor read/8, error -71
[  100.942241][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  100.960370][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  100.982381][  T152] usb usb3-port1: unable to enumerate USB device
[  101.072917][ T3838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.402758][ T3864] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.428975][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  101.451924][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.472792][ T3864] 8021q: adding VLAN 0 to HW filter on device team0
[  101.538617][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  101.562425][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.599144][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.606374][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.664997][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  101.681479][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  101.699140][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.709302][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.716493][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.786563][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  101.796070][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  101.824599][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  101.838666][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  101.848316][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  101.857700][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  101.884012][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  101.895438][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  101.904911][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  102.069060][ T3864] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  102.090259][ T3864] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  102.100999][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  102.109653][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  102.223110][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  102.256265][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  102.370063][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  102.378501][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  102.414618][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  102.436738][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  102.551337][ T3838] device veth0_vlan entered promiscuous mode
[  102.595785][ T3838] device veth1_vlan entered promiscuous mode
[  102.687973][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  102.706990][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  102.753476][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  102.794405][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  102.835014][ T3838] device veth0_macvtap entered promiscuous mode
[  102.952383][ T3868] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  103.000473][ T3838] device veth1_macvtap entered promiscuous mode
[  103.019408][ T3868] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  103.090490][ T3868] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  103.122457][ T3838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.145980][ T3838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.187043][ T3838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.212525][ T3838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.240521][ T3838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.288169][ T3838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.312053][ T3838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.368553][ T3868] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  103.388297][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  103.397011][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  103.416661][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  103.451371][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  103.478105][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  103.517214][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  103.541457][ T3864] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.570569][ T3838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.581575][ T3838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.591527][ T3838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.602712][ T3838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.630004][ T3838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.641559][ T3838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.660325][ T3838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.731981][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  103.741151][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  103.756069][ T3862] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  103.794179][ T3862] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  103.924682][ T3862] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  103.945174][ T4042] loop2: detected capacity change from 0 to 512
[  103.985164][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  104.006322][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  104.017570][ T3838] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.029616][ T3838] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.031209][ T4042] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  104.049163][ T3838] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.060190][ T4042] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038 (0x7fffffff)
[  104.072949][ T4042] EXT4-fs (loop2): unmounting filesystem.
[  104.099873][ T3838] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.124267][ T3862] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  104.352167][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  104.365455][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  104.388408][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  104.397112][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  104.421290][ T3864] device veth0_vlan entered promiscuous mode
[  104.439730][ T3766] device hsr_slave_0 left promiscuous mode
[  104.453806][ T3766] device hsr_slave_1 left promiscuous mode
[  104.465041][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.472995][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.496960][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.507318][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.515337][ T3766] device bridge_slave_1 left promiscuous mode
[  104.530198][ T3766] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.539310][ T3766] device bridge_slave_0 left promiscuous mode
[  104.560520][ T3766] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.599742][ T3766] device veth1_macvtap left promiscuous mode
[  104.613869][ T3766] device veth0_macvtap left promiscuous mode
[  104.620608][ T3766] device veth1_vlan left promiscuous mode
[  104.626427][ T3766] device veth0_vlan left promiscuous mode
[  105.060056][ T3685] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  105.151495][ T3766] team0 (unregistering): Port device team_slave_1 removed
[  105.188949][ T3766] team0 (unregistering): Port device team_slave_0 removed
[  105.223702][ T3766] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  105.263563][ T3766] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  105.310023][ T3685] usb 3-1: Using ep0 maxpacket: 32
[  105.433710][ T3685] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.600181][ T3685] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  105.609697][ T3685] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.618379][ T3685] usb 3-1: Product: syz
[  105.622744][ T3685] usb 3-1: Manufacturer: syz
[  105.627648][ T3685] usb 3-1: SerialNumber: syz
[  105.674626][ T3766] bond0 (unregistering): Released all slaves
[  105.772712][ T3864] device veth1_vlan entered promiscuous mode
[  105.832684][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.860535][ T3868] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.887141][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.931399][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  105.946836][ T3864] device veth0_macvtap entered promiscuous mode
[  105.958666][ T1228] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.972063][ T1228] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.985240][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  105.994738][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  106.022438][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  106.031961][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  106.044311][ T3864] device veth1_macvtap entered promiscuous mode
[  106.100971][ T3862] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.133094][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  106.150781][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  106.161613][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  106.181645][ T3868] 8021q: adding VLAN 0 to HW filter on device team0
[  106.204704][ T3864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.217074][ T3864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.228678][ T3864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.239477][ T3864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.250432][ T3864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.261773][ T3864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.273871][ T3864] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.309474][ T3864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.339959][ T3864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.359857][ T3864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.377467][ T3864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.388150][ T3864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.402943][ T3864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.416452][ T3864] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.432619][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  106.446216][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.455583][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  106.465055][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  106.482841][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  106.510923][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  106.528996][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  106.538963][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  106.548113][ T1228] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.555321][ T1228] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.577418][ T3864] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.590882][ T3864] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.599738][ T3864] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.609491][ T3864] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.625906][ T3862] 8021q: adding VLAN 0 to HW filter on device team0
[  106.653881][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  106.666129][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  106.677586][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  106.687621][ T1228] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.694790][ T1228] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.704736][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  106.729587][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  106.739254][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  106.757568][ T3934] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.764809][ T3934] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.781908][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  106.791273][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  106.810654][ T3934] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.817855][ T3934] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.826344][ T3934] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  106.864238][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  106.892576][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  106.918410][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  106.943923][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  106.977920][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  106.993489][ T3685] cdc_ncm 3-1:1.0: failed to get mac address
[  107.035614][ T3685] cdc_ncm 3-1:1.0: bind() failure
[  107.042596][ T4062] kvm: emulating exchange as write
[  107.049437][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  107.072862][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  107.086727][ T3685] cdc_ncm: probe of 3-1:1.1 failed with error -71
[  107.090395][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  107.110621][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  107.120103][ T3685] cdc_mbim: probe of 3-1:1.1 failed with error -71
[  107.128851][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  107.138393][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  107.150019][ T3685] usbtest: probe of 3-1:1.1 failed with error -71
[  107.156426][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  107.168248][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  107.178865][ T3685] usb 3-1: USB disconnect, device number 6
[  107.186048][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  107.218161][ T3868] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  107.266610][ T3868] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  107.297951][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  107.315309][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  107.333945][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  107.346758][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  107.356158][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  107.365027][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  107.374639][ T1228] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  107.399724][ T3862] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  107.441054][ T3766] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.464051][ T3766] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.525105][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  107.548424][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.584195][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.646795][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  108.022226][ T4080] loop2: detected capacity change from 0 to 16
[  108.037834][ T4080] erofs: (device loop2): mounted with root inode @ nid 36.
[  108.057757][ T4080] syz.2.59: attempt to access beyond end of device
[  108.057757][ T4080] loop2: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  108.080123][ T4080] netlink: 8 bytes leftover after parsing attributes in process `syz.2.59'.
[  108.929003][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  108.950193][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  109.154950][ T3862] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.628872][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  109.664259][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  109.770044][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  109.778553][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  109.844876][ T3862] device veth0_vlan entered promiscuous mode
[  109.877490][ T3868] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.900257][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  109.910931][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  109.943116][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  109.951352][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  110.064926][ T3862] device veth1_vlan entered promiscuous mode
[  110.117436][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  110.151312][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  110.214310][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  111.389897][ T4118] loop2: detected capacity change from 0 to 512
[  111.753513][ T4118] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  111.781513][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  111.793631][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  111.803931][ T4118] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #15: comm syz.2.66: corrupted in-inode xattr
[  111.817266][ T4118] EXT4-fs (loop2): Remounting filesystem read-only
[  111.823927][ T4118] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.66: couldn't read orphan inode 15 (err -117)
[  111.836242][ T4118] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  111.881130][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  111.934407][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  112.015162][ T3868] device veth0_vlan entered promiscuous mode
[  112.038063][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  112.066776][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  112.082912][ T3862] device veth0_macvtap entered promiscuous mode
[  112.126390][ T3868] device veth1_vlan entered promiscuous mode
[  112.149895][ T3688] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  112.204198][ T3862] device veth1_macvtap entered promiscuous mode
[  112.278409][ T3862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.296352][ T3862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.325697][ T3862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.366101][ T3862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.377195][ T3862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.398052][ T3862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.409783][ T3862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.448716][ T3862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.463459][ T3862] batman_adv: batadv0: Interface activated: batadv_slave_0
[  112.475871][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  112.492657][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  112.503761][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  112.519719][ T3862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.540777][ T3862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.552886][ T3688] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10
[  112.579596][ T3688] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25711, setting to 1024
[  112.599962][ T3862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.612560][ T3862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.633687][ T3862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.657016][ T3862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.682494][ T3862] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.718622][ T3862] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.795814][ T3688] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  112.805247][ T3688] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.841869][ T3688] usb 3-1: Product: syz
[  112.847560][ T3688] usb 3-1: Manufacturer: syz
[  112.855241][ T3862] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.875236][ T3688] usb 3-1: SerialNumber: syz
[  112.981376][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  112.997926][ T3688] usb 3-1: config 0 descriptor??
[  113.005181][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  113.050162][ T4117] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  113.087841][ T3862] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.106008][ T3688] usb 3-1: Found UVC 0.00 device syz (18ec:3288)
[  113.115033][ T3688] usb 3-1: No valid video chain found.
[  113.122777][ T3862] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.196899][ T3862] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.455150][ T3688] usb 3-1: USB disconnect, device number 7
[  113.503529][ T3862] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.671595][ T3647] EXT4-fs (loop2): unmounting filesystem.
[  113.679392][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  113.741226][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  113.756852][ T3868] device veth0_macvtap entered promiscuous mode
[  113.878481][ T3868] device veth1_macvtap entered promiscuous mode
[  114.011774][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  114.058267][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  114.114977][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.149946][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.205963][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.217114][ T3688] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  114.237495][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.280901][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.299860][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.319875][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  114.339863][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  114.379865][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  115.210658][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.230149][ T3688] usb 3-1: Using ep0 maxpacket: 32
[  115.272599][ T3868] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.318818][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  115.334321][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  115.362274][ T3705] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.372810][ T3688] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  115.376054][ T3705] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.404275][ T3688] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  115.435777][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.446900][ T3688] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  115.466908][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.477228][ T3688] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.493999][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.503296][ T3688] usb 3-1: config 0 descriptor??
[  115.524351][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.540232][ T4138] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  115.565476][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.576278][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.591253][ T3688] hub 3-1:0.0: USB hub found
[  115.593111][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.621903][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.639460][ T3868] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  115.656895][ T3868] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  115.688873][ T3868] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.699496][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  115.751138][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  115.760957][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  115.808685][ T3868] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.821589][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.829672][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.840144][ T3688] hub 3-1:0.0: 2 ports detected
[  115.858634][ T3868] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.867911][ T3868] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.880792][ T4159] loop0: detected capacity change from 0 to 16
[  115.882016][ T3868] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.887727][ T4159] erofs: Unknown parameter ''
[  115.936544][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  115.980342][ T3732] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  116.629431][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.657089][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.954067][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  117.145731][ T3844] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  117.744382][ T3844] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.280253][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  119.329059][ T3688] usb 3-1: USB disconnect, device number 8
[  120.240264][ T4206] device syzkaller0 entered promiscuous mode
[  120.430098][  T945] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  120.759961][  T945] usb 5-1: Using ep0 maxpacket: 32
[  120.880156][  T945] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  120.900105][  T945] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  120.941451][  T945] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  120.975559][  T945] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.040687][  T945] usb 5-1: config 0 descriptor??
[  121.136068][  T945] hub 5-1:0.0: USB hub found
[  121.430189][  T945] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  121.884187][ T4242] loop2: detected capacity change from 0 to 128
[  121.930246][  T945] usbhid 5-1:0.0: can't add hid device: -71
[  121.936232][  T945] usbhid: probe of 5-1:0.0 failed with error -71
[  122.024506][  T945] usb 5-1: USB disconnect, device number 2
[  124.289076][ T4261] loop0: detected capacity change from 0 to 1024
[  124.301015][ T4261] hfsplus: extend alloc file! (8192,65536,366)
[  124.370015][   T14] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  124.606928][ T4265] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns
[  124.900712][   T14] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  124.919907][   T14] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  124.999952][   T14] usb 5-1: config 1 has no interface number 0
[  125.043218][   T14] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.076996][   T14] usb 5-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  125.215465][ T4273] loop3: detected capacity change from 0 to 256
[  125.284942][ T4273] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  125.370564][   T14] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  125.386939][   T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.415709][   T14] usb 5-1: Product: syz
[  125.422393][   T14] usb 5-1: Manufacturer: syz
[  125.429268][   T14] usb 5-1: SerialNumber: syz
[  125.536950][   T14] usb 5-1: selecting invalid altsetting 1
[  125.847003][ T4283] loop2: detected capacity change from 0 to 1024
[  125.862404][ T4283] EXT4-fs (loop2): Can't support bigalloc feature without extents feature
[  125.862404][ T4283] 
[  125.890178][ T4283] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  126.772342][   T14] cdc_ncm 5-1:1.1: failed GET_NTB_PARAMETERS
[  126.778374][   T14] cdc_ncm 5-1:1.1: bind() failure
[  126.856939][   T14] usb 5-1: USB disconnect, device number 3
[  127.111233][ T4293] loop3: detected capacity change from 0 to 1024
[  127.190850][ T4293] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[  127.199629][ T4293] System zones: 0-1, 3-12
[  127.231364][ T4293] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  127.486842][ T3868] EXT4-fs (loop3): unmounting filesystem.
[  128.184684][ T4304] loop2: detected capacity change from 0 to 512
[  128.306086][ T4304] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz.2.104: bad orphan inode 15
[  128.460659][ T4304] ext4_test_bit(bit=14, block=5) = 0
[  128.466067][ T4304] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  128.572038][ T4317] xt_CONNSECMARK: invalid mode: 0
[  128.676134][ T3647] EXT4-fs (loop2): unmounting filesystem.
[  129.132867][ T4323] loop2: detected capacity change from 0 to 2048
[  129.197788][ T4323] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  129.226121][ T4323] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  129.854018][ T4330] loop2: detected capacity change from 0 to 16
[  129.911671][ T4330] erofs: (device loop2): mounted with root inode @ nid 36.
[  130.643589][ T3654] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  130.659993][ T3654] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  130.668237][ T3654] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  130.687168][ T3654] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  130.706656][ T3654] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  130.725812][ T3654] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  132.923456][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  132.925249][ T3654] Bluetooth: hci6: command tx timeout
[  132.936763][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  133.731975][ T4348] Bluetooth: MGMT ver 1.22
[  134.151953][ T4358] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns
[  134.738760][ T4364] loop3: detected capacity change from 0 to 2048
[  134.766587][ T4364] EXT4-fs (loop3): unable to read superblock
[  135.000299][ T3654] Bluetooth: hci6: command tx timeout
[  135.121449][ T4334] chnl_net:caif_netlink_parms(): no params data found
[  136.060106][ T3862] syz-executor (3862) used greatest stack depth: 19320 bytes left
[  136.069321][ T4385] xt_CONNSECMARK: invalid mode: 0
[  136.104698][ T4387] loop0: detected capacity change from 0 to 1024
[  136.114462][ T4387] EXT4-fs: Ignoring removed orlov option
[  136.155310][ T4387] EXT4-fs: Ignoring removed nomblk_io_submit option
[  136.199561][ T4387] EXT4-fs (loop0): inodes count not valid: 32 vs 23
[  136.234217][ T4211] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.254309][ T3732] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  136.321976][ T4391] loop2: detected capacity change from 0 to 1024
[  136.790957][   T26] audit: type=1326 audit(1729096901.379:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  137.080994][ T3654] Bluetooth: hci6: command tx timeout
[  137.478066][   T26] audit: type=1326 audit(1729096901.379:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  137.507641][   T26] audit: type=1326 audit(1729096901.499:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f80fc17c897 code=0x7ffc0000
[  137.569597][ T4392] netlink: 'syz.4.127': attribute type 1 has an invalid length.
[  137.636483][   T26] audit: type=1326 audit(1729096901.499:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  137.787817][ T4211] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.274834][   T26] audit: type=1326 audit(1729096901.499:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  138.544750][ T4407] hfsplus: extend alloc file! (8192,512,16777719)
[  138.551310][   T26] audit: type=1326 audit(1729096901.499:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  138.551351][   T26] audit: type=1326 audit(1729096901.499:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  138.551386][   T26] audit: type=1326 audit(1729096901.499:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  138.642573][ T4211] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.738446][ T4334] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.791141][ T4334] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.793036][ T4419] loop0: detected capacity change from 0 to 1024
[  138.810095][ T4334] device bridge_slave_0 entered promiscuous mode
[  138.841115][   T26] audit: type=1326 audit(1729096901.499:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  138.872489][ T4211] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.970853][ T4334] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.978704][ T4334] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.119764][ T4334] device bridge_slave_1 entered promiscuous mode
[  139.183434][ T3654] Bluetooth: hci6: command tx timeout
[  139.195829][ T4334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  139.241792][   T26] audit: type=1326 audit(1729096901.499:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80fc17dff9 code=0x7ffc0000
[  139.393427][ T4425] hfsplus: extend alloc file! (8192,512,16777719)
[  139.700248][ T4344] hfsplus: b-tree write err: -5, ino 8
[  139.712195][ T4334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  139.933684][ T4334] team0: Port device team_slave_0 added
[  140.052041][ T4436] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns
[  140.520940][ T4334] team0: Port device team_slave_1 added
[  140.732690][ T4334] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.739703][ T4334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.918169][ T4334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.713665][ T4334] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.730838][ T4334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.269869][ T4334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  143.576888][ T4334] device hsr_slave_0 entered promiscuous mode
[  143.640554][ T4334] device hsr_slave_1 entered promiscuous mode
[  143.687761][ T4334] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  143.731061][ T4334] Cannot create hsr debugfs directory
[  143.836643][ T4472] loop3: detected capacity change from 0 to 512
[  144.060477][ T3732] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  144.134132][ T4472] loop3: detected capacity change from 0 to 512
[  144.162085][ T4478] Zero length message leads to an empty skb
[  144.174725][ T4478] No such timeout policy "syz1"
[  144.436982][ T4472] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  144.660389][ T3696] hfsplus: b-tree write err: -5, ino 8
[  144.742622][ T4472] EXT4-fs (loop3): invalid journal inode
[  144.756034][ T4476] loop0: detected capacity change from 0 to 1024
[  144.818481][ T4472] EXT4-fs (loop3): can't get journal size
[  144.896013][ T4472] EXT4-fs (loop3): 1 truncate cleaned up
[  144.902720][ T4472] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  145.168399][   T26] kauditd_printk_skb: 29 callbacks suppressed
[  145.168429][   T26] audit: type=1800 audit(1729096909.539:53): pid=4472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.140" name="bus" dev="loop3" ino=18 res=0 errno=0
[  145.272653][ T3868] EXT4-fs (loop3): unmounting filesystem.
[  145.332887][ T4493] hfsplus: extend alloc file! (8192,512,16777719)
[  145.488065][   T26] audit: type=1804 audit(1729096909.549:54): pid=4472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.140" name="/newroot/18/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  145.719183][ T4344] hfsplus: b-tree write err: -5, ino 8
[  147.636015][ T4516] xt_CONNSECMARK: invalid mode: 0
[  148.647002][ T4211] device hsr_slave_0 left promiscuous mode
[  148.674167][ T4211] device hsr_slave_1 left promiscuous mode
[  148.700995][ T4211] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.744773][ T4211] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.808983][ T4211] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.996075][ T4211] batman_adv: batadv0: Removing interface: batadv_slave_1
[  149.043199][ T4211] device bridge_slave_1 left promiscuous mode
[  149.062737][ T4211] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.097567][ T4211] device bridge_slave_0 left promiscuous mode
[  149.401614][ T4211] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.504738][ T4211] device veth1_macvtap left promiscuous mode
[  149.537766][ T4211] device veth0_macvtap left promiscuous mode
[  149.576464][ T4211] device veth1_vlan left promiscuous mode
[  149.602368][ T4211] device veth0_vlan left promiscuous mode
[  150.906332][ T4544] loop2: detected capacity change from 0 to 512
[  150.958631][ T3732] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  150.987738][ T4544] loop2: detected capacity change from 0 to 512
[  150.995733][ T3732] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  151.028677][ T4544] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  151.071087][ T4544] EXT4-fs (loop2): invalid journal inode
[  151.082441][ T4544] EXT4-fs (loop2): can't get journal size
[  151.138186][ T4544] EXT4-fs (loop2): 1 truncate cleaned up
[  151.158147][ T4544] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  151.189414][   T26] audit: type=1800 audit(1729096915.769:55): pid=4544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.154" name="bus" dev="loop2" ino=18 res=0 errno=0
[  151.250765][   T26] audit: type=1804 audit(1729096915.819:56): pid=4544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.154" name="/newroot/46/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  151.322811][ T4551] loop3: detected capacity change from 0 to 16
[  151.337508][ T4551] erofs: (device loop3): mounted with root inode @ nid 36.
[  151.761380][ T3647] EXT4-fs (loop2): unmounting filesystem.
[  151.933180][ T4211] team0 (unregistering): Port device team_slave_1 removed
[  152.113047][ T4211] team0 (unregistering): Port device team_slave_0 removed
[  152.294062][ T4211] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.405073][ T4211] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  154.615013][ T4573] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  155.472137][ T4581] loop3: detected capacity change from 0 to 1024
[  155.494378][ T4581] hfsplus: extend alloc file! (8192,65536,366)
[  155.561163][ T4584] loop2: detected capacity change from 0 to 1024
[  155.658170][ T4585] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns
[  156.270507][ T4586] hfsplus: extend alloc file! (8192,512,16777719)
[  156.575784][ T4479] hfsplus: b-tree write err: -5, ino 8
[  156.761797][ T4211] bond0 (unregistering): Released all slaves
[  156.844647][ T4594] loop2: detected capacity change from 0 to 1024
[  157.437703][ T4334] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  157.567961][ T4334] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  157.619920][ T4334] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  157.672939][ T4334] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  157.946850][ T4610] loop0: detected capacity change from 0 to 256
[  158.033117][ T3732] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  158.307942][ T4613] hfsplus: extend alloc file! (8192,512,16777719)
[  158.490172][ T3685] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  158.504495][ T4334] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.589331][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  158.604425][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  158.621428][ T4334] 8021q: adding VLAN 0 to HW filter on device team0
[  158.645855][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  158.664593][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  158.686092][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.693273][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.748130][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  158.761286][ T3685] usb 1-1: Using ep0 maxpacket: 16
[  158.777514][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  158.799719][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  158.822253][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.829489][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.856940][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  158.896534][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  158.910179][ T3685] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.931627][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  158.952721][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  158.969967][ T3685] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.006675][ T3685] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  159.033953][ T4334] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  159.077426][ T3766] hfsplus: b-tree write err: -5, ino 8
[  159.079859][ T3685] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  159.097285][ T4334] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  159.107955][ T3685] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.157008][ T3685] usb 1-1: config 0 descriptor??
[  159.164566][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  159.181005][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  159.221585][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  159.259207][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  159.277587][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  159.297781][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  159.317490][ T4616] loop2: detected capacity change from 0 to 2048
[  159.318942][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  159.361633][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  159.444735][ T4616] loop2: detected capacity change from 0 to 512
[  159.752833][ T3685] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0002/input/input6
[  159.831454][ T3685] microsoft 0003:045E:07DA.0002: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  159.861164][ T4616] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #15: comm syz.2.173: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964)
[  159.930518][ T4616] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.173: couldn't read orphan inode 15 (err -117)
[  159.943517][ T4616] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  160.019698][ T3647] EXT4-fs (loop2): unmounting filesystem.
[  160.027367][ T3685] usb 1-1: USB disconnect, device number 2
[  160.206783][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  160.219155][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  160.235580][ T4334] 8021q: adding VLAN 0 to HW filter on device batadv0
[  160.298632][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  160.328422][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  160.424654][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  160.434094][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  160.445926][ T4334] device veth0_vlan entered promiscuous mode
[  160.460326][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  160.513884][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  160.542150][ T4334] device veth1_vlan entered promiscuous mode
[  160.598955][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  160.601068][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  160.601701][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  160.602403][ T4268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  160.611720][ T4635] loop2: detected capacity change from 0 to 1024
[  160.620815][ T4334] device veth0_macvtap entered promiscuous mode
[  160.624336][ T4334] device veth1_macvtap entered promiscuous mode
[  160.675825][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.675845][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.675853][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.675863][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.675873][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.675882][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.675891][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.675900][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.675908][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.675918][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.700576][ T4334] batman_adv: batadv0: Interface activated: batadv_slave_0
[  160.700728][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  160.701370][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  160.701863][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  160.702339][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  160.721603][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.920117][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.930451][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.941386][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.951392][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.970468][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.982015][ T4639] hfsplus: extend alloc file! (8192,512,16777719)
[  160.988914][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.019573][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.061742][ T4334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.110126][ T4334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.123303][ T4334] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.244972][ T4334] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.272982][ T4334] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.385166][ T4646] loop0: detected capacity change from 0 to 1024
[  161.555170][ T4646] hfsplus: xattr searching failed
[  162.118597][ T4334] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  162.230109][ T4334] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.260878][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  162.282097][ T3705] hfsplus: b-tree write err: -5, ino 8
[  162.290854][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  163.012127][ T4479] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.040768][ T4479] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.089290][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  163.110008][ T4655] loop2: detected capacity change from 0 to 512
[  163.164846][ T3696] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  163.189246][ T3696] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  163.197701][ T3732] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  163.216121][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  163.242200][ T4655] loop2: detected capacity change from 0 to 512
[  163.242291][ T3732] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  163.304013][ T4655] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  163.350571][ T4655] EXT4-fs (loop2): invalid journal inode
[  163.356340][ T4655] EXT4-fs (loop2): can't get journal size
[  163.424206][ T4659] loop3: detected capacity change from 0 to 512
[  163.520989][ T4655] EXT4-fs (loop2): 1 truncate cleaned up
[  163.526783][ T4655] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  163.639563][   T26] audit: type=1800 audit(1729096928.219:57): pid=4655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.185" name="bus" dev="loop2" ino=18 res=0 errno=0
[  163.735217][   T26] audit: type=1804 audit(1729096928.269:58): pid=4655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.185" name="/newroot/56/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  163.739071][ T4659] EXT4-fs error (device loop3): ext4_orphan_get:1422: comm syz.3.186: bad orphan inode 15
[  163.808264][ T4659] ext4_test_bit(bit=14, block=5) = 0
[  163.814724][ T3647] EXT4-fs (loop2): unmounting filesystem.
[  163.882551][ T4659] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  165.273014][ T4659] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters
[  165.384418][ T4659] EXT4-fs error (device loop3): ext4_free_inode:355: comm syz.3.186: bit already cleared for inode 13
[  165.656249][ T4684] xt_CONNSECMARK: invalid mode: 0
[  166.181714][ T4479] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.271843][ T3868] EXT4-fs (loop3): unmounting filesystem.
[  166.424552][ T4479] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.515738][ T4479] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.670917][ T4692] loop1: detected capacity change from 0 to 512
[  166.699675][ T4479] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.770628][ T3741] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  166.816902][ T4692] loop1: detected capacity change from 0 to 512
[  166.824075][ T3741] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  166.863952][ T3741] Buffer I/O error on dev loop1, logical block 0, async page read
[  166.904440][ T4692] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  166.925653][ T4692] EXT4-fs (loop1): invalid journal inode
[  166.955071][ T4692] EXT4-fs (loop1): can't get journal size
[  166.965480][ T4692] EXT4-fs (loop1): 1 truncate cleaned up
[  166.971655][ T4692] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  166.984009][   T26] audit: type=1800 audit(1729096931.569:59): pid=4692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.199" name="bus" dev="loop1" ino=18 res=0 errno=0
[  167.484502][   T26] audit: type=1804 audit(1729096931.949:60): pid=4702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.199" name="/newroot/2/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  167.669923][ T4334] EXT4-fs (loop1): unmounting filesystem.
[  168.158235][ T3656] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  168.169169][ T3656] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  168.183724][ T3656] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  168.191904][ T3656] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  168.213310][ T3655] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  168.224432][ T3656] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  168.381174][ T3687] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  168.620032][ T3687] usb 2-1: Using ep0 maxpacket: 32
[  168.740227][ T3687] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.926080][ T3687] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.947910][ T3687] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  169.043757][ T3687] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.059717][ T3687] usb 2-1: config 0 descriptor??
[  169.121645][ T3687] hub 2-1:0.0: USB hub found
[  169.451036][ T3687] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  170.280309][ T3656] Bluetooth: hci1: command tx timeout
[  171.280015][ T3687] usbhid 2-1:0.0: can't add hid device: -71
[  171.286013][ T3687] usbhid: probe of 2-1:0.0 failed with error -71
[  171.333830][ T4757] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  171.489910][ T3687] usb 2-1: USB disconnect, device number 2
[  171.507617][ T4759] loop0: detected capacity change from 0 to 512
[  171.595250][ T4759] loop0: detected capacity change from 0 to 512
[  171.680511][ T4723] chnl_net:caif_netlink_parms(): no params data found
[  171.800873][ T4759] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  171.812038][ T4759] EXT4-fs (loop0): invalid journal inode
[  171.817802][ T4759] EXT4-fs (loop0): can't get journal size
[  171.880034][ T4759] EXT4-fs (loop0): 1 truncate cleaned up
[  171.887927][ T4759] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  171.961461][   T26] audit: type=1800 audit(1729096936.549:61): pid=4759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.212" name="bus" dev="loop0" ino=18 res=0 errno=0
[  172.087278][   T26] audit: type=1804 audit(1729096936.579:62): pid=4759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.212" name="/newroot/37/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  172.158041][ T4773] loop3: detected capacity change from 0 to 2048
[  172.232052][ T4776] loop1: detected capacity change from 0 to 128
[  172.328977][ T4773] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  172.362304][ T3656] Bluetooth: hci1: command tx timeout
[  172.518440][ T4776] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  172.528812][ T4776] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[  172.896022][ T4334] EXT4-fs (loop1): unmounting filesystem.
[  172.913489][ T3864] EXT4-fs (loop0): unmounting filesystem.
[  173.181734][ T4791] loop1: detected capacity change from 0 to 128
[  174.640275][ T4789] loop0: detected capacity change from 0 to 1024
[  174.689618][ T3654] Bluetooth: hci1: command tx timeout
[  174.850848][ T4791] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  174.859685][ T4791] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  174.999122][ T4334] EXT4-fs (loop1): unmounting filesystem.
[  175.198241][ T4723] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.263051][ T4723] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.296785][ T4723] device bridge_slave_0 entered promiscuous mode
[  176.254777][ T3687] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  176.509938][ T3687] usb 4-1: Using ep0 maxpacket: 32
[  176.558386][ T4479] device hsr_slave_0 left promiscuous mode
[  176.565104][ T4479] device hsr_slave_1 left promiscuous mode
[  176.582380][ T4479] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  176.590257][ T4479] batman_adv: batadv0: Removing interface: batadv_slave_0
[  176.628474][ T4479] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  176.630252][ T3687] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.673360][ T4479] batman_adv: batadv0: Removing interface: batadv_slave_1
[  176.679275][ T3687] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.708609][ T4479] device bridge_slave_1 left promiscuous mode
[  176.735487][ T4479] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.749238][ T3687] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  176.760046][ T3654] Bluetooth: hci1: command tx timeout
[  176.775945][ T4479] device bridge_slave_0 left promiscuous mode
[  176.785907][ T3687] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.828374][ T4479] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.881834][ T3687] usb 4-1: config 0 descriptor??
[  177.070884][ T3687] hub 4-1:0.0: USB hub found
[  177.293388][ T4479] device veth1_macvtap left promiscuous mode
[  177.337073][ T4479] device veth0_macvtap left promiscuous mode
[  177.357376][ T4479] device veth1_vlan left promiscuous mode
[  177.379196][ T4479] device veth0_vlan left promiscuous mode
[  177.390112][ T3687] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[  178.050017][ T3687] usbhid 4-1:0.0: can't add hid device: -71
[  178.912440][ T3687] usbhid: probe of 4-1:0.0 failed with error -71
[  179.010711][ T3687] usb 4-1: USB disconnect, device number 3
[  179.926364][ T4853] loop3: detected capacity change from 0 to 128
[  180.000631][ T4853] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  180.011440][ T4853] ext4 filesystem being mounted at /39/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  181.117967][ T3868] EXT4-fs (loop3): unmounting filesystem.
[  183.876940][ T4479] team0 (unregistering): Port device team_slave_1 removed
[  184.622070][ T4479] team0 (unregistering): Port device team_slave_0 removed
[  185.905654][ T4479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.975569][ T4911] loop1: detected capacity change from 0 to 128
[  186.070997][ T4911] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  186.109342][ T4479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.128411][ T4911] ext4 filesystem being mounted at /15/mnt supports timestamps until 2038 (0x7fffffff)
[  186.338789][ T4918] loop3: detected capacity change from 0 to 512
[  186.420058][ T4918] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  186.422721][ T4923] loop0: detected capacity change from 0 to 512
[  186.468426][ T4918] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  186.523743][ T3732] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  186.544000][ T4918] EXT4-fs (loop3): 1 truncate cleaned up
[  186.549712][ T4918] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  186.561980][ T4923] loop0: detected capacity change from 0 to 512
[  186.667873][ T4923] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  186.706308][ T4923] EXT4-fs (loop0): invalid journal inode
[  186.716913][ T4334] EXT4-fs (loop1): unmounting filesystem.
[  186.740675][ T4923] EXT4-fs (loop0): can't get journal size
[  186.842715][ T4923] EXT4-fs (loop0): 1 truncate cleaned up
[  186.858675][ T4923] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  186.871271][   T26] audit: type=1800 audit(1729096951.459:63): pid=4923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.238" name="bus" dev="loop0" ino=18 res=0 errno=0
[  186.997274][ T3864] EXT4-fs (loop0): unmounting filesystem.
[  188.099488][ T4937] loop0: detected capacity change from 0 to 1024
[  188.194882][ T4937] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
[  188.709524][ T3868] EXT4-fs (loop3): unmounting filesystem.
[  189.903118][ T4479] bond0 (unregistering): Released all slaves
[  189.940824][ T4962] loop3: detected capacity change from 0 to 8
[  190.774053][ T4970] loop1: detected capacity change from 0 to 512
[  190.925204][ T4969] SQUASHFS error: Failed to read block 0x4e8: -5
[  190.998339][ T3732] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  191.013903][   T26] audit: type=1800 audit(1729096955.599:64): pid=4969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.257" name="file1" dev="loop3" ino=5 res=0 errno=0
[  191.019275][ T4970] loop1: detected capacity change from 0 to 512
[  191.062611][ T3732] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  191.087121][ T3656] Bluetooth: hci0: command 0x0406 tx timeout
[  191.105847][ T3732] Buffer I/O error on dev loop1, logical block 0, async page read
[  191.286105][ T4723] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.315266][ T4970] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  191.329432][ T4723] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.338541][ T4970] EXT4-fs (loop1): invalid journal inode
[  191.363766][ T4970] EXT4-fs (loop1): can't get journal size
[  191.391035][ T4723] device bridge_slave_1 entered promiscuous mode
[  191.411147][ T4970] EXT4-fs (loop1): 1 truncate cleaned up
[  191.420116][ T4970] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  191.514186][   T26] audit: type=1800 audit(1729096956.099:65): pid=4970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.259" name="bus" dev="loop1" ino=18 res=0 errno=0
[  191.574931][ T4723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.598929][   T26] audit: type=1804 audit(1729096956.119:66): pid=4970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.259" name="/newroot/18/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  191.631567][ T4334] EXT4-fs (loop1): unmounting filesystem.
[  191.643302][ T4723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.814747][ T4984] loop1: detected capacity change from 0 to 256
[  191.845371][ T4723] team0: Port device team_slave_0 added
[  191.888490][ T4723] team0: Port device team_slave_1 added
[  191.908774][ T4984] FAT-fs (loop1): Directory bread(block 64) failed
[  191.931673][ T4984] FAT-fs (loop1): Directory bread(block 65) failed
[  191.992079][ T4723] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.019450][ T4723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.051045][ T4984] FAT-fs (loop1): Directory bread(block 66) failed
[  192.097018][ T4984] FAT-fs (loop1): Directory bread(block 67) failed
[  192.134492][ T4984] FAT-fs (loop1): Directory bread(block 68) failed
[  192.159221][ T4723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.159286][ T4984] FAT-fs (loop1): Directory bread(block 69) failed
[  192.200037][ T4984] FAT-fs (loop1): Directory bread(block 70) failed
[  192.217674][ T4723] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.232636][ T4984] FAT-fs (loop1): Directory bread(block 71) failed
[  192.335927][ T4993] loop0: detected capacity change from 0 to 128
[  192.434296][ T4984] FAT-fs (loop1): Directory bread(block 72) failed
[  192.493319][ T4723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.703798][ T4984] FAT-fs (loop1): Directory bread(block 73) failed
[  193.032816][ T4723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  193.125966][ T4996] loop0: detected capacity change from 0 to 8
[  193.283507][ T4996] SQUASHFS error: lzo decompression failed, data probably corrupt
[  193.366025][ T4996] SQUASHFS error: Failed to read block 0x71: -5
[  193.414233][ T4996] SQUASHFS error: lzo decompression failed, data probably corrupt
[  193.428679][ T4723] device hsr_slave_0 entered promiscuous mode
[  193.452293][ T4723] device hsr_slave_1 entered promiscuous mode
[  193.457462][ T4996] SQUASHFS error: Failed to read block 0x71: -5
[  193.468536][ T4723] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  193.530022][   T26] audit: type=1800 audit(1729096958.089:67): pid=4996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.264" name="file0" dev="loop0" ino=3 res=0 errno=0
[  193.847095][ T4723] Cannot create hsr debugfs directory
[  194.131636][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  194.137997][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  194.683895][ T5021] xt_CONNSECMARK: invalid mode: 0
[  194.783957][ T5025] loop1: detected capacity change from 0 to 512
[  194.909106][ T5025] loop1: detected capacity change from 0 to 512
[  194.964975][ T5025] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  195.082498][ T5025] EXT4-fs (loop1): invalid journal inode
[  195.088353][ T5025] EXT4-fs (loop1): can't get journal size
[  195.131642][ T5025] EXT4-fs (loop1): 1 truncate cleaned up
[  195.140789][ T5025] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  195.156521][   T26] audit: type=1800 audit(1729096959.739:68): pid=5025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.270" name="bus" dev="loop1" ino=18 res=0 errno=0
[  195.300269][   T26] audit: type=1804 audit(1729096959.739:69): pid=5025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.270" name="/newroot/22/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  195.346278][ T4334] EXT4-fs (loop1): unmounting filesystem.
[  195.552442][ T4723] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  195.596092][ T4723] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  195.617378][ T4723] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  195.645071][ T5049] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  195.653851][ T5049] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  195.681039][ T4723] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  196.703642][ T4723] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.735434][ T5056] loop3: detected capacity change from 0 to 128
[  196.782308][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  196.803904][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  196.828683][ T3732] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  196.890966][ T4723] 8021q: adding VLAN 0 to HW filter on device team0
[  197.010970][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  197.041448][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  197.091036][ T3705] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.098218][ T3705] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.157395][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  197.187344][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  197.235118][ T3705] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.242319][ T3705] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.296174][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  197.363626][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  197.397310][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  197.411720][ T5068] loop1: detected capacity change from 0 to 1024
[  197.457330][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  197.477785][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  197.641815][ T4723] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  197.708667][ T4723] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  197.760948][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  197.784331][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  197.811243][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  197.843570][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  197.867551][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  197.877466][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  197.891666][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  197.915011][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  197.982984][ T5075] hfsplus: extend alloc file! (8192,512,16777719)
[  198.486943][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  198.498540][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  198.526880][ T4723] 8021q: adding VLAN 0 to HW filter on device batadv0
[  198.617200][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  198.628443][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  198.704006][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  198.720495][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  198.731921][ T4723] device veth0_vlan entered promiscuous mode
[  198.740333][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  198.749004][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  198.777446][ T4723] device veth1_vlan entered promiscuous mode
[  198.879410][ T5095] netlink: 8 bytes leftover after parsing attributes in process `syz.4.281'.
[  198.905947][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  198.922153][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  198.939376][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  198.956840][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  198.969650][ T4723] device veth0_macvtap entered promiscuous mode
[  198.997729][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  199.044448][ T4723] device veth1_macvtap entered promiscuous mode
[  199.127247][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.158588][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.181105][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.204604][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.219460][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.254724][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.330083][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.369811][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.399878][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.436459][ T5104] loop3: detected capacity change from 0 to 512
[  199.439815][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.485693][ T4723] batman_adv: batadv0: Interface activated: batadv_slave_0
[  199.514308][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  199.536029][ T3732] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  199.560801][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  199.584885][ T5104] loop3: detected capacity change from 0 to 512
[  199.600301][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.614944][ T5104] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  199.646986][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.648830][ T5104] EXT4-fs (loop3): invalid journal inode
[  199.673090][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.706684][ T5104] EXT4-fs (loop3): can't get journal size
[  199.709568][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.747178][ T5104] EXT4-fs (loop3): 1 truncate cleaned up
[  199.749832][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.764405][ T5104] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  199.797952][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.818987][   T26] audit: type=1800 audit(1729096964.399:70): pid=5104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.283" name="bus" dev="loop3" ino=18 res=0 errno=0
[  199.896001][   T26] audit: type=1804 audit(1729096964.449:71): pid=5104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.283" name="/newroot/52/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  199.899817][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.987950][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.998130][ T4723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.022691][ T4723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.044095][ T4723] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.044434][   T35] hfsplus: b-tree write err: -5, ino 8
[  200.058217][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  200.076096][ T3868] EXT4-fs (loop3): unmounting filesystem.
[  200.102554][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  200.184424][ T4723] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.225625][ T4723] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.266382][ T4723] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.289818][ T4723] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.290263][ T5133] loop3: detected capacity change from 0 to 1024
[  201.300686][ T5133] hfsplus: extend alloc file! (8192,65536,366)
[  201.322899][ T3934] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.340068][ T3642] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  201.348912][ T3934] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.448366][ T5136] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns
[  201.629976][ T3642] usb 2-1: Using ep0 maxpacket: 32
[  201.708715][ T4479] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  201.780770][ T3642] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.801855][ T3642] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.816364][ T3642] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  201.826380][ T3642] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.850453][ T3642] usb 2-1: config 0 descriptor??
[  201.901543][ T3642] hub 2-1:0.0: USB hub found
[  201.992590][ T1228] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.002023][ T1228] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.035138][ T3730] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  202.200147][ T3642] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  202.308847][ T5145] loop0: detected capacity change from 0 to 512
[  202.390536][ T5145] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  202.445390][ T5145] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038 (0x7fffffff)
[  202.610332][   T26] audit: type=1800 audit(1729096967.199:72): pid=5145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.291" name="bus" dev="loop0" ino=18 res=0 errno=0
[  202.637001][   T26] audit: type=1800 audit(1729096967.219:73): pid=5160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.291" name="bus" dev="loop0" ino=18 res=0 errno=0
[  202.763173][   T26] audit: type=1326 audit(1729096967.349:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5165 comm="syz.2.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953637dff9 code=0x7ffc0000
[  202.832995][   T26] audit: type=1326 audit(1729096967.349:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5165 comm="syz.2.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f953637dff9 code=0x7ffc0000
[  202.841704][ T5166] loop2: detected capacity change from 0 to 1024
[  202.890075][ T3642] usbhid 2-1:0.0: can't add hid device: -71
[  202.899524][ T3642] usbhid: probe of 2-1:0.0 failed with error -71
[  202.922071][ T5166] EXT4-fs: Ignoring removed nomblk_io_submit option
[  202.941147][   T26] audit: type=1326 audit(1729096967.349:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5165 comm="syz.2.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953637dff9 code=0x7ffc0000
[  202.977486][ T3642] usb 2-1: USB disconnect, device number 3
[  202.995074][ T5166] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  203.030842][ T3864] EXT4-fs (loop0): unmounting filesystem.
[  203.049091][   T26] audit: type=1326 audit(1729096967.349:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5165 comm="syz.2.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f953637dff9 code=0x7ffc0000
[  203.121628][ T5166] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  203.167963][ T5166] System zones: 0-1, 3-36
[  203.187479][ T5166] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  203.207558][   T26] audit: type=1326 audit(1729096967.349:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5165 comm="syz.2.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f953637dff9 code=0x7ffc0000
[  203.452926][   T26] audit: type=1326 audit(1729096967.349:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5165 comm="syz.2.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f953637dff9 code=0x7ffc0000
[  203.946604][ T5173] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  204.736815][ T5202] loop3: detected capacity change from 0 to 1024
[  204.792194][ T5202] hfsplus: extend alloc file! (8192,65536,366)
[  205.076006][ T4723] EXT4-fs (loop2): unmounting filesystem.
[  205.102597][ T5206] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns
[  206.349898][ T3687] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  206.494085][ T5218] loop0: detected capacity change from 0 to 256
[  206.605799][ T5218] FAT-fs (loop0): Directory bread(block 64) failed
[  206.637565][ T5218] FAT-fs (loop0): Directory bread(block 65) failed
[  206.644725][ T3687] usb 3-1: Using ep0 maxpacket: 32
[  206.665198][ T5218] FAT-fs (loop0): Directory bread(block 66) failed
[  206.685718][ T5218] FAT-fs (loop0): Directory bread(block 67) failed
[  206.729332][ T5218] FAT-fs (loop0): Directory bread(block 68) failed
[  206.749944][ T5218] FAT-fs (loop0): Directory bread(block 69) failed
[  206.756607][ T5218] FAT-fs (loop0): Directory bread(block 70) failed
[  206.763990][ T5218] FAT-fs (loop0): Directory bread(block 71) failed
[  206.772861][ T5218] FAT-fs (loop0): Directory bread(block 72) failed
[  206.814979][ T5218] FAT-fs (loop0): Directory bread(block 73) failed
[  207.512147][ T5218] syz.0.304: attempt to access beyond end of device
[  207.512147][ T5218] loop0: rw=0, sector=1160, nr_sectors = 4 limit=256
[  207.558628][ T3687] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  207.572153][ T3687] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  207.583455][ T3687] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  207.592557][ T3687] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.603871][ T3687] usb 3-1: config 0 descriptor??
[  207.620257][ T5212] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  207.641317][ T3687] hub 3-1:0.0: USB hub found
[  207.698603][ T5234] loop1: detected capacity change from 0 to 512
[  207.708196][ T5233] loop3: detected capacity change from 0 to 512
[  207.737667][ T5234] ext4: Bad value for 'min_batch_time'
[  207.819697][ T5233] __quota_error: 69 callbacks suppressed
[  207.819718][ T5233] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  207.838423][ T5233] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  207.850214][ T3687] hub 3-1:0.0: 2 ports detected
[  207.855219][ T5233] EXT4-fs error (device loop3): ext4_acquire_dquot:6800: comm syz.3.309: Failed to acquire dquot type 0
[  207.885160][ T5233] EXT4-fs (loop3): Remounting filesystem read-only
[  207.892255][ T5233] EXT4-fs (loop3): 1 orphan inode deleted
[  207.898167][ T5233] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  207.914098][ T5233] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038 (0x7fffffff)
[  207.966266][ T5244] loop0: detected capacity change from 0 to 1024
[  208.086052][ T5244] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  208.392118][ T5244] EXT4-fs error (device loop0): ext4_generic_delete_entry:2727: inode #2: block 16: comm syz.0.310: bad entry in directory: inode out of bounds - offset=0, inode=1538, rec_len=12, size=1024 fake=1
[  208.449424][ T5244] EXT4-fs error (device loop0) in ext4_delete_entry:2798: Corrupt filesystem
[  208.545595][ T5244] EXT4-fs warning (device loop0): ext4_rename_delete:3776: inode #2: comm syz.0.310: Deleting old file: nlink 1, error=-117
[  208.894077][ T3868] EXT4-fs (loop3): unmounting filesystem.
[  209.061066][ T5264] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  209.466525][ T3864] EXT4-fs (loop0): unmounting filesystem.
[  209.492943][ T5279] loop3: detected capacity change from 0 to 1024
[  209.528216][ T5281] loop1: detected capacity change from 0 to 1024
[  209.536532][ T5281] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.545463][ T5281] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  209.558658][ T5279] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.575151][ T5281] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c815e01c, mo2=0003]
[  209.595520][ T5279] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  209.607672][ T5279] EXT4-fs (loop3): Test dummy encryption mode enabled
[  209.619253][ T5281] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  209.644295][ T5279] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c815c01c, mo2=0003]
[  209.682703][ T5279] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  209.960970][ T4334] EXT4-fs (loop1): unmounting filesystem.
[  210.101815][ T5294] loop0: detected capacity change from 0 to 1024
[  210.180658][ T5279] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  210.385645][ T3687] usb 3-1: USB disconnect, device number 9
[  210.401904][ T5279] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[  210.606592][ T3868] EXT4-fs (loop3): unmounting filesystem.
[  210.932607][ T5304] hfsplus: extend alloc file! (8192,512,16777719)
[  212.415635][ T3655] Bluetooth: hci2: command 0x0406 tx timeout
[  212.420049][ T3654] Bluetooth: hci4: command 0x0406 tx timeout
[  212.421702][ T3657] Bluetooth: hci5: command 0x0406 tx timeout
[  212.918971][ T5326] loop3: detected capacity change from 0 to 1024
[  213.662669][ T4344] hfsplus: b-tree write err: -5, ino 4
[  214.579416][ T5337] No such timeout policy "syz1"
[  214.629551][ T5337] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  214.763896][ T5337] loop3: detected capacity change from 0 to 1024
[  214.913609][ T5347] /dev/loop0: Can't open blockdev
[  214.916723][ T5344] loop1: detected capacity change from 0 to 1024
[  214.978618][ T5344] EXT4-fs: Ignoring removed orlov option
[  215.010113][ T5344] EXT4-fs: Ignoring removed nomblk_io_submit option
[  215.086018][ T5344] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  215.120864][ T3696] hfsplus: b-tree write err: -5, ino 4
[  215.133601][ T4344] hfsplus: b-tree write err: -5, ino 8
[  215.299414][ T3868] hfsplus: bad catalog entry type
[  215.332529][ T3868] hfsplus: bad catalog entry type
[  215.795459][ T4334] EXT4-fs (loop1): unmounting filesystem.
[  217.711159][ T5373] loop2: detected capacity change from 0 to 1024
[  221.144434][   T26] audit: type=1800 audit(1729096985.729:149): pid=5371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.342" name="bus" dev="loop2" ino=25 res=0 errno=0
[  221.927480][ T5385] loop1: detected capacity change from 0 to 256
[  222.083370][ T5387] loop0: detected capacity change from 0 to 1024
[  222.268663][ T5385] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  222.583719][ T4479] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.704425][   T46] hfsplus: b-tree write err: -5, ino 4
[  222.864835][ T4479] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.172579][ T4479] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.360992][ T4479] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.447232][ T5401] loop2: detected capacity change from 0 to 512
[  223.505230][ T3732] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  223.546859][ T5401] loop2: detected capacity change from 0 to 512
[  223.579585][ T5401] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  223.628028][ T5401] EXT4-fs (loop2): invalid journal inode
[  223.645040][ T5401] EXT4-fs (loop2): can't get journal size
[  223.653555][ T3645] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  223.657381][ T5401] EXT4-fs (loop2): 1 truncate cleaned up
[  223.667004][ T3655] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  223.678658][ T3655] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  223.694993][ T5401] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  223.705115][ T3655] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  223.733871][   T26] audit: type=1800 audit(1729096988.319:150): pid=5401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.353" name="bus" dev="loop2" ino=18 res=0 errno=0
[  223.771755][ T3655] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  223.779934][ T3655] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  223.929816][   T26] audit: type=1804 audit(1729096988.339:151): pid=5401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.353" name="/newroot/9/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  224.003976][ T4723] EXT4-fs (loop2): unmounting filesystem.
[  224.186076][ T5416] loop1: detected capacity change from 0 to 1764
[  224.569953][ T5425] loop2: detected capacity change from 0 to 1024
[  224.758048][   T26] audit: type=1800 audit(1729096989.339:152): pid=5425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.355" name="bus" dev="loop2" ino=25 res=0 errno=0
[  224.844648][   T28] INFO: task syz.4.7:3752 blocked for more than 143 seconds.
[  225.264705][   T28]       Not tainted 6.1.112-syzkaller #0
[  225.270790][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  225.279895][   T28] task:syz.4.7         state:D stack:24448 pid:3752  ppid:3639   flags:0x00004004
[  225.296765][   T28] Call Trace:
[  225.306851][   T28]  <TASK>
[  225.316530][   T28]  __schedule+0x143f/0x4570
[  225.331955][   T28]  ? release_firmware_map_entry+0x186/0x186
[  225.352489][   T28]  ? blk_check_plugged+0x250/0x250
[  225.369265][   T28]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  225.389195][   T28]  ? blk_check_plugged+0x250/0x250
[  225.406708][   T28]  ? print_irqtrace_events+0x210/0x210
[  225.424574][   T28]  ? _raw_spin_lock_irq+0xdb/0x110
[  225.436427][   T28]  schedule+0xbf/0x180
[  225.446008][   T28]  io_schedule+0x88/0x100
[  225.472654][   T28]  folio_wait_bit_common+0x878/0x1290
[  225.504256][   T28]  ? folio_wait_bit+0x20/0x20
[  225.521694][   T28]  ? migration_entry_wait_on_locked+0x1160/0x1160
[  225.558729][   T28]  ? erofs_map_blocks+0x14d0/0x14d0
[  225.579328][   T28]  ? bio_add_page+0x3a4/0x750
[  225.607044][   T28]  z_erofs_runqueue+0x993/0x1ca0
[  225.637356][   T28]  ? z_erofs_do_read_page+0x3bd0/0x3bd0
[  225.668666][   T28]  ? __lock_acquire+0x1f80/0x1f80
[  225.677684][   T28]  ? z_erofs_pcluster_readmore+0x41a/0x450
[  225.698879][   T28]  z_erofs_readahead+0xc26/0x1030
[  225.706573][   T28]  ? z_erofs_read_folio+0x760/0x760
[  225.714571][   T28]  ? __lock_acquire+0x1f80/0x1f80
[  225.728338][   T28]  ? blk_start_plug+0x95/0x110
[  225.754925][   T28]  read_pages+0x17f/0x830
[  225.783703][   T28]  ? folio_add_lru+0x34d/0xd70
[  225.799941][ T3645] Bluetooth: hci3: command tx timeout
[  225.816990][   T28]  ? folio_add_lru+0x34d/0xd70
[  225.824861][   T28]  ? page_cache_ra_unbounded+0x7b0/0x7b0
[  225.831125][   T28]  ? __lock_acquire+0x125b/0x1f80
[  225.836462][   T28]  ? __filemap_add_folio+0x1ba0/0x1ba0
[  225.849228][   T28]  page_cache_ra_unbounded+0x68b/0x7b0
[  225.855406][   T28]  force_page_cache_ra+0x2a3/0x300
[  225.861173][   T28]  generic_fadvise+0x553/0x7b0
[  225.866221][   T28]  ? dump_task+0x620/0x620
[  225.871362][   T28]  ? __fget_files+0x28/0x4a0
[  225.876380][   T28]  ? __fdget+0x182/0x210
[  225.881347][   T28]  __x64_sys_fadvise64+0x138/0x180
[  225.886758][   T28]  do_syscall_64+0x3b/0xb0
[  225.891828][   T28]  ? clear_bhb_loop+0x45/0xa0
[  225.896770][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  225.904426][   T28] RIP: 0033:0x7fd073b7dff9
[  225.909195][   T28] RSP: 002b:00007fd07495e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd
[  225.918350][   T28] RAX: ffffffffffffffda RBX: 00007fd073d35f80 RCX: 00007fd073b7dff9
[  225.927957][   T28] RDX: 0000000000004101 RSI: 0000000000e0ffff RDI: 0000000000000004
[  225.936632][   T28] RBP: 00007fd073bf0296 R08: 0000000000000000 R09: 0000000000000000
[  225.945218][   T28] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  225.953770][   T28] R13: 0000000000000000 R14: 00007fd073d35f80 R15: 00007ffc41185508
[  225.962482][   T28]  </TASK>
[  226.012701][   T28] 
[  226.012701][   T28] Showing all locks held in the system:
[  226.058107][   T28] 1 lock held by rcu_tasks_kthre/12:
[  226.077288][   T28]  #0: ffffffff8d32b1d0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  226.090972][   T28] 1 lock held by rcu_tasks_trace/13:
[  226.097212][   T28]  #0: ffffffff8d32b9d0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  226.109205][   T28] 1 lock held by khungtaskd/28:
[  226.118948][   T28]  #0: ffffffff8d32b000 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  226.132687][   T28] 4 locks held by kworker/u4:4/56:
[  226.138669][   T28]  #0: ffff8880b8e3a9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xa8/0x140
[  226.152451][   T28]  #1: ffffc90001577d20 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  226.166167][   T28]  #2: ffff8880b8f28358 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x62d/0xee0
[  226.179867][   T28]  #3: ffff8880b8e3a9d8 (&rq->__lock){-.-.}-{2:2}, at: psi_task_switch+0x195/0x770
[  226.199823][   T28] 3 locks held by kworker/0:2/945:
[  226.206787][   T28]  #0: ffff88814b8d1938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  226.218652][   T28]  #1: ffffc9000455fd20 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  226.232883][   T28]  #2: ffffffff8e4fa7e8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x15/0x30
[  226.248978][   T28] 1 lock held by dhcpcd/3307:
[  226.254588][   T28]  #0: ffffffff8e4fa7e8 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2a5/0x1b20
[  226.267353][   T28] 2 locks held by getty/3394:
[  226.272172][   T28]  #0: ffff88814bc64098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  226.304490][   T28]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0
[  226.316721][   T28] 2 locks held by kworker/1:7/3686:
[  226.322101][   T28]  #0: ffff888017c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  226.336475][   T28]  #1: ffffc9000436fd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  226.350334][   T28] 1 lock held by kworker/u4:8/3730:
[  226.355581][   T28] 1 lock held by syz.4.7/3752:
[  226.364644][   T28]  #0: ffff888068c80338 (mapping.invalidate_lock#3){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xed/0x7b0
[  226.389021][   T28] 5 locks held by kworker/u4:17/4479:
[  226.395622][   T28]  #0: ffff888017e1e938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  226.406296][   T28]  #1: ffffc90004fafd20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  226.417115][   T28]  #2: ffffffff8e4ee490 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60
[  226.427822][   T28]  #3: ffffffff8e4fa7e8 (rtnl_mutex){+.+.}-{3:3}, at: ip6_tnl_exit_batch_net+0xc0/0x5e0
[  226.438588][   T28]  #4: ffffffff8d3305f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930
[  226.450021][   T28] 1 lock held by syz-executor/5403:
[  226.458144][   T28]  #0: ffffffff8e4fa7e8 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x465/0x2430
[  226.468039][   T28] 
[  226.481695][   T28] =============================================
[  226.481695][   T28] 
[  226.505545][   T28] NMI backtrace for cpu 0
[  226.509935][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.112-syzkaller #0
[  226.517859][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  226.527916][   T28] Call Trace:
[  226.531213][   T28]  <TASK>
[  226.534143][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  226.538852][   T28]  ? nf_tcp_handle_invalid+0x642/0x642
[  226.544378][   T28]  ? panic+0x764/0x764
[  226.548446][   T28]  ? vprintk_emit+0x622/0x740
[  226.553134][   T28]  ? printk_sprint+0x490/0x490
[  226.557911][   T28]  ? nmi_cpu_backtrace+0x252/0x560
[  226.563055][   T28]  nmi_cpu_backtrace+0x4e1/0x560
[  226.568007][   T28]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  226.574158][   T28]  ? _printk+0xd1/0x111
[  226.578327][   T28]  ? panic+0x764/0x764
[  226.582401][   T28]  ? __wake_up_klogd+0xcc/0x100
[  226.587261][   T28]  ? panic+0x764/0x764
[  226.591337][   T28]  ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0
[  226.597413][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  226.603492][   T28]  nmi_trigger_cpumask_backtrace+0x1ae/0x3f0
[  226.609503][   T28]  watchdog+0xf88/0xfd0
[  226.613715][   T28]  ? watchdog+0x1f8/0xfd0
[  226.618060][   T28]  kthread+0x28d/0x320
[  226.622141][   T28]  ? hungtask_pm_notify+0x50/0x50
[  226.627202][   T28]  ? kthread_blkcg+0xd0/0xd0
[  226.631801][   T28]  ret_from_fork+0x1f/0x30
[  226.636238][   T28]  </TASK>
[  226.639961][   T28] Sending NMI from CPU 0 to CPUs 1:
[  226.645652][    C1] NMI backtrace for cpu 1 skipped: idling at acpi_idle_do_entry+0x10f/0x340
[  226.672286][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  226.679377][   T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.112-syzkaller #0
[  226.687338][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  226.697412][   T28] Call Trace:
[  226.700690][   T28]  <TASK>
[  226.703644][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  226.708364][   T28]  ? nf_tcp_handle_invalid+0x642/0x642
[  226.713831][   T28]  ? panic+0x764/0x764
[  226.717900][   T28]  ? llist_add_batch+0x160/0x1d0
[  226.722849][   T28]  ? vscnprintf+0x59/0x80
[  226.727181][   T28]  panic+0x318/0x764
[  226.731082][   T28]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[  226.737232][   T28]  ? memcpy_page_flushcache+0xfc/0xfc
[  226.742622][   T28]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[  226.748795][   T28]  ? nmi_trigger_cpumask_backtrace+0x338/0x3f0
[  226.754950][   T28]  ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0
[  226.761120][   T28]  watchdog+0xfc7/0xfd0
[  226.765320][   T28]  ? watchdog+0x1f8/0xfd0
[  226.769690][   T28]  kthread+0x28d/0x320
[  226.773765][   T28]  ? hungtask_pm_notify+0x50/0x50
[  226.778794][   T28]  ? kthread_blkcg+0xd0/0xd0
[  226.783400][   T28]  ret_from_fork+0x1f/0x30
[  226.787847][   T28]  </TASK>
[  226.791191][   T28] Kernel Offset: disabled
[  226.795523][   T28] Rebooting in 86400 seconds..