last executing test programs:

12m35.62778269s ago: executing program 32 (id=142):
r0 = userfaultfd(0x80001)
r1 = socket(0x10, 0x803, 0x0)
write(r1, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d0a0b49ff708800008002280008020200ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_genetlink_get_family_id$batadv(&(0x7f0000002100), 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
syz_genetlink_get_family_id$nl80211(&(0x7f0000002140), r2)
read$FUSE(r2, &(0x7f0000000040)={0x2020}, 0x2020)

12m32.454548255s ago: executing program 3 (id=159):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000840)={[{@jqfmt_vfsv1}, {@nombcache}, {@barrier}, {@delalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@jqfmt_vfsv1}]}, 0xff, 0x577, &(0x7f0000000a40)="$eJzs3U9rHOUfAPDvbHb7//frFkpBDxLswUrtpk38U8FDPYoWC76AuiTbULLpluymNLFgerAXL1IEEQviC/DuwUPxDfgqClooUoIe9LAy2dl20+wmabJtUufzgdk8zzyzeeY7M8+TZ+bZsAHk1mj6Uoh4KSK+SiIO95QVIysc7Wy3/PDGZLok0W5/8kcSSbauu32S/TzYzRQjfvki4mRhVZXl9KW5sDhTrddrc9nKsdbs1bHmwuKpy7PV6dp06cr4xMTZtybG333n7aHF+vqFv779+O4HZ788vvzNj/eP3E7iXBzKynrj2Ial3sxojGbHpBTnntjwzBAq202Snd4BtmQka+elSPuAwzGStXrgv+/ziGgDOZVo/5BT3XFA995+SPfBL4wH73dugNbGX+w8G4l9K/dGB5aTVXdGSfdBxjaldfz0+53b6RLDew4BsKGlmxFxulhc2/8lWf+3dac3sc2Tdej/4Pm5m45/3ug3/ik8Gv9En/HPwT5tdys2bv+F+0OoZqB0/Pde3/FvNmlVjvJIlvtfxLlylJJLl+u1tG/7f0SciNLeNL/efM7Z5XvtQWW94790SevvjgWz/bhf3Lv6PVPVVnV7UT/24GbEy33Hv8mj85/0Of/p8biwyTqO1e68Mqhs4/ifrfYPEa/1Pf+PZ7SStfOTtZ75ybGV62Gse1Ws9eetY78Oqn/9+H8edrhrpOf/wPrxl5Pe+drm09fx/b6/a4PKtnr970naK2v3ZOuuV1utuTMRe5KPYs368cfv7ea726fxnzi+fv/X7/rfHxGfbjL+W0dvDdx0W9f/ECZd0/innur8P33i3oeffbf1+NPz/+ZK6kS2ZjP932Z3cDvHDgAAAAAAAHabQkQciqRQeZQuFCqVzuc7jsaBQr3RbJ281Hg1VsoiylEqdGe6D3fySffzD+We/PgT+YmIOBIRX4/sX8lXJhv1qZ0OHgAAAAAAAAAAAAAAAAAAAHaJgwP+/z/128hO7x3wzPnKb8ivDdv/ML7pCdiV/P2H/NL+Ib+0f8gv7R/yS/uH/NL+Ib+0f8gv7R8AAAAAAAAAAAAAAAAAAAAAAAAAAACG6sL58+nSXn54YzLNT11bmJ9pXDs1VWvOVGbnJyuTjbmrlelGY7peq0w2Zjf6ffVG4+qZ8Zi/PtaqNVtjzYXFi7ON+Suti5dnq9O1i7XSc4kKAAAAAAAAAAAAAAAAAAAAXizNhcWZar1em8tp4p92x/OsNOkc+qWdjn04ieLu2I1ViSRiKT3Eu2V/XsTEDndMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDj3wAAAP//+Tk3kQ==")
creat(&(0x7f0000000580)='./bus\x00', 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x10000}, 0x8010)
fanotify_init(0xf00, 0x1)
lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0xe01, 0x0)

12m31.999876231s ago: executing program 3 (id=162):
write(0xffffffffffffffff, &(0x7f0000000ac0)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba558805488be7ffe898732742070000cd4e409d80693315ee7752c9a346fe0000000a00020025969cdc4aa97078b4f2e538bab784192caea87a959f", 0x6f)
r0 = syz_open_procfs(0x0, &(0x7f0000000a80)='attr/fscreate\x00')
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wg2\x00'})
pread64(r0, &(0x7f0000000140)=""/15, 0xf, 0x4)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1100000000f336, 0x0)
syz_mount_image$iso9660(&(0x7f0000000fc0), &(0x7f0000000000)='./file1\x00', 0x8800, &(0x7f0000000d80)=ANY=[], 0x23, 0x7f3, &(0x7f0000001800)="$eJzs3U9oHOfZAPBnFMmWFfAX8n3kM8ZxxnZKbeoqu1KiVOSQbFYjeRJpV+yuik0pSYhtMJaTEBPS+NDEl6QtLaWnHtNcQy6FHgo9lPbQFgqF5tBLD4VATiWFFkpLCajM7K71x1pJTmQrTX8/Yb2z7z7zzjOzo3l21ruzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEUp+pVKrJwYhYOpsOVp9pNRe2uL8/3s/XNVssNyIp/sXoaBzqdh36v9W77yt+HY8j3VtHYrRoRuPa3ffd89j/Dg/1598ioU/q2A7jkog3iqQuPzcUcTsSuYO+87NbnuWfK8XvuayRt5v5Qm0uS/N2M52emqo8dGa2nc7m81n7XLuTLaT1VlbrNFvpyfqptDo9PZlm4+eaS425mdp81u989MsTlcpU+tT4YlZrtZuNh54ab9fP5PPzeWOujJmovBpFzKPFjvh03kk7WW0hTS9eWr4wuV2qRVB1Xc/+dY/XkQfv+fCVD/526UKxQw4aJOntmBPV6sREdeqR6UcerVSGJyoT6zsqG8SNiBiKKCJuy07LZ92B1YPE7h284VMa6tb/iPnIoxFLcTbSSGOo/L36MxKjMROtaMZCcfsPIxvuv6n+f+Ghv/xuq+WW9futoqiP3qjyh1bvPhxl/T/avXV0QP0vDsob89jZz4FbnePKbyPe62aztv9qvBbX4nI8F8uxHBfi5U+Yzx37Gdph3Gj/kdg6bi6yaEQe7WhGHgtRK3vSXk8a0zEVU1GJZ+JMzEY70piNPOYji3aci3Z0Iiv3qHq0IotadKIZrUjjZNTjVKRRjemYjslII4vxOBfNWIpGzMVM1MpRLsalcrtPbsjrvm8+m7zx+w/fLqZvBFW3WJGkeDJXBP11Xff6/aRXzB+IHdX/A70tuD4iiXR4j2sRu6r/p7LT+F04asPuWCnr//BepwEAAADcRkn56nsSESNxfzk1m89nX9vrtAAAAIBdVL6v+UjRjBRT90dSnP9XNol8/47nBgAAAOyOpPyMXRIRY/FAd6r/canNXgQAAAAA/gOV//9/tGjGIl4vO5z/AwAAwOfMtwZdY/+Dfb1r7LcX9yd39aIXzz6YXKkVU7Urvb5e89UbI3ZmDycHe4OUzdTwtbuTiBiuZ0eS/tUvP97fbT8qRzi8egHCQdf6T1qtkeT64ARi6wTKW/HdONaNOXa+257v39NdythsPp+N15vzj1WT3osjnVdeuPSNiGLp324sHEzi4qXlC+PPv7h8vszlejHK9Su9y8Mnt5DLSm8LxP2br/FI+UGM3nLHusutrF3/oe7sQ1svM1m7zDfjeDfm+Fi3HVu//qPFMqvjj1WjVjs41MnOdl5ZWbP2vSyqn3LN34wT3ZgTJ090m02ymFiXxQs3ZzGxNoudbYstsyj0s3j72Otn//6rZpJNbpfF5KfMAmCvXCyv+rNahQ6UVehfK11F/d9Qd/tXNd/0KPfFn/SOoRuOchdXn2X0519T64Zjd6r7m3GyDPnFye7zieHD6+rKE2VdqWxyRH/p0ku/7h3RH373hz/6+tHf/Hi1um04Rj/RfVYwOIt341Q3stfEvb+8qboVQ1TLLfu9DVX1nWKOdwZW1fb8RDISESv/c+Pu8nGKiInJqcrDlcojEzFSPlXoNYMz3b/zvQSAz5ttv2NnB9/C8/DmZ9XRr3j33nhLwXg8Hy/GcpyP0+WnDSLigc1HHVvzNoTT25y1jq35hpfT25xbrsZObIzdfyKJAbGTa7bY//+gbP5x+x4TALjdjm9Th3dS/0/3zrtj8/PuDbX8VPeLc/tnxzG4lm/mK7d7gwDAf4Gs9VEy1nkrabXyxWeq09PVWudMlraa9afTVj4zl6V5o5O16mdqjbksXWw1O816/wXxmaydtpcWF5sfd9LZZitdbLbzs+U3v6e9r35vZwu1xqtRby/OZ7V2ltabjU6t3kln8nY9XVx6cj5vn8la5cztxayez+b1WidvNtJ2c6lVz8bTtJ1lawLzmazRyWfzYrKRLrbyhVrrekTMLy1k6UzWrrfyxU6zO2B/WXljttlaqA1Y/T/fwU0NAJ8ZV1+7dvm55eULL6+fWEk29mw+8ccdxFyNWNnr1QQA1lhbpQEAAAAAAAAAAAAAgM+mmz+uV/Ru+5G+tRMjcQvBGyb2xyeZ6/M78aX3ug/Lbgy4yTj7tpzrrtWeA+se0329nWXvt88tTzz7+OOXB8U8+fqhM3/KIrYfZ/O/lKt337T3xlsHI/b99Pvdnifu1Jq+H921iOFbmn0l2SJmzw5JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDQvwMAAP//wexOyQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000c80)={'nat\x00', 0x0, 0x3, 0x0, [0xffffffff, 0x908, 0x3, 0x3, 0x7f, 0xffffffffffffffff], 0x3, &(0x7f0000000080)=[{}, {}, {}], 0x0}, &(0x7f0000000100)=0x78)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000680))
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a40)='./file1\x00', 0x1a0402, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r4, 0xc400941b, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f00000002c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f0000000b00)=ANY=[@ANYRES8=0x0, @ANYBLOB="b3192d5f89adc5f43cdc3bf2954d5abb7f7eb75dad85e24810b86a0590046404f6f1bf9df7088d01eb2417b4884c798fa45d1dbc1980c1006758e827ee8f0739699df2bb81806f1e6fc01ae854c7a69ad4ab66b55361a5a08f049081d84d", @ANYBLOB=',barrier,nls=iso8859-15,uid=', @ANYRESHEX=0x0, @ANYRES32=0x0], 0x20, 0x717, &(0x7f0000000340)="$eJzs3U1sHFcdAPD/7K433lRytyFJA0KKaURUGkgcryqChERACOVQQQSXXpfEaaysncp2kBMhsgUK3MoJ5dBDOZhDT4gDUhEHRLkhISFxzz0SB05EHFg0szPrXdtr7zr+avj9pNl5M/Pe/735z8d+JNYE8H/r2psx0Y4krl14YzVdfrzWaD1eaywU5Yg4FhGliEp3FsliRPJxxNXoTvHpdGUeLhnWz+tPPnr//KMPG92lSj5l9UvbtVvX2aaHdj7FdESU8/mYKsPi3dgi3sOxQie9cacJO1ckDg5bZ5P2OM1HuG6Bo+5hRHlii/X1iOMRMZl/Doj87lA64OHtubHucgAAAHA0lXeq8OLTeBqrMXUwwwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDnQ9J9ZmCST6WiPB1J/vz/7+TVMtXq4Q53B1/cYfu7tw5oIAAAAAAAAACw9ybWi2efxtNYjaliuZNk/+b/SrZwMnt9Ie7FcszFUlyM1WjGSqzEUlyOmJjqi1ldba6sLF3e3PJXkbbsdDoP85azEVHf1HJ2n/cZAAAAAAAAAJ5vP45rMXXYgwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH5JRLk7y6aTRbkepUpETEZENa3XjvhjUT4K6rts96c9HgcAAAAcQbV8PpX8t1voJNl3/tPZ9/7JuBeLsRLzsRKtmIub2W8B3W/9pb+3G63Ha42FdNoc+Ov/zKJ1RhxHFjEiyvHOkJ5nshqnei2uxbfie3EhpuN6LMV8/CCasRJzMR21dCeiGUnUa91fL+rFOAfHW85DXR0YyvWNYzu7YflMNpJa3Ir5bGwX40a1iFbKaiRxpq+331cjNmTonTQ7yddyI+boZt/x+mX+u0yu8+KIMfZHPdvziV5GZtLc59l4aevcF7rnya57uhyl3m9QJ9d7SRc39lTk/Pvj5Px4Pk9z/bPBnO+1MX9K25iJ2SjlZ1/E6cGcv/35RycGG3/hH3++fru0eOf2reUL+7hL43j1u3P3hmyqbLl2oihszESjLxMvb3/25ZlopZloj5CJ2pD1kzu2PBDVPBvdG9tod8tvZqVmvNJ3Ct5dTF+/HDNxOa7ETHwlZqMxcIadGshrpbGwfjiiuNZKm+9vw/KXOvdqX6Wf71B5PwzvL83LS3157b/T1bNt+Zqr78VMX5ZO9Gfpc5vC7uZdoPKZvJD28ZPeO85RMJCJ/N5cjK54gxpyHf46+5yw3Fq8s3S7WR6xv/P5PL1s393fe/OY0vPlRO/GleWkVpwv6bZP9UY7mK9q/i8u3XalTdtO9bbVYyrm49txN27G3KYrtRv79JaRZrNIL2+5rZFtO9O3beBTTtyNVvYpZIPpg8gpAGM4/trxau1J7W+1D2o/rd2uvTH5jWNXjn22GhN/qfyh/NvSb0pfTV6LD+JHMXXYIwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOfB8v0Hd5qt1tzSsxa2CVjdZV9R2rHO2gujBYx6xPZ9JXmhuifZ2MvCL/IHI+1d5H9NbpuNWuzT7vxu+72oPnMXSSTtfT4o6ZF4cKc5+czXTvHgtGxNp7xjq79eiuiuqUSn03nY27TxUFZieXLYETy2Xjnqd5qt/3QG6tSi75LZxtZP5gM+WS6tLLx9afn+gy/NLzTfmntrbnH2SvEcvlvzrbmZS9nrIQ8S2BfL9x+M+txNAAAAAAAAAAAA4IjI//f/ylIpLSTj/1VDZYc61fU/DRp09qB3FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiEuvZmTLQjicszF2fS5cdrjVY6FeX1mpWIKEVE8sOI5OOIq9Gdot4XLhnWz+tPPnr//KMPG+uxKkX90nbtRtPOp5iOiHI+39mxiH+/tyHM5ng3+uK1dzW8pLeHacLOFYmDw/a/AAAA///laOwx")

12m30.915902445s ago: executing program 3 (id=164):
r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}]}, 0x0, 0x486, &(0x7f0000000780)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag8eVBREKgp6qHiKybaEbhtJothSbCpSL4IU9CweRf8Cb6KIehK86sWTFIr20tZTZGZn8rLNprbZZGLz+cBmn2fn2Z3vd+ftmefZBLBh9WV/kohtEfFrRPQ0qosb9DWerl4+M3rt8pnRJGZnX/0zydtduXxmtGxavm9rUelPI9IPkmIli02dOn18pF6vTRb1wekTbw1OnTr92DsnRo7VjtVODh86dPDA0JNPDD/eljyzvK7seW9i7+4XXr/w0uiRC2/++FUW77Zi+cI82qUvS/yv2VzzsofbvbKKbV9QTjorDISb0hER2ebqyo//nuiI+Y3XE8+/X2lwwKrKrk2bWi+emQVuY0lUHQFQjfJCn93/lo816nqsC5eeadwAZXlfLR6NJZ2RFm26mu5v26kvIo7M/P1Z9ohVGocAAFjoo9FPD3dHzPZc+/LFrO/RM7ckjbvy59/zvzuKOZTeiPh/ROyMiDsiYldE3BmRt707Iu5ZYTzX93/Siyv8yGVl/b+nirmtxf2/svcXvR1FbXuef1dydLxe2198J/3RtSmrDy2zjm+e++XjVssW9v+yR7b+si9YxHGxs2mAbmxkeiTvlLbBpXMRezqXyj+ZmwlIImJ3ROy5uY/eURbGH/lib6tGN85/GW2YZ5r9PEtvJst/JpryLyUL5yfHr5ufHNwc9dr+wXKvuN5PP59/pdX6V5R/G1yqNZ4XbP/mJr3J/JdRm5y6+XWc/+3Dlvc0t7j/p93Ja/k8c3fx2rsj09OTQxHdyeG8vuj14fn3lvWyfbb/9+9b+vjfWbwnS/7eiMh24vsi4v6nIx4oYn8wIh6KiH3L5P/Ds62XlflHWtH2PxcxtuT5b27/z7b//Hz9LRQ6jn//dav1/7vtfzAv9Rev5Oe/G1gqnOx00RzgSr47AAAA+K9I89/AJ+nAXDlNBwYav+HfFf9L6xNT048enXj75Fjjt/K90ZWWI109xXhofbxeG0pmik9sjI8OF2PF5XjpgWLc+JOOLXl9YHSiPlZx7rDRbW1x/Gf+6Kg6OmCVbVny1eHuNQ8EqEDzPHq6uHr25XAygNuV/9eGjesGx3+6VnEAa+9Wr/9vtDkOYO0tdfyfbaqbC4Dbk/t/2Lgc/7BBpd9WHQFQIdd/2JBW8n/9q1jYPDn13fqOcBUL6zrliLKQrot4FFapUPGJCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoE3+CQAA//8ry+RJ")
r1 = openat(r0, &(0x7f0000000680)='./file0\x00', 0x59b981, 0x2c)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8, 0x0, 0xfffffffe, 0xe4c, 0xf2})

12m29.740504153s ago: executing program 3 (id=167):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x10a78c0, 0x0)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000680)={[{@debug}, {@stripe={'stripe', 0x3d, 0x61}}, {@grpid}, {@test_dummy_encryption_v1}, {@nodiscard}, {@data_err_ignore}, {@acl}, {@journal_ioprio}, {@resuid}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")

12m28.683953144s ago: executing program 3 (id=168):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/vlan/vlan1\x00')
r1 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r1, 0x8983, &(0x7f0000000000)={0x1, 'vlan1\x00', {}, 0x5832})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x1ff, 0x3)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000cab000))
setuid(0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000001940)='./file0\x00', &(0x7f0000001980), 0x100)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000001a40))
newfstatat(0xffffffffffffff9c, &(0x7f0000001b00)='./file0\x00', 0x0, 0x0)
fstat(r0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, 0x0)
socket(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800, 0x2}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, &(0x7f00000013c0)={0x0, 0x3938700}, 0x0)

12m27.003149252s ago: executing program 3 (id=174):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000300)={0x2, 0x0, [{0x1, 0x2, 0x6, 0xfff, 0x4}, {0xa, 0x40008, 0x313f014d, 0x19c, 0x2}]})

12m25.730964466s ago: executing program 33 (id=174):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000300)={0x2, 0x0, [{0x1, 0x2, 0x6, 0xfff, 0x4}, {0xa, 0x40008, 0x313f014d, 0x19c, 0x2}]})

8m36.384837041s ago: executing program 6 (id=879):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)={0x14, r1, 0x101, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x100000c0}, 0x84)

8m35.459611295s ago: executing program 6 (id=883):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, 0x0)

8m34.659519631s ago: executing program 6 (id=884):
socket$inet_icmp(0x2, 0x2, 0x1)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000200), &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r4, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd_index=0x7fffffd, 0x2, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0)

8m33.894006066s ago: executing program 6 (id=888):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000840)='./bus\x00', 0x10, &(0x7f0000000540), 0x1, 0x7cc, &(0x7f00000022c0)="$eJzs3ctrW1caAPDvyvJjnGTsgYFJZmUYmDGEyOOMJ5mBLlK6KIUGAu26iZEVk1q2giWH2BjSUArdFNrQRaHdZJ226a7bPrbtv9BuSikJaeuEJnRRXK4esRxLjpzYchP/fnCtc+7D53z3ce6R7kEKYM8aSf9kIg5FxNtJxFB9fhIRvdVUNuJEbb27K8v5dEpidfWln5LqOndWlvPRtE0MDsa+euZgRHzxRsThzMZyy4tLM5PFYmG+nh+rzJ4fKy8uHTk3OzldmC7MHRufmDh6/L/H+7cv1l++Xtp/853n//XxiV9f/9v1t75M4kTsry9rjmO7jMRIbZ9Eb7oL13luuwvbZcluV4BHkl6aPbWrPA7FUDb6Ot82u5MVAwB2zKWIWAUA9pjE/R8A9pjG5wB3Vpbz6bR6aXc/j+i2W89GxEAt/sbzzdqSbP2Z3UD1OejgnWTd844kIoa3ofyRiPjg01c+TKfYoeeQAK28djkizgyPNNr/tfYn2TBmoabzARn/biQ2GRww8kBe+wfd81na//nfWv9v7frL3O//RIv+T3+La/dRjMT6EScbr//MjW0opq20//dM79rYtrtN8dcN99RzB6p9vt7k7LliIW3b/hwRo9Hbn+bHNylj9PZvt9fNaIq4uf/385VXr6Xlp69ra2RuZB9ocqcmK5OPG3fDrcsRf8+2ij+5f/yTNv3fUx2W8cL/33y/3bI0/jTexrQ+/p0fVbZ6NeKf0Tr+hmSz8YnHxqqnw1jjpGjhk+/eG2xXfvPxT6e0/Np7gQPbH2wL6fEf3Dz+4aR5vGZ562V8dXXo83bL2sff0Pr870terqYbl9LFyUplfjyiL3lx4/yja9s28o310/hH/9H6+t/s/E/fE57pMP7szR8/emj8jRkb4q8b6LCwLUrjn9rS8d964vrdmZ525Xd2/CfSRM9ofU4n7d9m9eprWueRdxwAAAAAAAAAAAAAAAAAAAAAAAAAbEEmIvZHksndT2cyuVxUf8P7rzGYKZbKlcNnSwtzU1H9rezh6M00vupyqOn7UMfr34ffyB99IP+fiPhLRLzb/6dqPpcvFad2O3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqNvX5vf/Uz/0117v7WoNAYAdMfDQNW4XulIRAKBrHn7/j4j+na8HANA9Hd3/AYCnivs/AOw97v8AsPcMRGR3uw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA81U6dPJlOq/dWlvNpfurC4sJM6cKRqUJ5Jje7kM/lS/Pnc9Ol0nSxkMuXZps2/abV/yuWSucnYm7h4lilUK6MlReXTs+WFuYqp8/NTk4XThd6uxYZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHSuvLg0M1ksFubriWuDEevndCnRU69QVwt9IhOrQ7U99Uepz84nvj/y7cHN1rmy4TSWeOzEbrZKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+O3wMAAP//mc0dAw==")
r0 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
write$P9_RREADLINK(r0, &(0x7f0000000040)={0xe, 0x17, 0x1, {0x5, './bus'}}, 0xe)

8m33.064451244s ago: executing program 6 (id=893):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000100)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@barrier_val={'barrier', 0x3d, 0xde2}}]}, 0xfd, 0x269, &(0x7f0000000a00)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEkpvTXssvYReWgo9pW0O6aXQhh4aemgPW3Znt2ySDW33b9n5fGCYmbz35r0J832zLMxsAJk1GRGzEZGPiKmIKEZE0lrh7XSZbOxulLYXI6rVL+4m9XrpfqrZbiIiKhHxUUShWba29c3e/Z3P3vtjtfju/1tflwZ1fq3293Y/P/h3/vczcx+uXb56ez6J2Sg3ylrPo5eSNn8rJBGv9KOz50RSGPYIeBoLv56+Vsv9qxHxTj3/xcg1IvvnygsXivHBPye1/evOldcHOVag96rVYu0eWKkCmZOLiHIkuemISLdzuenp9DP89fx47qfllV+mflxeXfph2DMV0CvlSHY/PTd2duJI/m/l0/wDo6scsfvlwuaN2vZBftijAfqm9dv2N9JVLf9T362/H/IPmSP/kF3yD9kl/zACOsyu/EN2dZP/F/s0JmAw3P9hhBWbG5W2xfIP2SX/MKL+a/fU6WHyD9nVmn8AIFuqY8N+AhkYlmHPPwAAAAAAAAAAAAAAAAAAwHEbpe3F5jKoPi/+HbH/SUQU2vWfr/8ecfNt4+P3klq1x5K0WVe+favLA3TpVM+evi511Oqlm73qvzOX3uzPcX87vHviP2d9KaJSqzxTKBy//pLG9de5l59QXvy+yw6e0dG3An781WD7P+rh5nD7n9uJOF+bf2bazT+5eK2+bj//lFtfsdyhnx90eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG5lEAAAD//4oibec=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000380)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x40000000, 0x3a, 'e{rjqUota=', 0x3a, 'j\xe9\x8eK]\xe9\xcet\xca\xd1h&\xd4?\x16\x1a\xe3\x15\x14;\x86\xdc9\nk\xcc\x1f\x0f\x8aC^\xc0\x83&b:\x15\xfa8\xdf\x81l\x84-OM\xe5\xec\xc8\x11\x00\x9f\x88Q\xf8O\xf3\xae\xf8\x05\x14\xc4\xb1\xdcct\xb7\x841\x1fcG\r\xb7\x99\xcb=\x9d\xa6\xd4\xa2\xd6\xd9\xa9\x92\x17\x1b\x84\xda|<\xc1jv\xaey\x8e', 0x3a, './file2'}, 0x92)
socket$nl_route(0x10, 0x3, 0x0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, 0x1)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1844033, 0x0, 0x3, 0x0, &(0x7f0000000000))
link(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
fchdir(r1)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
r2 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000001a40)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x1fd2, 0x6007, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x8, 0x80, 0x8, [{{0x9, 0x4, 0x0, 0x1, 0x1, 0x3, 0x1, 0x2, 0x2, {0x9, 0x21, 0x1, 0x9, 0x1, {0x22, 0xc2f}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0xa0, 0x8, 0x7}}}}}]}}]}}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000002380)={0x2, 0x4e24, @local}, 0x10)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x8000c61)

8m32.955083631s ago: executing program 4 (id=895):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
shmat(0x0, &(0x7f0000000000/0x2000)=nil, 0x5000)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})

8m32.704880995s ago: executing program 6 (id=896):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000009c0)="ed1436f94b6bb9e63475219d606ec4e83de206756b0de2b5d31e07e5f590b7e28e2b9e1a948a308213c52eb9658567a96fa82fd7ed0844aca500cb61361797cb09cd5b6d2e68bc06442fcbdcf53b77278675dd6b0cd3739f4220b00e4f8e5e3aebc3e70fe722a46b3581275356c6937e110e2a7a9c72b1210dd63bee91296d0bc7b0fb6be2", 0x85}], 0x1}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000300)="cc5a4dbac0ae0010000000000000d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662d", 0x56}, {&(0x7f0000000a80)="ddad5578b806b57a1fb3db45b94f400f90cfe65af411a009366a96e6afb01c69a0f5eb21d27b0fc3767336311d4a890c48b4999ded7966d6cae5d010df2f961ed7bb0ecb5d355dc645ca55b9c8e91b4d84fbef2e22f3d42e3750c660798859338d2914db8a729fd710f97aea17edd0674bd72d8485c2f98feb726871d1bda7b2e1c6bed7f4a8d6acba440c41bf4953c12639b62c6acfdc58ce57254cbfa234c3e0f4219c97e1781dd21066a6c19bc79911831c41d6fcc0aa66ce3d6a58485052254608dd4f0323358fee252f88ec3b08dcf96de48012df9b5d8d98977b44", 0xde}, {&(0x7f0000000140)="654f25cb7f6059bc6d1fe973dcbf256511f27ea9d285bdba36f54af70215ed7643aa83528a8d20ae94b3936ab028bb287436649e45c8acd9994548258bb8786b8224f55b8fb0a0f8388f73306726f2dacb80", 0x52}, {&(0x7f0000000640)="44ad9575ab50841bc63827ce482dd286d74a1991e8e36c12404e9586197941a12f6928acb5494c9cc5f9d238d60dc861dfbb025bed4c40f86d", 0x39}, {&(0x7f0000000800)="8a0c913f0d97e8fe44e28a2e1d14e522344adad3e763c55140a49245b874b3b87a9ba11c0ca33337d5ed723e4ce29aa36aa295bd70cdd3c48c488e032b5bc2c204f4a51756e0c9204b52711040803ea2130871876b86464295374358d2", 0x5d}], 0x5}}], 0x2, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

8m32.704633945s ago: executing program 4 (id=897):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f00000000c0)=<r1=>0x0)
timer_settime(r1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x1, &(0x7f0000000180)=0x5, 0x4)

8m31.787528229s ago: executing program 34 (id=896):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000009c0)="ed1436f94b6bb9e63475219d606ec4e83de206756b0de2b5d31e07e5f590b7e28e2b9e1a948a308213c52eb9658567a96fa82fd7ed0844aca500cb61361797cb09cd5b6d2e68bc06442fcbdcf53b77278675dd6b0cd3739f4220b00e4f8e5e3aebc3e70fe722a46b3581275356c6937e110e2a7a9c72b1210dd63bee91296d0bc7b0fb6be2", 0x85}], 0x1}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000300)="cc5a4dbac0ae0010000000000000d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662d", 0x56}, {&(0x7f0000000a80)="ddad5578b806b57a1fb3db45b94f400f90cfe65af411a009366a96e6afb01c69a0f5eb21d27b0fc3767336311d4a890c48b4999ded7966d6cae5d010df2f961ed7bb0ecb5d355dc645ca55b9c8e91b4d84fbef2e22f3d42e3750c660798859338d2914db8a729fd710f97aea17edd0674bd72d8485c2f98feb726871d1bda7b2e1c6bed7f4a8d6acba440c41bf4953c12639b62c6acfdc58ce57254cbfa234c3e0f4219c97e1781dd21066a6c19bc79911831c41d6fcc0aa66ce3d6a58485052254608dd4f0323358fee252f88ec3b08dcf96de48012df9b5d8d98977b44", 0xde}, {&(0x7f0000000140)="654f25cb7f6059bc6d1fe973dcbf256511f27ea9d285bdba36f54af70215ed7643aa83528a8d20ae94b3936ab028bb287436649e45c8acd9994548258bb8786b8224f55b8fb0a0f8388f73306726f2dacb80", 0x52}, {&(0x7f0000000640)="44ad9575ab50841bc63827ce482dd286d74a1991e8e36c12404e9586197941a12f6928acb5494c9cc5f9d238d60dc861dfbb025bed4c40f86d", 0x39}, {&(0x7f0000000800)="8a0c913f0d97e8fe44e28a2e1d14e522344adad3e763c55140a49245b874b3b87a9ba11c0ca33337d5ed723e4ce29aa36aa295bd70cdd3c48c488e032b5bc2c204f4a51756e0c9204b52711040803ea2130871876b86464295374358d2", 0x5d}], 0x5}}], 0x2, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

8m31.698908764s ago: executing program 4 (id=902):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$MPTCP_PM_CMD_REMOVE(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x4)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x7ffffffc, 0xfff}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write(r4, &(0x7f0000000240)="14000000140005b7ffccca38b9000000060860eb", 0x14)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = syz_open_dev$vim2m(&(0x7f0000000280), 0x7fffffffffffffff, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000000)={0x980914, 0x8})
r7 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'sit0\x00', <r8=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r8})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000001d80)={0x0, @in6={{0xa, 0x4e23, 0x6, @empty, 0x6}}, 0x7f, 0x2, 0x0, 0x5, 0xe6eedc45313651a9, 0x94, 0x1}, 0x9c)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r5, 0x84, 0x79, &(0x7f00000001c0)={0x0, 0x4, 0x7}, 0x8)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)

8m30.690820302s ago: executing program 4 (id=905):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f00000002c0)={[{@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@norecovery}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1fd)
creat(&(0x7f0000000380)='./bus\x00', 0x186)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x2040, 0xe8)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x3fd, 0x0, 0x0, 0x1, 0x19, "e735af413bb901277fe4d0ce5d299db7aac63a0100000000d445f320710e9caa84a0ea00004121000000ef001d0000200000dcfbe6a300", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000f8ff00000000f0fffffffff2ff00", [0x4]})
read$FUSE(r0, &(0x7f0000000f80)={0x2020}, 0x2020)

8m29.918410777s ago: executing program 4 (id=909):
r0 = socket$inet6(0x10, 0x3, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendto$inet6(r0, 0x0, 0x0, 0x800, 0x0, 0x0)
r1 = socket(0x18, 0x4, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(0xffffffffffffffff, 0xf502, 0x0)
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x6, @local, 'veth1\x00'}}, 0x1e)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd71, 0xffffffffffffffff}, 0x78)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000340)="307fb885873cb8afa00a8bb4836b8f0e05670a967d", 0x15}], 0x1)

8m28.84750247s ago: executing program 4 (id=913):
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000240)=<r0=>0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./file1\x00', 0x3000046, &(0x7f0000000280)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@delalloc}, {@noquota}, {@mblk_io_submit}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@grpquota}, {@block_validity}, {@nombcache}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@sb={'sb', 0x3d, 0x2}}], [{@euid_gt={'euid>', r0}}, {@fowner_lt}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@dont_appraise}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r2, 0x12, 0x2, 0x0, &(0x7f0000000cc0))

8m28.377406327s ago: executing program 35 (id=913):
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000240)=<r0=>0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./file1\x00', 0x3000046, &(0x7f0000000280)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@delalloc}, {@noquota}, {@mblk_io_submit}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@grpquota}, {@block_validity}, {@nombcache}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@sb={'sb', 0x3d, 0x2}}], [{@euid_gt={'euid>', r0}}, {@fowner_lt}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@dont_appraise}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r2, 0x12, 0x2, 0x0, &(0x7f0000000cc0))

8m7.987059345s ago: executing program 5 (id=979):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect$hid(0x3, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x54c, 0x3d5, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x60, 0x2, [{{0x9, 0x4, 0x0, 0x1, 0x7, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x36, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xc, 0x6, 0xd}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x81, 0x8, 0x80}}]}}}]}}]}}, 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009"], 0x0)
syz_usb_disconnect(r1)
r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0xe, 0x5, {0x5, 0x1, "a7ea31"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000000), 0x64, 0x100)

8m6.432925545s ago: executing program 5 (id=984):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1e7, &(0x7f0000000200)="$eJzs201u00AYxvHHcZyUUiifG1ZILGBDAoUNO3oALsCuak1V4QIibFohIa7Bjpv0JlyglWDHCqOZuJEdJs7YwflQ/j+pzavYj99JlLE9CwvA2rph/wcKFNkqTdMv9yW9fiWp/e/+V+c9QACNSfUnBbCuwp+LHgGAxbjYDe19wFkg/fj1ef88+4s87x8udlvDYkNSLt/xzX8N7Ou9tnSey3ezQ069f/k+zD9UMX+lYv/NsfzmlFwwyg8//6MHxbxZJ21JuibpuqRtSeabvinplqP/wVj/u57jB2Zhfn0910K/Sr5Xv7+ZPW+OkviJa2M4PR9l+afuzblTyJlzh06W3/Ec76T8s5r5bpbv7b9PDhzbWzWPC/ho2flf36zzP5R+p+Pz/6V/vl0+/wGUGJycvt1LkvjjwFxsbTF6Z1IR2aKbHaFsZ3N1zL2jkhZmMeLVnaL5YsOxKSr8WpouOv/tgCrbx1y+luEL9ywuZ23zvbaThZ2SAMxJ/9Pxh/7g5PTx0fHeYXwYv9t5/uJy2W3X5f2Jq3MAK654c+4jaHZAAAAAAAAAAAAAAACgstuS7tQJ+j7gBwAAAGBplD8G9K3iw0OR5HjcqqT91hw/KgAAAAAAAAAAAAAAAAAAALDy/gYAAP//R4hAiA==")
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xe7b, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)

7m53.173351857s ago: executing program 5 (id=1018):
creat(0x0, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6", 0x3)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

7m51.336064604s ago: executing program 5 (id=1024):
unshare(0x6a040000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)={0x2c, r1, 0x201, 0x70bd27, 0xfffffffc, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x240408c0}, 0x40040c0)

7m50.664885423s ago: executing program 5 (id=1026):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$evdev(&(0x7f0000000d80), 0xc000000000, 0x101140)
ioprio_set$uid(0x3, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
unshare(0x20000400)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r4, 0x5452, &(0x7f0000000300)=0x208)

7m49.69408271s ago: executing program 5 (id=1028):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1e7, &(0x7f0000000200)="$eJzs201u00AYxvHHcZyUUiifG1ZILGBDAoUNO3oALsCuak1V4QIibFohIa7Bjpv0JlyglWDHCqOZuJEdJs7YwflQ/j+pzavYj99JlLE9CwvA2rph/wcKFNkqTdMv9yW9fiWp/e/+V+c9QACNSfUnBbCuwp+LHgGAxbjYDe19wFkg/fj1ef88+4s87x8udlvDYkNSLt/xzX8N7Ou9tnSey3ezQ069f/k+zD9UMX+lYv/NsfzmlFwwyg8//6MHxbxZJ21JuibpuqRtSeabvinplqP/wVj/u57jB2Zhfn0910K/Sr5Xv7+ZPW+OkviJa2M4PR9l+afuzblTyJlzh06W3/Ec76T8s5r5bpbv7b9PDhzbWzWPC/ho2flf36zzP5R+p+Pz/6V/vl0+/wGUGJycvt1LkvjjwFxsbTF6Z1IR2aKbHaFsZ3N1zL2jkhZmMeLVnaL5YsOxKSr8WpouOv/tgCrbx1y+luEL9ywuZ23zvbaThZ2SAMxJ/9Pxh/7g5PTx0fHeYXwYv9t5/uJy2W3X5f2Jq3MAK654c+4jaHZAAAAAAAAAAAAAAACgstuS7tQJ+j7gBwAAAGBplD8G9K3iw0OR5HjcqqT91hw/KgAAAAAAAAAAAAAAAAAAALDy/gYAAP//R4hAiA==")
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xe7b, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)

7m34.520030013s ago: executing program 36 (id=1028):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1e7, &(0x7f0000000200)="$eJzs201u00AYxvHHcZyUUiifG1ZILGBDAoUNO3oALsCuak1V4QIibFohIa7Bjpv0JlyglWDHCqOZuJEdJs7YwflQ/j+pzavYj99JlLE9CwvA2rph/wcKFNkqTdMv9yW9fiWp/e/+V+c9QACNSfUnBbCuwp+LHgGAxbjYDe19wFkg/fj1ef88+4s87x8udlvDYkNSLt/xzX8N7Ou9tnSey3ezQ069f/k+zD9UMX+lYv/NsfzmlFwwyg8//6MHxbxZJ21JuibpuqRtSeabvinplqP/wVj/u57jB2Zhfn0910K/Sr5Xv7+ZPW+OkviJa2M4PR9l+afuzblTyJlzh06W3/Ec76T8s5r5bpbv7b9PDhzbWzWPC/ho2flf36zzP5R+p+Pz/6V/vl0+/wGUGJycvt1LkvjjwFxsbTF6Z1IR2aKbHaFsZ3N1zL2jkhZmMeLVnaL5YsOxKSr8WpouOv/tgCrbx1y+luEL9ywuZ23zvbaThZ2SAMxJ/9Pxh/7g5PTx0fHeYXwYv9t5/uJy2W3X5f2Jq3MAK654c+4jaHZAAAAAAAAAAAAAAACgstuS7tQJ+j7gBwAAAGBplD8G9K3iw0OR5HjcqqT91hw/KgAAAAAAAAAAAAAAAAAAALDy/gYAAP//R4hAiA==")
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xe7b, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)

4m50.656752135s ago: executing program 0 (id=1418):
creat(0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6", 0x3)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

4m49.661626823s ago: executing program 0 (id=1419):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x161281, 0x0)
write$binfmt_aout(r1, 0x0, 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d1100"})
gettid()
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
semget(0x3, 0x2, 0x39c)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x18d181)
sendmsg$nl_route(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c000000430001002dbd7000fbdbdf25220000000c000800fdff"], 0x5c}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)

4m48.290634683s ago: executing program 0 (id=1422):
syz_open_procfs(0x0, &(0x7f0000000140)='uid_map\x00')

4m40.994495498s ago: executing program 0 (id=1431):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000640)='/proc/key-users\x00', 0x0, 0x0)
syz_usb_connect(0x6, 0x24, &(0x7f00000001c0)=ANY=[@ANYRES16=r0], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040)={0x1})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x2, 0xff}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2a7, 0x2000000000003ff, 0x2], 0x0, 0x200306})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

4m38.472021094s ago: executing program 0 (id=1436):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="020a00000200000000000000000000002d760c587ab0553f836a504248ee"], 0x10}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, 0x25)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000180)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffbf00c}, {0x6}]}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed35", 0x732a}], 0x1}}], 0x400000000000292, 0x0)

4m37.057098887s ago: executing program 0 (id=1439):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@orlov}, {@data_err_ignore}, {@grpquota}, {@abort}, {@resgid}, {@bh}, {@nouid32}]}, 0x1, 0x56d, &(0x7f0000000880)="$eJzs3c9rXEUcAPDv22z6uzaFUlREAj1Yqd00iT8qeKhH0WJB73VJXkPJpluym9LEgu3BXrxIEUSsiHe9eyz+A/4VBS0UKUEPXiJv8zZNk9383Dap7/OBV2Z23mbed+fNdGZnlw2gsAazf0oRL0XE10nEkYhI8rJy5IWDi+fNP7oxlh1JLCx88lfSOi/Lt/9W+3kH88yLEfHblxGnSqvrbczOTVZrtXQ6zw81p64ONWbnTl+eqk6kE+mVkdHRs2+Njrz7ztubimfvGmWvX/jnu4/vfXD2qxPz3/7y4OidJM7FobxseRzbcHN5ZjAG89ekP86tOHG4B5XtJslOXwBb0pf38/7IxoAj0Zf3euD/74uIWAAKKtH/oaDa84D22r5H6+DnxsP3FxdAq+MvL743Evtaa6MD88kTK6NsvTvQg/qzOn798+6d7IjevQ8BsK6btyLiTLm8evxL8vFv685s4JyVdRj/4Nm5l81/3ug0/yktzX+iw/znYIe+uxXr9//Sgx5U01U2/3uv4/x3adNqoC/PHW7N+fqTS5draTa2vRARJ6N/b5Zfaz/n7Pz9hW5ly+d/2ZHV354L5tfxoLxiU2u82qxuJ+blHt6KeLnj/DdZav+kQ/tnr8eFDdZxPL37arey9eN/uhZ+initY/s/3tFK1t6fHGrdD0Ptu2K1v28f/71b/Tsdf9b+B9aOfyBZvl/b2HwdP+77N+1W9kT88UT8Pyye0fn+35N82krvyR+7Xm02p4cj9iQfrX585PFz2/n2+Vn8J0+sPf51uv/3R8RnG4z/9rGfX1kr/vY6fKfaf3xT7b/5xP0PP/++W/3r3P/lxfZ/s5U5mT+4kfFvoxe4zZcPAAAAAAAAdpVSRByKpFRZSpdKlcri5zuOxYFSrd5onrpUn7kyHq3vyg5Ef6m9031k2echhvPPw7bzIyvyoxFxNCK+6dvfylfG6rXxnQ4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/mjb6evDnjq/OQ3FNe6/b8Xv/QE7Er+/4fi0v+huPR/KC79H4pL/4fi0v+huPR/KC79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrqwvnz2bEw/+jGWJYfvzY7M1m/dno8bUxWpmbGKmP16auViXp9opZWxupT6/29Wr1+dXgkZq4PNdNGc6gxO3dxqj5zpXnx8lR1Ir2Y9j+TqAAAAAAAAAAAAAAAAAAAAOD50pidm6zWaun0NhJJbOvpRU8cjl1xGVtNlHfHZUj0OLHTIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPZfAAAA///wGTUB")
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file2\x00', 0x1000, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(0xffffffffffffffff, 0x101, 0x4000106b, r3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000300)={'#! ', '', [], 0xa, "f3"}, 0x5)
copy_file_range(r4, &(0x7f00000008c0)=0x4, 0xffffffffffffffff, 0x0, 0x8, 0x0)

4m21.628616445s ago: executing program 37 (id=1439):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@orlov}, {@data_err_ignore}, {@grpquota}, {@abort}, {@resgid}, {@bh}, {@nouid32}]}, 0x1, 0x56d, &(0x7f0000000880)="$eJzs3c9rXEUcAPDv22z6uzaFUlREAj1Yqd00iT8qeKhH0WJB73VJXkPJpluym9LEgu3BXrxIEUSsiHe9eyz+A/4VBS0UKUEPXiJv8zZNk9383Dap7/OBV2Z23mbed+fNdGZnlw2gsAazf0oRL0XE10nEkYhI8rJy5IWDi+fNP7oxlh1JLCx88lfSOi/Lt/9W+3kH88yLEfHblxGnSqvrbczOTVZrtXQ6zw81p64ONWbnTl+eqk6kE+mVkdHRs2+Njrz7ztubimfvGmWvX/jnu4/vfXD2qxPz3/7y4OidJM7FobxseRzbcHN5ZjAG89ekP86tOHG4B5XtJslOXwBb0pf38/7IxoAj0Zf3euD/74uIWAAKKtH/oaDa84D22r5H6+DnxsP3FxdAq+MvL743Evtaa6MD88kTK6NsvTvQg/qzOn798+6d7IjevQ8BsK6btyLiTLm8evxL8vFv685s4JyVdRj/4Nm5l81/3ug0/yktzX+iw/znYIe+uxXr9//Sgx5U01U2/3uv4/x3adNqoC/PHW7N+fqTS5draTa2vRARJ6N/b5Zfaz/n7Pz9hW5ly+d/2ZHV354L5tfxoLxiU2u82qxuJ+blHt6KeLnj/DdZav+kQ/tnr8eFDdZxPL37arey9eN/uhZ+initY/s/3tFK1t6fHGrdD0Ptu2K1v28f/71b/Tsdf9b+B9aOfyBZvl/b2HwdP+77N+1W9kT88UT8Pyye0fn+35N82krvyR+7Xm02p4cj9iQfrX585PFz2/n2+Vn8J0+sPf51uv/3R8RnG4z/9rGfX1kr/vY6fKfaf3xT7b/5xP0PP/++W/3r3P/lxfZ/s5U5mT+4kfFvoxe4zZcPAAAAAAAAdpVSRByKpFRZSpdKlcri5zuOxYFSrd5onrpUn7kyHq3vyg5Ef6m9031k2echhvPPw7bzIyvyoxFxNCK+6dvfylfG6rXxnQ4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/mjb6evDnjq/OQ3FNe6/b8Xv/QE7Er+/4fi0v+huPR/KC79H4pL/4fi0v+huPR/KC79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrqwvnz2bEw/+jGWJYfvzY7M1m/dno8bUxWpmbGKmP16auViXp9opZWxupT6/29Wr1+dXgkZq4PNdNGc6gxO3dxqj5zpXnx8lR1Ir2Y9j+TqAAAAAAAAAAAAAAAAAAAAOD50pidm6zWaun0NhJJbOvpRU8cjl1xGVtNlHfHZUj0OLHTIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPZfAAAA///wGTUB")
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file2\x00', 0x1000, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(0xffffffffffffffff, 0x101, 0x4000106b, r3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000300)={'#! ', '', [], 0xa, "f3"}, 0x5)
copy_file_range(r4, &(0x7f00000008c0)=0x4, 0xffffffffffffffff, 0x0, 0x8, 0x0)

28.642711374s ago: executing program 7 (id=1844):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)

20.456871102s ago: executing program 2 (id=1853):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x4008880)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={@private1, @dev={0xfe, 0x80, '\x00', 0x2a}, @loopback, 0x8, 0x3, 0x9, 0x400, 0x6, 0x208002a})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

20.456412742s ago: executing program 7 (id=1854):
r0 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x40010, r0, 0x6502b000)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
preadv(r1, 0x0, 0x0, 0xffffffbf, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x5, &(0x7f0000000040)=0x29)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$ARCH_SHSTK_LOCK(0x1e, r2, 0x2, 0x5003)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ptrace$PTRACE_GETSIGMASK(0x420a, r4, 0x8, &(0x7f0000000080))
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r6, 0xc0a85320, &(0x7f0000000440)={{0x80}, 'port1\x00', 0x72, 0x220000, 0xffffff4a, 0x8000008, 0x7, 0x2, 0x1, 0x0, 0x7cce8c743ee810df, 0xa5})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x40505330, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x40505330, 0x0)
close(0x3)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000d40)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x111, 0x4b4, 0xd0, 0xd4feffff, 0x1c8, 0x20a, 0x278, 0x1c8, 0x278, 0x3, 0x0, {[{{@ipv6={@private2, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6, 0x0, 0x0, 0x22}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x8}}]}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8)
ftruncate(r0, 0x51a9497)

18.996178207s ago: executing program 1 (id=1856):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000004c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}}, 0x0, 0x0, 0x0)
chmod(&(0x7f0000000180)='./file0\x00', 0x27d)

17.631959106s ago: executing program 7 (id=1857):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000488}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
r5 = fanotify_init(0xf00, 0x2)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
fanotify_mark(r5, 0x105, 0x8971, r4, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3c, &(0x7f0000000100)=0x2, 0x4)
rename(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file1\x00')
prlimit64(r1, 0x0, 0x0, 0x0)
linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x1000)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000000c0))

15.964900743s ago: executing program 8 (id=1860):
openat$rtc(0xffffffffffffff9c, &(0x7f0000001740), 0x80000, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$poke(0x4, r0, &(0x7f00000011c0), 0xfffffffffffffffe)

15.743984926s ago: executing program 8 (id=1861):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000001840)=@filter={'filter\x00', 0x42, 0x4, 0x2d0, 0xffffffff, 0x0, 0x0, 0x1a0, 0xffffffff, 0xffffffff, 0x238, 0x238, 0x238, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'netpci0\x00', 'nr0\x00', {}, {0xff}, 0x0, 0x2}, 0x74000002, 0x70, 0x98, 0x1ba, {0x46010000, 0x2c000000000000}}, @REJECT={0x28}}, {{@ip={@empty, @remote, 0xff, 0x0, 'veth0_to_batadv\x00', 'bridge_slave_1\x00', {0xff}}, 0x287, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@state={{0x28}, {0x9}}, @common=@unspec=@limit={{0x48}, {0xfffffffe, 0x7, 0x0, 0x0, 0xfffffffc, 0x0, 0x3}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x1ff, 0x2, 0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x330)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000a80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804c10, &(0x7f00000001c0)=ANY=[], 0xfd, 0x687, &(0x7f0000001300)="$eJzs3c1vHGcdB/DvbDZ2Ni3BTZM2oEq1GgkQEYkdKwVzISCEcogQKgckblbiNFY2aXFc5FaIOrxee+gfUA65IE5I3CMVDlzg1hvyjQokLr1gTot2dna9Xns3a5KsnfL5RLPPM/PM88zv+c3O7IsVbYD/W1fOpf4gRa6cu7reXt+8v9DcvL9wu1tPMp1kI6knqSUp/t1qtT5MLidFb5hioNzl/ZXF1z76ZPPjzlq9Wsr9a6P6Daj22xjYvNHdNpvkSFU+gh3jXXvk8Ype5JeTnK1KOHBHk7R2+NGfn+219Gns1fvYRGIEnqyi87q5y0xyvLrQ2+8Duq+8tclGN77pMfcbfAcBAAAAT5txPgN/ditbWS9OTCAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+FTY2P79/6Jaat36bIru7/9PVdtS1Q+Xl/e3+4MnFQcAAAAAAAAATNDLW9nKek5011tF+Tf/V8qVU+XjM3krd7Oc1ZzPepaylrWsZj7JTN9AU+tLa2ur82P0vNjf82iSsufFhwQ6XZWNxzZ1AAAAAAAAAPg0+VmubP/9HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoMiOdIpUtzrbJpq12dSqyc5Vq1nI/lrt/40e3DQAQAAAMAETCdbWc+J7nqryKkkL5TfARzLW7mTtaxkLc0s53r5vUDnU39t8/5Cc/P+wu32snvcb/5rX2GUI6bz3cPeRz5T7tHIjayUW87nWt5IM9dTK3u2nani6Y46ENe9dkzFNyo72/4xLLLrVdme+XtVucu7+5rsMPv8MmWmzMjRXkbmqtja2Xiue2b2PkP7PDuDR5pPrRfsqYEjTe2czKicD3W8Ktvz+dWwnB+IwUxc7Hv2vTA658kX//C7H8xV9cMzpfEcqcpW+djYnYmFvky8OE4mbjbv3Lp54+65py0Tu8yVmTjdW7+S7+T7OZfZfC+rWcmPs5S1LGc23y5rS9XJL/ou+SGZurxdbYwRyVT1DO2crIfEVOyM6ZWy74ms5Lt5I9eznFfLfxczn6/mUi5lse8Mnx59hsurvjbkqm99Zs/gz36pb6a/HnPGk9HO63N9ee2/586Ubf1btrN0cows7fPeWP98VWkf4+dVeTgMZmK+LxPPj87Eb8rbyt3mnVurN5fe3NH09x8OOdzJ96pK+zr6ZTJ7eG4k7efLyfbJKtd2Pjvabc/v2TZftp3qtdV2tZ3utXWu1I2hV+pU9R5u90gXy7YX92xbKNvO9LXt9X4LgEPv+JePTzX+2fhL44PGLxo3G1ePfWv6a9MvTeXoH49+vT535Au1l4rf54P8dPvzPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8L+7+/Y7t5aazeXVgUqr1Xp3e8vVJLv3GV2pV0fYX6/HUTmWvz3TPvIeTd2fM5tgPJ97Npnc3A9r5T+tVqvaUgzZ57d/OjSJalUOReoOqHJw9yRgMi6s3X7zwt233/nKyu2l15dfX76zeOnS4tzipVcXLtxYaS7PdR4POkrgSdh+0T/oSAAAAAAAAAAAAIBxTeK/Exz0HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICn25VzqT9Ikfm583Pt9c37C8320q1v71lPUktS/CQpPkwup7Nkpm+4Ythx3l9ZfO2jTzY/3h6r3t2/NqrfyEF7Nqols0mOdMp7D+015njXqnKkYlSURW8S7YSdTTL9CMHBY/PfAAAA//9yJwaw")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000080)={0xb, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0x8a, 0x588b, 0xffffffff, 0xd7, 0x1154, 0x7, "5a10711bad66f5d57ee866a015b6883d7205afc0414711ec701b3c431e7be1a2af4e165a86057902c089013e2b5a29fc815da67a07d85734905d5a2b0167d297f57fbcde36618a3119d6ffabe6db43d894c7310bbe3722117ff6e74a560c94d468dbcebf92961d18a27f4e4dd3ea70e645db812991221dbb00f13e26d299927c0818a93917f745f1e89b"}}, 0x1a2)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)

13.395282342s ago: executing program 7 (id=1862):
ioctl$PTP_PEROUT_REQUEST(0xffffffffffffffff, 0x40383d03, &(0x7f0000000100)={{0xbb2, 0xc}, {0x9, 0x5}, 0xe})
r0 = epoll_create1(0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f00000002c0)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0xa0002017})

13.340970955s ago: executing program 2 (id=1863):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8000000000000008, 0xfffffffffffffffa}, 0x0)
clock_gettime(0x0, &(0x7f0000000140))
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
fchown(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = getpgid(r0)
fcntl$setownex(r1, 0xf, &(0x7f00000000c0)={0x2, r5})
setrlimit(0x2, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f00000000c0)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0xb3, 0x6}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)

13.317393427s ago: executing program 1 (id=1864):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000770000000800000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000180), &(0x7f0000000280)}, 0x20)

13.215720783s ago: executing program 8 (id=1865):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000002880)=ANY=[@ANYBLOB="b4000000000b00007910000000000000db100003410000009500740000000000079c69dc7ded5dbe11b62ac5ea9fca11027d19e93adb605feb92de3145e8ed7ac5b8902070213cdfdc646c4890cdeb50347c32060581172b94c6dd22a2b589b6cbad46ed6ef79f7068f5e603950c4f67581c92ef8a7e000017d5f1110ed29d3b2aaf153bcf69bebf18262352ba68d39942c3b567e06411d8879622f74cc431dabd332c4c4702e4c3d41bfb54b574e8947309c7503c3e8ea23e12e064f442e8cbeab77cdf1ebd8465593c0000000000000000000000000000006f429b14459ffd88bee4b9d894ddad0980af53a1feb155f1010400bfb5b81b73035fd5a76985d4710fb6fbfb2a933a09dd6317e77ca962327022fb34017197ff712a35c655dd0dec053fdbc310f29c6b8be788b559a80135bb7369351b952ade2339eddde60eb16301b0f4640be5852e1cef861b861b7b19ea03dfc83f729d02e9e73db24dd5dfb09d4b1bbbd5dd5daa4615b0845f264f229f9806862e116612ade616b1769e97549d095b0a4d02801406491d77a65fe74f8aa67391e8cb3c000020000000000083b92cdfc143ceba1c18e742f256ecc4"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x101100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f0000003b00))
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1)
socket$netlink(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20a00, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x2a20050, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r1, @ANYRESOCT=r1, @ANYRES64, @ANYRES64=r2, @ANYRES16, @ANYRESOCT=r1], 0x5, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG")
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x4a, 0x0, 0x0)

11.908920258s ago: executing program 1 (id=1866):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x69, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, 0x0)

11.891612069s ago: executing program 2 (id=1867):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f00000000c0)={0x1f, 0x3}, 0x6)
write$bt_hci(r4, &(0x7f0000000240)=ANY=[], 0x25)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
syz_emit_ethernet(0x2a, 0x0, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
ptrace$pokeuser(0x6, r5, 0x358, 0x800000000000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002d0ea4314c85c1844100000008000300", @ANYRES32=r7, @ANYBLOB="30005080080007000100000004000600110001001e328a75b23a03fed55a363a09000000090001006c1ae03f6c000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4000084}, 0x20000080)

10.591916095s ago: executing program 1 (id=1868):
socket$nl_generic(0x10, 0x3, 0x10)
pipe(0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000540)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001040)={0x2020}, 0x2020)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
accept4(r3, 0x0, 0x0, 0x800)

9.48191782s ago: executing program 9 (id=1870):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x200, 0xa, 0x20002f7, 0x0, r0})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

8.77422241s ago: executing program 8 (id=1871):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8000000000000008, 0xfffffffffffffffa}, 0x0)
clock_gettime(0x0, &(0x7f0000000140))
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
fchown(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = getpgid(r0)
fcntl$setownex(r1, 0xf, &(0x7f00000000c0)={0x2, r5})
setrlimit(0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)

8.59682019s ago: executing program 9 (id=1872):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x4, 0x0, &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000002300)={0x7, {"a2e3ad214fc752f91b4809094bf70e0dd038e7ff7fc6e5539b326d078b089b3b083872090890e0878f0e1ac6e7049b3d68959b4c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b08320d075d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb1d17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000e0a37ce0d0d4aa202e928f28381aab144a5d429a04a6a2b83c7076600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e988037b2ed050000000000000046684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2e7faa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5399e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a74cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df2928924486cfff799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e74322f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2a9702b4230f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df11fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fffffff7f00000000758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x10af}}, 0x1006)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
r4 = syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x210c11, &(0x7f00000001c0)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRESHEX=0x0, @ANYRESHEX, @ANYRES32], 0x2, 0x226, &(0x7f0000000580)="$eJzsmc9rE0EUx78zu9lsqyge9OAlHgpWsJvdjUovIvXiqSK0Ih6DXUvrtpEkSFMQ2j/AP0Dw7/DQkwdv3jx48qCC0IM5ehChI7M7k53suiZxwYvvA5n9zq/35k1m30ACgiD+W758/v7pxe3l9asATmMBddV+bOkRNrgx/uNLq6bk290zz4/y9hgAIbK6PcG/9PdmxQIOUrNCZLN/CGBB2VwHT7TkPjiuKP0ADJ5eq8hmR2B4qJq3Dd2ZUyKO2KNOvPF4K458WQSyCGXRAsTY+oeHDBsAXOWCGevvDfaftGOgm4o40qImtJ9CV0645V2pwHb5/iXrW+G4aWwBB87qfk89fWP/AnAESrfAsKb0MurwPK+hqlFgxH/RzuxbgDMe/+QgU+HOMri6OLdU1c6tGQP8rTgRha4DVA/Q+auvYFYhX7/Jg+U6ZnfBG8VZziQ7buWtY/kW+UKPWi4Mj94VZ30da/mwWuaC4Z+e8KlEkrgAFLrez8fxatai81q3Nzg/ZudSuj9384dNn8DSI4HjO2rIZSM/2cat0OzvPG32BvtLWzvtzWgz2g3D1g3/mu9fD5vy3vGbSYb+Q/5zk/w0b9ivlYx1mIO9dr/fDfaAfjcY1cO0NDLu2uvOt1GaHx5yLP4UQl8vSdjqomQ5H0x9+Cv5lGrRKl08QRAEQRAEQRAEQRAEQRDElNSBU0ADDOq3yhP9b5UoYIf38GwO+BUAAP//sXdcPQ==")
r5 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
dup2(r4, r5)

7.188788242s ago: executing program 8 (id=1873):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000140)={@private1, @dev={0xfe, 0x80, '\x00', 0x2a}, @loopback, 0x8, 0x3, 0x9, 0x400, 0x6, 0x208002a})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x6c, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

6.312795953s ago: executing program 7 (id=1874):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000488}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
r5 = fanotify_init(0xf00, 0x2)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
fanotify_mark(r5, 0x105, 0x8971, r4, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3c, &(0x7f0000000100)=0x2, 0x4)
rename(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file1\x00')
prlimit64(r1, 0x0, 0x0, 0x0)
linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x1000)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000000c0))

5.057646116s ago: executing program 1 (id=1875):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x64, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.99742749s ago: executing program 2 (id=1876):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB='nonumtail=0,iocharset=cp950,umask=00000000000000000000000,uni_xlate=1,uni_xlate=1,shortname=win95,utf8=0,shortname=win95,utf8=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c696f636861727365743d6d616363726f617469616e2c696f636861727365743d63703433372c757365667265652c726f6469722c7569643e74353a7bd912f41b207e4bc4478b479f5a21373fd412d72f65702b57308921a665e19ef4cc41aac5e7c09d211fd4c1fbf43833c769c6b16297c14d0d92df4f0371acd1b184d6", @ANYBLOB="ba29b889190f85c5f2d10d0dd5e3b2a8ee52ec6555dd208028b6b67d99335ad8fd687d1168eebb25947c46b93fb50c9b0cc14ff52fefc9b30e382f00c152b0666359cb400c3e7b036f1ebacae43a22c47e55b428c3341311cc05af28dc7e366ba8223a7651ff8afb0fe73cfff4af", @ANYRES8], 0x6, 0x2aa, &(0x7f0000000500)="$eJzs3T1re1UYAPDnpulN1CEZnETwgg5Ope3qkiItFDMpGdRBi21BmiC0UPAFYydXF0c/gSC4+SVc/AQKrqKbHQpX7s29Jq1paqSx/5ffb+nTc89zznNODy0d7sn7L45ODrM4vvjsl2i3k2j0oheXSXSjEbUv4preVwEAPM4u8zz+yCeWyUsior26sgCAFVr67//3Ky8JAFixt95+542dfn/3zSxrx97oy/NB8Z998XXyfOc4PoxhHMVmdOIqIv/bJN7L83zczArdeGU0Ph8UmaP3fqzG3/ktoszfik50y6br+fv93a1sYiZ/XNTxbDV/r8jfjk48P2f+/f7u9pz8GKTx6ssz9W9EJ376ID6KYRyWRUzzP9/Kstfzr//89N2ivCI/GZ8PWmW/qXzt5t61Vv/jAQAAAAAAAAAAAAAAAAAAAADgCbVR3Z3TivL+nqKpun9n7ar4Zj2yWvf6/TyT/KQeaOZ+oDTyfJzHN/X9OptZluVVx2l+M15oRvNhVg0AAAAAAAAAAAAAAAAAAACPlrOPPzk5GA6PTu8lqG8DqF/r/6/j9GZaXorFnVvTuRpVuGDkWKv7JBG3lZEU21Is4p625a7gmdtq/va7ZQds391nfdH+3E9Qn66Tg2T+HraibmnXh+SH2T5plMHPv981V3rbo3yp45fOfdRZeu3pc2UwXtAnkkWFvfbrZOeqluTmKtJyV+emr1fBTPqNs7HUef7n74rEbR0AAAAAAAAAAAAAAAAAALBS05d+5zy8WJjayFsrKwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/lfTz/9fIhhXyf+icxqnZw+8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4CfwUAAP//UZdgPQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000009840)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
setregid(0xee00, 0xee00)
fchdir(0xffffffffffffffff)
mount(0x0, 0x0, &(0x7f00000001c0)='bfs\x00', 0x5c9, 0x0)
setuid(0xee01)
utimensat(r0, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)

4.748904684s ago: executing program 2 (id=1877):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8000000000000008, 0xfffffffffffffffa}, 0x0)
clock_gettime(0x0, &(0x7f0000000140))
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
fchown(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = getpgid(r0)
fcntl$setownex(r1, 0xf, &(0x7f00000000c0)={0x2, r5})
setrlimit(0x2, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f00000000c0)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0xb3, 0x6}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)

4.748620304s ago: executing program 9 (id=1878):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000640)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c1, &(0x7f0000001880)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZzWSNMZHNyu1+Ps0++8zznfk9k4fsbJEnH748Obqfx8MnX/wSWZZEZxjDOEliEJ1ofBULht8EAPAsOymK+L2Y2SSXRES2vbIAgC1a7+9/d9786VLKAgC26N677729f3Bw550ssrg7+fp4VP5nX/6cHd9/GB/HOB7Ea9GP04jqQWE3qqeFsnm3KIppNy8N4uZkejwqk5MPntbn3/8tosrvRT8GVdfZ00aVf+vgzl4+08pPyzqer68/LPO3ox8vnoUX8reX5GOUxquvtOq/Ff34+aP4JMZxvypinv9yL8/fLL794/P3y/LKfDI9HvWqcXPFziW/NAAAAAAAAAAAAAAAAAAAAAAAXGG36r1zepHfiJuTsqvef2fnNNLy17wxWNyfZ5ZPmhO19wcqimJaxPetLQXzoh44z3fjpW57Y0EAAAAAAAAAAAAAAAAAAAC4vh5/+tnR4Xj84NGFNJrdALoR8ee9iP96nmGr50asHtyrr3k4Hnfq5sKYp2m7J3aaMUnEyjLKSVzQbfm3xnPna24aP/xYTnCTE2atnteXT3B3+/NqVtfRYbL8Wr1oerJ6kXyXRszHpLHmtdJ/OlTEJssvXXqov/Hc0xeqxnTFmEhWFfbGr7M7V/ck52eRVnd1aXy3brTi59bGWq97ZLP4398rkmq3jt723owAAAAAAAAAAAAAAAAAAOCam3/6d8nBJyujncJHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Iubf/79BY1qH1xicxqPH//MUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAb+CgAA//8HIVi7")
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0)

3.354312965s ago: executing program 2 (id=1879):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
shmat(0x0, &(0x7f00009b0000/0x1000)=nil, 0x4000)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x3f)
setpgid(r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

3.210961514s ago: executing program 9 (id=1880):
creat(0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6", 0x3)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

2.052074581s ago: executing program 9 (id=1881):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x9)
socket$unix(0x1, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000480)=0x7)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x18, &(0x7f0000000100)=0x2, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f00000001c0)={0x0, 0x0, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000000)={r3, r4, 0x1, 0x0, 0x3})
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000400000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a32000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000005c000000160a0101000b000000000000010000000900020073797a32000000000900010073797a3000000000300003802c0003801400010067656e65766530000000000000000000140001007665746831"], 0xfc}}, 0x0)

731.563277ms ago: executing program 7 (id=1882):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000002880)=ANY=[@ANYBLOB="b4000000000b00007910000000000000db100003410000009500740000000000079c69dc7ded5dbe11b62ac5ea9fca11027d19e93adb605feb92de3145e8ed7ac5b8902070213cdfdc646c4890cdeb50347c32060581172b94c6dd22a2b589b6cbad46ed6ef79f7068f5e603950c4f67581c92ef8a7e000017d5f1110ed29d3b2aaf153bcf69bebf18262352ba68d39942c3b567e06411d8879622f74cc431dabd332c4c4702e4c3d41bfb54b574e8947309c7503c3e8ea23e12e064f442e8cbeab77cdf1ebd8465593c0000000000000000000000000000006f429b14459ffd88bee4b9d894ddad0980af53a1feb155f1010400bfb5b81b73035fd5a76985d4710fb6fbfb2a933a09dd6317e77ca962327022fb34017197ff712a35c655dd0dec053fdbc310f29c6b8be788b559a80135bb7369351b952ade2339eddde60eb16301b0f4640be5852e1cef861b861b7b19ea03dfc83f729d02e9e73db24dd5dfb09d4b1bbbd5dd5daa4615b0845f264f229f9806862e116612ade616b1769e97549d095b0a4d02801406491d77a65fe74f8aa67391e8cb3c000020000000000083b92cdfc143ceba1c18e742f256ecc4"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x101100)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f0000003b00))
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1)
socket$netlink(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20a00, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x2a20050, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r1, @ANYRESOCT=r1, @ANYRES64, @ANYRES64=r2, @ANYRES16, @ANYRESOCT=r1], 0x5, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG")
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r2, 0xaec7)

45.684137ms ago: executing program 1 (id=1883):
socket$nl_generic(0x10, 0x3, 0x10)
pipe(0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000540)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
read$FUSE(r4, &(0x7f0000001040)={0x2020}, 0x2020)

44.583877ms ago: executing program 9 (id=1884):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1c, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000071004f00000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3e}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$packet_fanout(r2, 0x107, 0x12, 0x0, 0x0)
splice(r1, 0x0, r2, 0x0, 0x7, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x21408, 0x0, 0x1, 0x0, &(0x7f0000006380))
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', 0x0, 0x0)
utimensat(r3, 0x0, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000600)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setresuid(0x0, 0xee01, 0xee00)
r5 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000002000/0x4000)=nil)
shmctl$SHM_LOCK(r5, 0xb)
read$FUSE(r4, &(0x7f00000012c0)={0x2020}, 0x2020)
socket$netlink(0x10, 0x3, 0x8000000004)

0s ago: executing program 8 (id=1885):
socket$inet_icmp(0x2, 0x2, 0x1)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000200), &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r5, 0x0)
syz_io_uring_submit(r1, r2, 0x0)
io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

expected cc 0x1003 length: 249 > 9
[  360.738754][ T4271] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  360.756509][ T4271] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  360.768121][ T4271] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  360.777825][ T4271] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  361.166225][ T6300] usb 3-1: config 0 has an invalid interface number: 199 but max is 1
[  361.210082][ T6300] usb 3-1: config 0 has no interface number 1
[  361.226603][ T6300] usb 3-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  361.250481][ T6300] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  361.265698][ T6300] usb 3-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[  361.275082][ T6300] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  361.283412][ T6300] usb 3-1: SerialNumber: syz
[  361.302552][ T6300] usb 3-1: config 0 descriptor??
[  361.516274][ T6300] usb 3-1: Found UVC 0.00 device <unnamed> (0002:0000)
[  361.525618][ T6300] usb 3-1: No valid video chain found.
[  361.555891][ T6300] usb 3-1: USB disconnect, device number 23
[  361.604413][ T4271] Bluetooth: hci3: command 0x041b tx timeout
[  362.736164][ T8359] binder: 8358:8359 ioctl c0306201 200000000240 returned -11
[  362.884801][ T4271] Bluetooth: hci4: command 0x0409 tx timeout
[  362.899410][ T8278] team0: Port device team_slave_0 added
[  362.926206][ T8343] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.933437][ T8343] bridge0: port 1(bridge_slave_0) entered forwarding state
[  362.996080][ T8278] team0: Port device team_slave_1 added
[  363.099123][ T8278] batman_adv: batadv0: Adding interface: batadv_slave_0
[  363.133750][ T8366] loop2: detected capacity change from 0 to 128
[  363.141431][ T8278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.167370][    C0] vkms_vblank_simulate: vblank timer overrun
[  363.209723][ T8278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  363.238131][ T8278] batman_adv: batadv0: Adding interface: batadv_slave_1
[  363.245472][ T8278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.271358][    C0] vkms_vblank_simulate: vblank timer overrun
[  363.277708][ T8278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  363.278501][ T8366] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  363.324854][ T8366] ext4 filesystem being mounted at /195/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  363.374086][ T8278] device hsr_slave_0 entered promiscuous mode
[  363.395093][ T8278] device hsr_slave_1 entered promiscuous mode
[  363.411572][ T8278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  363.451383][ T8366] EXT4-fs (loop2): shut down requested (2)
[  363.464377][ T8278] Cannot create hsr debugfs directory
[  363.572557][ T8375] loop0: detected capacity change from 0 to 512
[  363.651335][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  363.658362][ T8375] EXT4-fs: Ignoring removed oldalloc option
[  363.684402][ T4271] Bluetooth: hci3: command 0x040f tx timeout
[  363.710039][ T8375] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  363.802056][ T8375] EXT4-fs (loop0): 1 truncate cleaned up
[  363.884454][ T8375] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  364.132018][ T8338] chnl_net:caif_netlink_parms(): no params data found
[  364.322601][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  364.582004][ T8404] loop2: detected capacity change from 0 to 64
[  366.187213][ T8407] Trying to free block not in datazone
[  366.199215][ T4277] Bluetooth: hci3: command 0x0419 tx timeout
[  366.205431][ T4271] Bluetooth: hci4: command 0x041b tx timeout
[  366.411354][ T5262] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.573069][ T5262] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.626262][ T8338] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.633485][ T8338] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.655506][ T8338] device bridge_slave_0 entered promiscuous mode
[  366.702390][ T8338] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.732688][ T8338] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.760581][ T8338] device bridge_slave_1 entered promiscuous mode
[  366.820648][ T5262] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.888742][ T8278] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  367.087040][ T8426] loop2: detected capacity change from 0 to 128
[  367.795354][ T8426] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  367.834707][ T8426] ext4 filesystem being mounted at /200/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  367.879596][ T5262] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.923168][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  367.955958][ T8278] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  367.975016][ T8278] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  368.010646][ T8433] loop2: detected capacity change from 0 to 512
[  368.029653][ T8433] EXT4-fs: Ignoring removed oldalloc option
[  368.044015][ T8338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  368.055364][ T8433] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  368.072337][ T8338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.088381][ T8433] EXT4-fs (loop2): 1 truncate cleaned up
[  368.110593][ T8278] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  368.125745][ T8433] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  368.244656][ T4271] Bluetooth: hci4: command 0x040f tx timeout
[  368.258779][ T8338] team0: Port device team_slave_0 added
[  368.314377][ T8338] team0: Port device team_slave_1 added
[  368.389282][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  368.512812][ T8338] batman_adv: batadv0: Adding interface: batadv_slave_0
[  368.534321][ T8338] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.608882][ T8338] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  368.641932][ T8338] batman_adv: batadv0: Adding interface: batadv_slave_1
[  368.670321][ T8338] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.769602][ T8338] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  368.948592][ T8452] device syzkaller0 entered promiscuous mode
[  369.306405][ T8338] device hsr_slave_0 entered promiscuous mode
[  369.324142][ T8338] device hsr_slave_1 entered promiscuous mode
[  369.362587][ T8338] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  369.394663][ T8338] Cannot create hsr debugfs directory
[  369.845623][ T8278] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.929384][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  369.968786][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  370.064969][ T8278] 8021q: adding VLAN 0 to HW filter on device team0
[  370.325324][ T4271] Bluetooth: hci4: command 0x0419 tx timeout
[  370.348817][ T8481] netlink: 'syz.0.952': attribute type 16 has an invalid length.
[  370.414377][ T8481] netlink: 'syz.0.952': attribute type 17 has an invalid length.
[  370.450763][ T8481] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  370.459497][ T8481] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  370.472084][ T8481] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  370.618701][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  370.629858][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  370.639634][ T4408] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.646755][ T4408] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.715696][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  370.729611][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  370.744803][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  370.766327][ T4408] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.773505][ T4408] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.808584][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  370.822212][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  371.078096][ T8488] loop2: detected capacity change from 0 to 512
[  371.098452][ T8488] EXT4-fs: Ignoring removed oldalloc option
[  371.108087][ T8488] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  371.152976][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  371.164567][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  371.173691][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  371.193931][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  371.205366][ T8488] EXT4-fs (loop2): 1 truncate cleaned up
[  371.211063][ T8488] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  371.226150][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  371.254745][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  371.314691][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  371.349821][ T8338] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  371.419029][ T8338] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  371.441430][ T8338] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  371.459010][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  371.474737][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  371.579263][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  371.658757][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  371.682642][ T8338] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  371.756574][ T5262] device hsr_slave_0 left promiscuous mode
[  371.783509][ T5262] device hsr_slave_1 left promiscuous mode
[  371.803226][ T5262] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  371.833416][ T5262] batman_adv: batadv0: Removing interface: batadv_slave_0
[  371.888756][ T5262] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  371.898404][ T5262] batman_adv: batadv0: Removing interface: batadv_slave_1
[  371.914983][ T5262] device bridge_slave_1 left promiscuous mode
[  371.929245][ T5262] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.942597][ T5262] device bridge_slave_0 left promiscuous mode
[  371.958066][ T8504] loop2: detected capacity change from 0 to 64
[  371.968322][ T5262] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.010591][ T8504] Trying to free block not in datazone
[  372.132228][ T5262] device veth1_macvtap left promiscuous mode
[  372.158887][ T5262] device veth0_macvtap left promiscuous mode
[  372.178267][ T5262] device veth1_vlan left promiscuous mode
[  372.184123][ T5262] device veth0_vlan left promiscuous mode
[  373.210911][ T5262] team0 (unregistering): Port device team_slave_1 removed
[  373.248868][ T5262] team0 (unregistering): Port device team_slave_0 removed
[  373.288710][ T5262] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  373.329687][ T5262] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  373.604982][ T5262] bond0 (unregistering): Released all slaves
[  374.019125][ T8338] 8021q: adding VLAN 0 to HW filter on device bond0
[  374.099791][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  374.114006][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  374.285064][ T8338] 8021q: adding VLAN 0 to HW filter on device team0
[  374.302903][ T8278] 8021q: adding VLAN 0 to HW filter on device batadv0
[  374.313904][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  374.436164][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  374.447249][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  374.488320][ T8535] loop2: detected capacity change from 0 to 2048
[  374.511933][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  374.782732][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.789945][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  375.107220][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  375.173984][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  375.193912][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  375.235858][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.243003][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  375.302678][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  375.329143][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  376.343500][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  376.523424][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  376.671482][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  376.869641][ T8338] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  376.930976][ T8338] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  377.151214][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  377.160182][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  377.169259][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  377.177770][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  377.186318][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  377.194803][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  377.203089][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  377.659581][ T8582] loop2: detected capacity change from 0 to 512
[  377.690225][ T8582] EXT4-fs: Ignoring removed oldalloc option
[  377.719411][ T8582] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  377.796071][ T8582] EXT4-fs (loop2): 1 truncate cleaned up
[  377.801779][ T8582] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  377.884829][ T5266] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  377.892431][ T5266] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  377.952387][ T8338] 8021q: adding VLAN 0 to HW filter on device batadv0
[  378.033591][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  378.069655][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  378.149117][ T5266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  378.178135][ T5266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  378.236162][ T5266] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  378.262988][ T5266] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  378.284674][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  378.329009][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  378.335387][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  378.344883][ T8278] device veth0_vlan entered promiscuous mode
[  378.408788][ T8278] device veth1_vlan entered promiscuous mode
[  378.521610][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  378.536415][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  378.586942][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  378.615043][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  378.629875][ T8278] device veth0_macvtap entered promiscuous mode
[  378.651470][ T8278] device veth1_macvtap entered promiscuous mode
[  378.707757][ T8278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.744984][ T8278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.775313][ T8278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  378.808756][ T8278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.847270][ T8278] batman_adv: batadv0: Interface activated: batadv_slave_0
[  378.896012][ T5262] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  379.007950][ T5262] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  379.046735][ T5262] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  379.087152][ T5262] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  379.105464][ T8278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  379.117279][ T8278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  379.133470][ T8278] batman_adv: batadv0: Interface activated: batadv_slave_1
[  379.142391][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  379.153586][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  379.178170][ T8278] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  379.197374][ T8278] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  379.227700][ T8278] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  379.255297][ T8278] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.468676][ T4346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.499777][ T4346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.563931][ T8631] "syz.2.975" (8631) uses obsolete ecb(arc4) skcipher
[  379.654532][ T5262] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  379.837799][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  379.864779][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  379.921991][ T5262] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.952088][ T5262] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.965134][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  379.978458][ T8633] loop0: detected capacity change from 0 to 512
[  380.000949][ T8633] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  380.016230][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  380.031847][ T8633] EXT4-fs (loop0): 1 truncate cleaned up
[  380.037708][ T8633] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  380.057825][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  380.087589][ T8633] EXT4-fs (loop0): shut down requested (1)
[  380.093738][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  380.102285][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  380.116834][ T8338] device veth0_vlan entered promiscuous mode
[  380.153359][ T8641] binder_alloc: 8639: binder_alloc_buf, no vma
[  380.186923][ T8338] device veth1_vlan entered promiscuous mode
[  380.238596][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  380.273638][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  380.297081][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  380.329585][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  380.355629][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  380.446947][ T8338] device veth0_macvtap entered promiscuous mode
[  380.491368][ T8338] device veth1_macvtap entered promiscuous mode
[  380.538663][ T8338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.549399][ T8338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.560977][ T8338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.571795][ T8338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.586378][ T8338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  380.598289][ T8338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  380.615909][ T8338] batman_adv: batadv0: Interface activated: batadv_slave_0
[  380.624347][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  380.739687][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  380.887649][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  381.147176][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  381.269565][ T8338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  381.324487][ T8338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  381.398079][ T8659] loop2: detected capacity change from 0 to 7
[  381.415171][ T8338] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  381.438194][ T4259] Dev loop2: unable to read RDB block 7
[  381.443838][ T4259]  loop2: unable to read partition table
[  381.449969][ T8338] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  381.470727][ T4259] loop2: partition table beyond EOD, truncated
[  381.483754][ T8659] Dev loop2: unable to read RDB block 7
[  381.497921][ T8338] batman_adv: batadv0: Interface activated: batadv_slave_1
[  381.511423][ T8659]  loop2: unable to read partition table
[  381.562450][ T8338] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  381.581869][ T8659] loop2: partition table beyond EOD, truncated
[  381.607602][ T8659] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  381.621775][ T8338] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  381.682069][ T8338] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  381.719302][ T8338] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  381.745868][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  381.755822][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  382.003573][ T4346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  382.003769][ T8671] loop2: detected capacity change from 0 to 256
[  382.267441][ T8671] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3967cd3a, utbl_chksum : 0xe619d30d)
[  382.490766][ T4346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.651319][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  382.674343][   T26] audit: type=1800 audit(1770023030.710:7): pid=8671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.987" name="file1" dev="loop2" ino=1048763 res=0 errno=0
[  382.758376][ T8671] syz.2.987: attempt to access beyond end of device
[  382.758376][ T8671] loop2: rw=524288, sector=440, nr_sectors = 256 limit=256
[  382.776624][   T26] audit: type=1800 audit(1770023030.740:8): pid=8671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.987" name="file1" dev="loop2" ino=1048763 res=0 errno=0
[  382.819396][ T4408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  382.836258][   T26] audit: type=1800 audit(1770023030.880:9): pid=8675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.987" name="file1" dev="loop2" ino=1048763 res=0 errno=0
[  382.858606][ T4408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.913769][ T4491] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  384.247183][ T8693] loop2: detected capacity change from 0 to 512
[  384.259986][ T8692] binder: BINDER_SET_CONTEXT_MGR already set
[  384.271190][ T8693] EXT4-fs: Ignoring removed oldalloc option
[  384.294120][ T8692] binder: 8690:8692 ioctl 4018620d 200000000040 returned -16
[  384.319050][ T8693] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  384.332125][ T8695] loop8: detected capacity change from 0 to 512
[  384.350241][ T8692] binder: 8690:8692 ioctl c0306201 200000000240 returned -11
[  384.438818][ T8703] "syz.0.988" (8703) uses obsolete ecb(arc4) skcipher
[  384.470869][ T8695] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13
[  384.480248][ T8693] EXT4-fs (loop2): 1 truncate cleaned up
[  384.499956][ T8693] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  384.517630][ T8695] EXT4-fs error (device loop8): ext4_clear_blocks:883: inode #13: comm syz.8.992: attempt to clear invalid blocks 2 len 1
[  384.535650][ T8695] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  384.600733][ T8695] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.992: invalid indirect mapped block 1819239214 (level 0)
[  384.615539][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  384.671856][ T8695] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #13: comm syz.8.992: invalid indirect mapped block 1819239214 (level 1)
[  384.714513][ T8708] loop7: detected capacity change from 0 to 128
[  384.741834][ T8695] EXT4-fs (loop8): 1 truncate cleaned up
[  384.782121][ T8695] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  384.915211][ T8708] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  384.959530][ T8708] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  385.344361][ T6300] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  385.504433][ T6300] usb 8-1: device descriptor read/64, error -71
[  385.567330][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  385.711919][ T8720] loop0: detected capacity change from 0 to 1024
[  385.774431][ T6300] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  385.840008][ T8724] loop8: detected capacity change from 0 to 1024
[  385.868721][ T8728] loop2: detected capacity change from 0 to 1024
[  385.895981][ T8724] EXT4-fs: Ignoring removed nomblk_io_submit option
[  385.919271][ T8728] EXT4-fs: Ignoring removed nomblk_io_submit option
[  385.940091][ T8724] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  385.954449][ T6300] usb 8-1: device descriptor read/64, error -71
[  385.993384][ T8728] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  386.031645][ T8724] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  386.054427][ T8724] System zones: 0-1, 3-36
[  386.074537][ T6300] usb usb8-port1: attempt power cycle
[  386.097103][ T8728] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  386.111659][ T8724] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  386.412366][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  386.493344][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  386.506212][ T6300] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  386.566679][ T6300] usb 8-1: device descriptor read/8, error -71
[  386.610233][ T4359] kworker/u4:6: attempt to access beyond end of device
[  386.610233][ T4359] loop0: rw=1, sector=5778, nr_sectors = 2 limit=1024
[  386.684681][ T4359] Buffer I/O error on dev loop0, logical block 2889, lost async page write
[  386.701619][ T4359] kworker/u4:6: attempt to access beyond end of device
[  386.701619][ T4359] loop0: rw=1, sector=393216, nr_sectors = 2 limit=1024
[  386.734372][ T4359] Buffer I/O error on dev loop0, logical block 196608, lost async page write
[  386.767740][ T4359] kworker/u4:6: attempt to access beyond end of device
[  386.767740][ T4359] loop0: rw=1, sector=393218, nr_sectors = 2 limit=1024
[  386.824721][ T4359] Buffer I/O error on dev loop0, logical block 196609, lost async page write
[  386.841528][ T6300] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  386.866022][ T4359] kworker/u4:6: attempt to access beyond end of device
[  386.866022][ T4359] loop0: rw=1, sector=393220, nr_sectors = 2 limit=1024
[  386.885140][ T6300] usb 8-1: device descriptor read/8, error -71
[  386.905391][ T4359] Buffer I/O error on dev loop0, logical block 196610, lost async page write
[  388.198487][ T6300] usb usb8-port1: unable to enumerate USB device
[  388.255682][ T4359] kworker/u4:6: attempt to access beyond end of device
[  388.255682][ T4359] loop0: rw=1, sector=393222, nr_sectors = 2048 limit=1024
[  388.312761][ T4359] kworker/u4:6: attempt to access beyond end of device
[  388.312761][ T4359] loop0: rw=1, sector=395270, nr_sectors = 504 limit=1024
[  388.367104][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  388.594437][ T8755] loop2: detected capacity change from 0 to 2048
[  388.654112][ T8761] loop0: detected capacity change from 0 to 512
[  388.668586][ T8761] EXT4-fs: Ignoring removed nobh option
[  388.692123][ T8755] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  388.789125][ T8755] loop2: detected capacity change from 2048 to 2
[  388.820388][ T8761] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  388.844511][ T8761] ext4 filesystem being mounted at /221/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  389.041883][ T4269] syz-executor: attempt to access beyond end of device
[  389.041883][ T4269] loop2: rw=2049, sector=128, nr_sectors = 1 limit=2
[  389.084324][ T4269] Buffer I/O error on dev loop2, logical block 128, lost sync page write
[  389.242720][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  389.390074][ T8769] device syzkaller0 entered promiscuous mode
[  389.420832][ T8771] loop0: detected capacity change from 0 to 512
[  389.509789][ T8775] "syz.7.1005" (8775) uses obsolete ecb(arc4) skcipher
[  389.730055][ T8771] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  389.925171][ T8771] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.1007: attempt to clear invalid blocks 2 len 1
[  389.979531][ T8771] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  390.097440][ T8771] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1007: invalid indirect mapped block 1819239214 (level 0)
[  390.169638][ T8771] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1007: invalid indirect mapped block 1819239214 (level 1)
[  390.294351][ T8771] EXT4-fs (loop0): 1 truncate cleaned up
[  390.300062][ T8771] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  390.448712][ T8785] loop7: detected capacity change from 0 to 512
[  390.692547][ T8785] EXT4-fs: Ignoring removed oldalloc option
[  393.104517][ T8785] EXT4-fs: Ignoring removed nobh option
[  393.110761][ T8785] EXT4-fs: Ignoring removed nobh option
[  393.186443][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  393.449838][ T8785] EXT4-fs (loop7): Test dummy encryption mode enabled
[  393.569335][ T8785] EXT4-fs: error -4 creating inode table initialization thread
[  393.627229][ T8798] loop2: detected capacity change from 0 to 1764
[  393.674805][ T8785] EXT4-fs (loop7): mount failed
[  393.783183][ T8802] loop8: detected capacity change from 0 to 1024
[  393.810709][ T8802] EXT4-fs: Ignoring removed oldalloc option
[  393.821162][ T8801] loop0: detected capacity change from 0 to 512
[  393.901486][ T8802] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  393.921056][ T8801] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  393.921395][ T8811] fuse: Unknown parameter 'group_i00000000000000000000'
[  393.971111][ T8802] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  393.991884][ T8801] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  394.292502][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  394.669127][ T8824] loop0: detected capacity change from 0 to 512
[  394.720947][ T8824] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  394.761169][ T8824] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082]
[  394.828910][ T8824] System zones: 1-12
[  394.904340][ T8824] EXT4-fs (loop0): 1 truncate cleaned up
[  394.910043][ T8824] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  395.623433][ T8835] loop2: detected capacity change from 0 to 256
[  395.751285][ T8835] FAT-fs (loop2): Directory bread(block 64) failed
[  395.764109][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  395.821546][ T8835] FAT-fs (loop2): Directory bread(block 65) failed
[  395.840894][ T8837] loop7: detected capacity change from 0 to 512
[  395.876188][ T8835] FAT-fs (loop2): Directory bread(block 66) failed
[  395.882749][ T8835] FAT-fs (loop2): Directory bread(block 67) failed
[  395.902918][ T8837] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -13
[  395.914028][ T8835] FAT-fs (loop2): Directory bread(block 68) failed
[  395.921536][ T8835] FAT-fs (loop2): Directory bread(block 69) failed
[  395.928780][ T8835] FAT-fs (loop2): Directory bread(block 70) failed
[  395.935712][ T8835] FAT-fs (loop2): Directory bread(block 71) failed
[  395.942349][ T8835] FAT-fs (loop2): Directory bread(block 72) failed
[  395.949727][ T8835] FAT-fs (loop2): Directory bread(block 73) failed
[  395.987500][   T26] audit: type=1800 audit(1770023044.030:10): pid=8835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1019" name="file1" dev="loop2" ino=1048767 res=0 errno=0
[  396.005914][ T8842] "syz.5.1018" (8842) uses obsolete ecb(arc4) skcipher
[  396.015416][ T8837] EXT4-fs error (device loop7): ext4_clear_blocks:883: inode #13: comm syz.7.1021: attempt to clear invalid blocks 2 len 1
[  396.056511][ T8837] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  396.078464][ T8837] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.1021: invalid indirect mapped block 1819239214 (level 0)
[  396.134183][ T8837] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.1021: invalid indirect mapped block 1819239214 (level 1)
[  396.157689][ T8844] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  396.201374][ T8837] EXT4-fs (loop7): 1 truncate cleaned up
[  396.240862][ T8844] kvm: pic: non byte read
[  396.256670][ T8837] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  396.271232][ T8844] kvm: pic: level sensitive irq not supported
[  396.271937][ T8844] kvm: pic: non byte read
[  396.294090][ T8844] kvm: pic: level sensitive irq not supported
[  396.294153][ T8844] kvm: pic: non byte read
[  396.514638][ T8849] input: syz1 as /devices/virtual/input/input9
[  397.194157][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  398.323526][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  398.693619][ T8880] loop7: detected capacity change from 0 to 8192
[  400.125417][ T8880] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  401.043757][ T8891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1035'.
[  401.209505][ T8894] loop2: detected capacity change from 0 to 512
[  401.218530][ T8891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1035'.
[  401.327230][ T8894] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  401.429809][ T8894] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1036: attempt to clear invalid blocks 2 len 1
[  401.540310][ T8894] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  401.609365][ T8894] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1036: invalid indirect mapped block 1819239214 (level 0)
[  401.651589][ T8901] loop7: detected capacity change from 0 to 4096
[  401.664630][ T8894] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1036: invalid indirect mapped block 1819239214 (level 1)
[  401.683542][ T8901] EXT4-fs (loop7): Test dummy encryption mode enabled
[  401.726545][ T8901] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  401.734189][ T8894] EXT4-fs (loop2): 1 truncate cleaned up
[  401.764208][ T8894] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  401.775727][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  402.622088][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  402.923260][ T8918] loop0: detected capacity change from 0 to 1024
[  403.063611][ T8918] EXT4-fs: Ignoring removed oldalloc option
[  403.316683][ T8918] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  403.325905][ T8918] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.381144][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  408.838191][ T8969] loop0: detected capacity change from 0 to 512
[  408.845369][ T8969] EXT4-fs: Ignoring removed oldalloc option
[  408.862172][ T8969] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  409.793281][ T8969] EXT4-fs (loop0): 1 truncate cleaned up
[  409.799026][ T8969] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  410.408774][ T8981] loop8: detected capacity change from 0 to 1024
[  411.638917][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  412.387477][ T8983] loop7: detected capacity change from 0 to 16
[  412.435004][ T8983] erofs: (device loop7): mounted with root inode @ nid 36.
[  412.451512][ T4271] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -41 in[4096, 0] out[9000]
[  412.466090][ T8983] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -41 in[4096, 0] out[8192]
[  412.477708][   T26] audit: type=1800 audit(1770023060.520:11): pid=8983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1053" name="file2" dev="loop7" ino=89 res=0 errno=0
[  413.429110][ T9001] netlink: 'syz.8.1060': attribute type 16 has an invalid length.
[  413.504465][ T9001] netlink: 'syz.8.1060': attribute type 27 has an invalid length.
[  413.595055][ T9008] binder: 9007:9008 ioctl c0306201 200000000240 returned -11
[  413.680385][ T9010] loop0: detected capacity change from 0 to 128
[  413.693647][ T9010] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  413.717140][ T9010] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  414.577216][ T9019] loop7: detected capacity change from 0 to 512
[  414.599931][    C1] sd 0:0:1:0: [sda] tag#5442 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  414.610483][    C1] sd 0:0:1:0: [sda] tag#5442 CDB: Write(6) 0a 00 4e 20 00 00 00 03 ff 02 00 00
[  414.672169][ T9019] EXT4-fs: Ignoring removed nobh option
[  414.990406][ T9030] loop0: detected capacity change from 0 to 512
[  414.998086][ T9030] EXT4-fs: Ignoring removed oldalloc option
[  415.014615][ T9030] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  415.146504][ T9019] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  415.146595][ T9019] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  415.174918][ T9030] EXT4-fs (loop0): 1 truncate cleaned up
[  415.174944][ T9030] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  415.380930][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  415.521757][    T9] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.597430][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  415.674966][ T4277] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  415.715139][ T4277] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  415.716006][ T4277] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  415.717252][ T4277] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  415.717670][ T4277] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  415.718460][ T4277] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  415.848783][    T9] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.265744][ T9054] binder: 9053:9054 ioctl c0306201 200000000240 returned -11
[  416.327728][    T9] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.352407][ T9060] loop7: detected capacity change from 0 to 512
[  416.393973][ T9060] EXT4-fs: Ignoring removed i_version option
[  416.459933][ T9060] EXT4-fs: Ignoring removed bh option
[  416.555401][ T9068] loop8: detected capacity change from 0 to 512
[  416.601727][ T9060] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  416.615748][ T9068] EXT4-fs: Ignoring removed nobh option
[  416.672795][    T9] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.708709][ T9060] ext4 filesystem being mounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  416.740001][ T9068] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  416.777027][ T9068] ext4 filesystem being mounted at /18/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  416.853392][ T9040] chnl_net:caif_netlink_parms(): no params data found
[  417.039620][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  417.145859][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  417.205874][ T9040] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.213011][ T9040] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.259001][ T9040] device bridge_slave_0 entered promiscuous mode
[  417.342330][ T9040] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.365956][ T9040] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.383405][ T9040] device bridge_slave_1 entered promiscuous mode
[  417.573710][ T9040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  417.678033][ T9040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  417.732439][ T9098] ptrace attach of "./syz-executor exec"[4267] was attempted by ""[9098]
[  417.765825][ T4284] Bluetooth: hci2: command 0x0409 tx timeout
[  417.987080][ T9103] binder: 9102:9103 ioctl c0306201 200000000240 returned -11
[  418.165575][ T9040] team0: Port device team_slave_0 added
[  418.434844][ T4284] Bluetooth: hci3: ISO packet for unknown connection handle 0
[  418.518568][ T9040] team0: Port device team_slave_1 added
[  418.543169][ T9110] netlink: 'syz.2.1090': attribute type 3 has an invalid length.
[  418.614636][ T9110] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1090'.
[  419.830764][ T9115] netlink: 60 bytes leftover after parsing attributes in process `syz.8.1091'.
[  419.894594][ T4284] Bluetooth: hci2: command 0x041b tx timeout
[  420.138275][ T9040] batman_adv: batadv0: Adding interface: batadv_slave_0
[  420.164615][ T9040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.288195][ T9040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  421.050137][ T9040] batman_adv: batadv0: Adding interface: batadv_slave_1
[  421.057517][ T9040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  421.155049][ T9040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  421.373892][ T9131] loop2: detected capacity change from 0 to 128
[  421.409121][ T9131] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  421.536094][ T9129] binder: 9123:9129 ioctl c0306201 0 returned -14
[  421.640340][ T9131] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  421.708370][ T9131] ext2 filesystem being mounted at /247/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.874841][ T9040] device hsr_slave_0 entered promiscuous mode
[  421.925550][ T4284] Bluetooth: hci2: command 0x040f tx timeout
[  421.932187][ T9040] device hsr_slave_1 entered promiscuous mode
[  421.980989][ T9040] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  421.988985][ T9040] Cannot create hsr debugfs directory
[  422.017640][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  422.244538][  T129] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  422.372164][ T9144] binder: BINDER_SET_CONTEXT_MGR already set
[  422.394319][ T9144] binder: 9143:9144 ioctl 4018620d 200000000040 returned -16
[  422.425407][ T9144] binder: 9143:9144 ioctl c0306201 200000000240 returned -11
[  422.460956][  T129] usb 9-1: Using ep0 maxpacket: 16
[  422.469358][  T129] usb 9-1: config 0 has an invalid interface number: 29 but max is 0
[  422.500931][  T129] usb 9-1: config 0 has no interface number 0
[  422.522360][  T129] usb 9-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16
[  422.563592][ T9040] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  422.570785][  T129] usb 9-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  422.638869][  T129] usb 9-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0
[  422.694402][  T129] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.712717][  T129] usb 9-1: Product: syz
[  422.728746][  T129] usb 9-1: Manufacturer: syz
[  422.739977][ T9150] loop0: detected capacity change from 0 to 256
[  422.763366][  T129] usb 9-1: SerialNumber: syz
[  422.788860][  T129] usb 9-1: config 0 descriptor??
[  422.812321][ T9138] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  422.838866][ T9040] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  422.875138][ T9040] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  422.923622][ T9040] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  423.082370][    T9] device hsr_slave_0 left promiscuous mode
[  423.254617][    T9] device hsr_slave_1 left promiscuous mode
[  423.282950][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  423.476964][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  423.881946][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  423.956907][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  424.004449][ T4284] Bluetooth: hci2: command 0x0419 tx timeout
[  424.030221][    T9] device bridge_slave_1 left promiscuous mode
[  424.037067][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.048499][    T9] device bridge_slave_0 left promiscuous mode
[  424.055011][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.097648][    T9] device veth1_macvtap left promiscuous mode
[  424.103767][    T9] device veth0_macvtap left promiscuous mode
[  424.111120][    T9] device veth1_vlan left promiscuous mode
[  424.127548][    T9] device veth0_vlan left promiscuous mode
[  424.267593][ T9177] loop0: detected capacity change from 0 to 164
[  424.278444][ T9177] Unable to read rock-ridge attributes
[  424.318462][ T9177] Unable to read rock-ridge attributes
[  425.574888][ T9181] Invalid ELF header magic: != ELF
[  425.845542][ T6476] usb 9-1: USB disconnect, device number 2
[  427.931332][ T9200] loop8: detected capacity change from 0 to 128
[  428.333759][ T9206] loop2: detected capacity change from 0 to 1024
[  428.358557][ T9206] EXT4-fs: Ignoring removed oldalloc option
[  428.429905][ T9206] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  428.445905][ T9206] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.450199][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  429.659648][    T9] team0 (unregistering): Port device team_slave_1 removed
[  429.726187][    T9] team0 (unregistering): Port device team_slave_0 removed
[  429.802375][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  430.382455][ T9229] loop2: detected capacity change from 0 to 16
[  430.396008][ T9229] erofs: (device loop2): mounted with root inode @ nid 36.
[  430.405338][ T9229] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  430.416487][ T9229] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  430.429709][ T9229] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  430.492588][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  430.772362][ T9235] binder: 9233:9235 ioctl c0306201 0 returned -14
[  430.830727][ T9235] loop0: detected capacity change from 0 to 256
[  430.883180][ T9235] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  430.960615][   T26] audit: type=1800 audit(1770023079.000:12): pid=9235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1119" name="file1" dev="loop0" ino=1048793 res=0 errno=0
[  431.192867][    T9] bond0 (unregistering): Released all slaves
[  431.367455][ T9204] netlink: 'syz.8.1114': attribute type 16 has an invalid length.
[  431.402676][ T9204] netlink: 'syz.8.1114': attribute type 27 has an invalid length.
[  431.460666][ T9239] netlink: 'syz.2.1121': attribute type 16 has an invalid length.
[  431.504608][ T9239] netlink: 'syz.2.1121': attribute type 27 has an invalid length.
[  431.571096][ T9233] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  431.820421][ T9264] binder: BINDER_SET_CONTEXT_MGR already set
[  431.839605][ T9264] binder: 9263:9264 ioctl 4018620d 200000000040 returned -16
[  431.854136][ T9264] binder: 9263:9264 ioctl c0306201 200000000240 returned -11
[  431.971089][ T9040] 8021q: adding VLAN 0 to HW filter on device bond0
[  432.106276][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  432.127538][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  432.181106][ T9040] 8021q: adding VLAN 0 to HW filter on device team0
[  432.595665][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  432.650113][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  432.789324][ T5244] bridge0: port 1(bridge_slave_0) entered blocking state
[  432.796528][ T5244] bridge0: port 1(bridge_slave_0) entered forwarding state
[  432.971631][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  433.049839][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  433.058960][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  433.072524][ T5244] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.079650][ T5244] bridge0: port 2(bridge_slave_1) entered forwarding state
[  433.184653][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  433.233331][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  433.252898][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  433.288252][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  433.310932][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  433.345530][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  433.461562][ T9040] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  433.482298][ T9040] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  433.648939][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  433.682572][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  433.851525][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  434.081348][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  434.338640][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  434.411551][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  435.544839][ T9314] netlink: 'syz.2.1135': attribute type 16 has an invalid length.
[  435.600269][ T9314] netlink: 'syz.2.1135': attribute type 27 has an invalid length.
[  435.640486][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  435.669373][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  435.709868][ T9040] 8021q: adding VLAN 0 to HW filter on device batadv0
[  436.900838][ T4284] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[  438.473145][ T9354] syz.2.1144[9354] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  439.260155][ T9359] loop0: detected capacity change from 0 to 256
[  439.511806][ T4259] blk_print_req_error: 15 callbacks suppressed
[  439.511822][ T4259] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  439.768274][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  439.776267][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  441.576125][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  441.595214][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  442.935672][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  442.974906][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  443.007011][ T9040] device veth0_vlan entered promiscuous mode
[  443.026100][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  443.059751][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  443.089172][ T9040] device veth1_vlan entered promiscuous mode
[  443.159135][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  443.180095][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  443.213760][ T9040] device veth0_macvtap entered promiscuous mode
[  443.232401][ T9040] device veth1_macvtap entered promiscuous mode
[  443.313592][ T9040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  443.354666][ T9040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.388273][ T9040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  443.419224][ T9040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.449473][ T9040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  443.490768][ T9040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.544028][ T9040] batman_adv: batadv0: Interface activated: batadv_slave_0
[  443.574649][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  443.585325][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  443.613482][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  443.644027][ T4408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  443.670222][ T9040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  443.692653][ T9040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.734312][ T9040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  443.770872][ T9040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  443.796068][ T9040] batman_adv: batadv0: Interface activated: batadv_slave_1
[  443.814495][ T9391] netlink: 'syz.2.1153': attribute type 16 has an invalid length.
[  443.833626][ T9391] netlink: 'syz.2.1153': attribute type 27 has an invalid length.
[  443.872186][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  443.881166][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  443.907869][ T9040] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  443.919088][ T9040] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  443.946045][ T9040] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  443.966008][ T9040] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.146602][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.182433][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.231928][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  444.253003][ T5262] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.268241][ T9401] loop7: detected capacity change from 0 to 512
[  444.291445][ T5262] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.345436][ T9401] EXT4-fs: Ignoring removed oldalloc option
[  444.353902][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  444.389937][ T9401] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  444.491861][ T9401] EXT4-fs (loop7): 1 truncate cleaned up
[  444.505579][ T9401] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  444.514924][ T9406] loop8: detected capacity change from 0 to 128
[  444.582639][ T9409] netlink: 'syz.2.1155': attribute type 16 has an invalid length.
[  444.591403][ T9409] netlink: 'syz.2.1155': attribute type 27 has an invalid length.
[  444.619914][ T9406] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  444.668928][ T9406] ext4 filesystem being mounted at /37/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  444.797444][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  444.986483][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  445.249189][ T9430] loop8: detected capacity change from 0 to 1024
[  445.280717][ T9430] EXT4-fs: inline encryption not supported
[  445.330967][ T9430] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  445.451335][ T9430] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  445.575224][ T9444] loop7: detected capacity change from 0 to 512
[  445.816633][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  445.906410][ T9444] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  445.928017][ T9454] loop0: detected capacity change from 0 to 256
[  446.409083][ T9444] ext4 filesystem being mounted at /44/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  446.599237][ T9459] netlink: 'syz.8.1165': attribute type 16 has an invalid length.
[  446.624342][ T9459] netlink: 'syz.8.1165': attribute type 27 has an invalid length.
[  446.664568][   T26] audit: type=1800 audit(1770023094.690:13): pid=9460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1162" name="file2" dev="loop7" ino=16 res=0 errno=0
[  446.779166][   T26] audit: type=1800 audit(1770023094.720:14): pid=9444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1162" name="file1" dev="loop7" ino=15 res=0 errno=0
[  446.965822][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  447.073150][ T9467] loop2: detected capacity change from 0 to 1024
[  449.437533][ T9473] loop2: detected capacity change from 0 to 1024
[  450.743222][ T9481] netlink: 'syz.8.1170': attribute type 16 has an invalid length.
[  450.826067][ T9481] netlink: 'syz.8.1170': attribute type 27 has an invalid length.
[  453.264947][ T9507] netlink: 'syz.7.1178': attribute type 25 has an invalid length.
[  453.274461][ T9507] netlink: 'syz.7.1178': attribute type 7 has an invalid length.
[  453.282248][ T9507] netlink: 'syz.7.1178': attribute type 1 has an invalid length.
[  453.373088][ T9507] netlink: 156 bytes leftover after parsing attributes in process `syz.7.1178'.
[  458.590383][ T9566] loop7: detected capacity change from 0 to 256
[  460.636922][ T9588] "syz.9.1191" (9588) uses obsolete ecb(arc4) skcipher
[  460.688406][ T9587] loop8: detected capacity change from 0 to 512
[  460.735005][ T9587] EXT4-fs: Ignoring removed oldalloc option
[  462.181968][ T9587] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  462.330408][ T9598] loop2: detected capacity change from 0 to 1024
[  462.960595][ T9587] EXT4-fs: error -4 creating inode table initialization thread
[  463.055827][ T9587] EXT4-fs (loop8): mount failed
[  463.339293][ T9604] loop2: detected capacity change from 0 to 128
[  463.395090][ T9604] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  463.414566][ T9604] ext4 filesystem being mounted at /274/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  463.582037][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  463.928312][ T9620] 9pnet_fd: Insufficient options for proto=fd
[  469.065586][ T9664] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1210'.
[  470.669121][ T9693] loop9: detected capacity change from 0 to 1024
[  470.769279][ T9693] hfsplus: unable to parse mount options
[  470.897884][ T9693] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input11
[  470.923542][ T9698] loop7: detected capacity change from 0 to 512
[  470.939555][ T9698] EXT4-fs: Ignoring removed oldalloc option
[  471.036994][ T9698] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  471.168447][ T9698] EXT4-fs (loop7): 1 truncate cleaned up
[  471.231309][ T9698] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  472.667990][ T9709] loop9: detected capacity change from 0 to 164
[  472.721148][ T9709] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  472.884126][ T9718] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1224'.
[  473.242964][ T9726] loop2: detected capacity change from 0 to 2048
[  473.312790][ T9726] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  473.312870][ T9726] ext4 filesystem being mounted at /281/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  473.329050][ T9726] fs-verity: sha512 using implementation "sha512-avx2"
[  474.143983][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  474.319204][ T4284] Bluetooth: hci0: unexpected event for opcode 0x041c
[  474.721276][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  474.985809][   T26] audit: type=1326 audit(1770023123.030:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9748 comm="syz.7.1235" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b6279aeb9 code=0x0
[  475.309319][ T9761] fuse: Bad value for 'fd'
[  478.089623][ T9770] loop2: detected capacity change from 0 to 4096
[  478.272709][ T9770] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  479.336423][ T9789] loop8: detected capacity change from 0 to 1024
[  480.488652][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  480.980470][ T9807] loop7: detected capacity change from 0 to 512
[  481.054082][ T9807] EXT4-fs: Ignoring removed oldalloc option
[  481.064316][ T4322] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  481.100653][ T9807] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  482.345087][ T9807] EXT4-fs (loop7): 1 truncate cleaned up
[  482.411268][ T9807] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  483.874207][ T4277] Bluetooth: hci3: command 0x0406 tx timeout
[  483.994604][ T4322] usb 10-1: device descriptor read/all, error -71
[  484.198932][ T9825] fuse: Invalid rootmode
[  484.294096][ T9827] loop2: detected capacity change from 0 to 1024
[  484.340671][ T9827] EXT4-fs: Ignoring removed nomblk_io_submit option
[  484.374635][ T9827] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  484.457973][ T9827] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  484.523423][ T9827] System zones: 0-1, 3-36
[  484.614468][ T9827] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  485.357408][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  487.924576][ T4277] Bluetooth: hci4: command 0x0406 tx timeout
[  490.775190][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  490.910641][ T9861] fuse: Bad value for 'group_id'
[  491.104439][ T6304] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  491.444690][ T6304] usb 1-1: Using ep0 maxpacket: 16
[  491.452308][ T6304] usb 1-1: config 0 has an invalid interface number: 29 but max is 0
[  492.214313][ T4349] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[  492.256852][ T6304] usb 1-1: config 0 has no interface number 0
[  492.262997][ T6304] usb 1-1: config 0 interface 29 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16
[  492.272892][ T6304] usb 1-1: config 0 interface 29 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  492.295508][ T6304] usb 1-1: New USB device found, idVendor=050d, idProduct=2102, bcdDevice=70.d0
[  492.922810][ T9879] loop7: detected capacity change from 0 to 16
[  492.948558][ T9879] erofs: (device loop7): mounted with root inode @ nid 36.
[  492.962843][ T9879] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  492.974024][ T9879] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  492.974048][ T6304] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.987585][ T9879] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  493.045591][ T6304] usb 1-1: Product: syz
[  493.057170][ T4349] usb 10-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[  493.068210][ T6304] usb 1-1: Manufacturer: syz
[  493.079185][ T6304] usb 1-1: SerialNumber: syz
[  493.085088][ T4349] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.094779][ T6304] usb 1-1: config 0 descriptor??
[  493.156302][ T9858] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  493.168279][ T4349] usb 10-1: config 0 descriptor??
[  493.371543][ T6300] usb 1-1: USB disconnect, device number 11
[  493.410591][ T4277] Bluetooth: hci2: adv larger than maximum supported
[  493.410676][ T4277] Bluetooth: hci2: Malformed LE Event: 0x0d
[  493.411995][ T4349] usb 10-1: string descriptor 0 read error: -71
[  493.507794][ T4349] usb-storage 10-1:0.0: USB Mass Storage device detected
[  493.626118][ T4349] usb-storage 10-1:0.0: Quirks match for vid 05ab pid 0060: 2
[  493.752640][ T4349] usb 10-1: USB disconnect, device number 4
[  493.847080][ T9895] loop2: detected capacity change from 0 to 512
[  493.889654][ T9895] EXT4-fs: Ignoring removed oldalloc option
[  493.949190][ T9895] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  495.354929][ T9910] 9pnet_fd: Insufficient options for proto=fd
[  495.356926][ T9895] EXT4-fs (loop2): 1 truncate cleaned up
[  495.382726][ T9895] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  495.490795][ T9909] loop7: detected capacity change from 0 to 1024
[  497.877626][ T9926] fuse: Bad value for 'group_id'
[  499.819980][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  499.855794][ T6576] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  500.005743][ T9948] loop0: detected capacity change from 0 to 1024
[  500.047099][ T6576] usb 9-1: config 0 has an invalid interface number: 133 but max is 0
[  500.228479][ T9954] loop2: detected capacity change from 0 to 16
[  500.240832][ T9954] erofs: (device loop2): mounted with root inode @ nid 36.
[  500.305041][ T9953] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  500.316354][ T9953] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  500.327538][ T9953] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  500.340992][ T6576] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  500.364271][ T6576] usb 9-1: config 0 has no interface number 0
[  500.370582][ T6576] usb 9-1: config 0 interface 133 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  500.380813][ T6576] usb 9-1: config 0 interface 133 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  500.402700][ T6576] usb 9-1: New USB device found, idVendor=203e, idProduct=8888, bcdDevice=a8.71
[  500.609559][ T6576] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.718795][ T6576] usb 9-1: Product: syz
[  500.728383][ T6576] usb 9-1: Manufacturer: syz
[  500.734259][ T6576] usb 9-1: SerialNumber: syz
[  500.745681][ T6576] usb 9-1: config 0 descriptor??
[  500.752362][ T9941] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  500.762594][ T6576] usb-storage 9-1:0.133: USB Mass Storage device detected
[  500.977310][ T4317] usb 9-1: USB disconnect, device number 3
[  501.212523][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  501.390376][ T9973] loop0: detected capacity change from 0 to 1024
[  501.438830][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  502.716178][ T9966] loop2: detected capacity change from 0 to 1024
[  502.735376][ T9966] EXT4-fs: Ignoring removed mblk_io_submit option
[  502.760401][ T9966] ext4: Unknown parameter 'audit'
[  502.931004][ T9977] loop9: detected capacity change from 0 to 1024
[  503.025018][ T9977] EXT4-fs: Ignoring removed bh option
[  503.047088][ T9977] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  503.189458][ T9977] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  503.260272][ T9988] 9pnet_fd: Insufficient options for proto=fd
[  503.310747][ T9977] EXT4-fs error (device loop9): ext4_lookup:1858: inode #16: comm syz.9.1274: iget: bad extended attribute block 8
[  503.935532][ T9040] EXT4-fs (loop9): unmounting filesystem.
[  504.439665][T10011] loop0: detected capacity change from 0 to 512
[  504.481541][T10011] EXT4-fs: Ignoring removed oldalloc option
[  504.972352][T10013] loop8: detected capacity change from 0 to 16
[  504.985118][T10013] erofs: (device loop8): mounted with root inode @ nid 36.
[  505.000060][T10011] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  505.144704][T10011] EXT4-fs (loop0): 1 truncate cleaned up
[  505.150492][T10011] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  505.267186][T10019] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  507.164412][T10033] loop8: detected capacity change from 0 to 1024
[  508.459389][T10036] loop9: detected capacity change from 0 to 1024
[  508.719152][T10044] loop7: detected capacity change from 0 to 512
[  508.930420][T10044] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  509.239712][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  510.660350][T10072] loop2: detected capacity change from 0 to 2048
[  510.795577][T10072] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  510.832782][T10075] loop7: detected capacity change from 0 to 16
[  511.199357][T10075] erofs: (device loop7): mounted with root inode @ nid 36.
[  511.245015][T10072] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  511.869885][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  512.163151][ T5268] hfsplus: b-tree write err: -5, ino 3
[  512.871339][T10098] loop0: detected capacity change from 0 to 1024
[  513.571062][T10113] loop0: detected capacity change from 0 to 256
[  515.189623][T10130] loop8: detected capacity change from 0 to 16
[  515.207441][T10130] erofs: (device loop8): mounted with root inode @ nid 36.
[  516.368329][T10143] loop8: detected capacity change from 0 to 1024
[  517.136797][   T46] hfsplus: b-tree write err: -5, ino 3
[  517.279610][T10145] netlink: 'syz.2.1321': attribute type 5 has an invalid length.
[  519.935013][ T6574] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  520.154272][ T6574] usb 3-1: Using ep0 maxpacket: 16
[  520.161606][ T6574] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  520.198082][ T6574] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  520.257694][ T6574] usb 3-1: string descriptor 0 read error: -71
[  520.284548][ T6574] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  520.307528][ T6574] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.360758][ T6574] usb 3-1: can't set config #1, error -71
[  520.398897][ T6574] usb 3-1: USB disconnect, device number 24
[  521.888898][T10176] netlink: 'syz.2.1328': attribute type 39 has an invalid length.
[  522.030615][T10179] loop7: detected capacity change from 0 to 512
[  522.094998][T10179] EXT4-fs: Ignoring removed oldalloc option
[  522.110554][T10179] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  522.231339][T10184] loop9: detected capacity change from 0 to 128
[  522.238835][T10179] EXT4-fs (loop7): 1 truncate cleaned up
[  522.244620][T10179] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  522.357659][T10184] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  522.544730][T10184] ext4 filesystem being mounted at /35/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  523.001624][T10196] loop8: detected capacity change from 0 to 1024
[  524.628460][T10184] fscrypt (loop9, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[  524.723510][T10184] fscrypt (loop9, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[  526.266786][ T9040] EXT4-fs (loop9): unmounting filesystem.
[  528.439488][T10234] loop2: detected capacity change from 0 to 1024
[  528.468876][T10234] EXT4-fs: Ignoring removed orlov option
[  528.547402][T10234] EXT4-fs: Ignoring removed bh option
[  528.556134][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  530.104106][T10234] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  530.205673][T10254] loop8: detected capacity change from 0 to 128
[  531.691896][T10264] loop7: detected capacity change from 0 to 256
[  531.776681][T10264] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  532.216491][ T6476] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  533.764311][ T6476] usb 9-1: Using ep0 maxpacket: 8
[  534.772851][ T6476] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 3
[  535.025014][ T6476] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  535.034992][ T6476] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  535.052207][ T6476] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11
[  535.069761][ T6476] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024
[  535.094821][ T6476] usb 9-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  535.115686][ T6476] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  535.144551][ T6476] usb 9-1: config 0 descriptor??
[  535.455499][ T6476] usb 9-1: can't set config #0, error -71
[  535.463582][ T6476] usb 9-1: USB disconnect, device number 4
[  536.211232][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  536.385968][T10309] loop7: detected capacity change from 0 to 512
[  536.392925][T10309] EXT4-fs: Ignoring removed oldalloc option
[  536.402273][T10309] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  536.437769][T10309] EXT4-fs (loop7): 1 truncate cleaned up
[  536.444300][T10309] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  537.501724][T10319] loop0: detected capacity change from 0 to 1024
[  539.385686][ T9735] hfsplus: b-tree write err: -5, ino 3
[  544.343057][T10365] loop9: detected capacity change from 0 to 1024
[  544.397162][T10365] EXT4-fs: Ignoring removed orlov option
[  544.425216][T10365] EXT4-fs: Ignoring removed bh option
[  544.555055][T10365] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  544.749636][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  547.624468][T10404] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1369'.
[  551.293610][T10423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1370'.
[  551.724409][T10429] loop7: detected capacity change from 0 to 1024
[  552.258882][T10426] loop0: detected capacity change from 0 to 1024
[  552.286510][ T9040] EXT4-fs (loop9): unmounting filesystem.
[  552.368374][T10426] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  552.397400][T10426] ext4 filesystem being mounted at /297/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  552.409106][T10435] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[  552.519883][   T46] hfsplus: b-tree write err: -5, ino 3
[  552.691291][T10447] loop8: detected capacity change from 0 to 512
[  552.692506][T10447] EXT4-fs: Ignoring removed oldalloc option
[  552.923660][T10447] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  552.968735][T10447] EXT4-fs (loop8): 1 truncate cleaned up
[  552.968762][T10447] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  552.989890][T10426] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #15: comm syz.0.1372: lblock 0 mapped to illegal pblock 0 (length 1)
[  554.373419][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  554.473062][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  556.153356][T10471] loop8: detected capacity change from 0 to 1024
[  556.376714][T10471] EXT4-fs: Ignoring removed i_version option
[  556.481535][T10475] loop2: detected capacity change from 0 to 128
[  556.505000][T10471] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  556.641202][T10475] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  556.702451][T10475] ext4 filesystem being mounted at /316/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  557.527728][T10489] loop7: detected capacity change from 0 to 1024
[  557.576638][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  557.594504][T10489] EXT4-fs: Ignoring removed orlov option
[  557.752502][T10489] EXT4-fs: Ignoring removed bh option
[  557.976039][T10489] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  560.748721][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  562.132955][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  562.659435][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  562.665797][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  562.785880][T10525] loop7: detected capacity change from 0 to 1024
[  563.973684][T10528] loop0: detected capacity change from 0 to 512
[  563.980445][T10528] EXT4-fs: Ignoring removed oldalloc option
[  563.989483][T10528] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  565.579368][T10528] EXT4-fs: error -4 creating inode table initialization thread
[  565.588087][T10528] EXT4-fs (loop0): mount failed
[  565.630108][T10535] loop2: detected capacity change from 0 to 764
[  568.462726][T10552] loop0: detected capacity change from 0 to 1024
[  569.697441][T10558] loop7: detected capacity change from 0 to 1024
[  569.712004][T10558] EXT4-fs: Ignoring removed orlov option
[  569.725118][T10558] EXT4-fs: Ignoring removed bh option
[  569.801733][T10558] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  569.881645][ T4441] hfsplus: b-tree write err: -5, ino 3
[  570.090025][T10566] loop0: detected capacity change from 0 to 2048
[  570.198219][T10566]  loop0: p3 < > p4 < >
[  570.202528][T10566] loop0: partition table partially beyond EOD, truncated
[  570.254485][T10566] loop0: p3 start 4284289 is beyond EOD, truncated
[  570.327430][ T3638]  loop0: p3 < > p4 < >
[  570.331649][ T3638] loop0: partition table partially beyond EOD, truncated
[  570.351242][ T3638] loop0: p3 start 4284289 is beyond EOD, truncated
[  570.663982][T10576] loop0: detected capacity change from 0 to 256
[  570.680486][T10459] udevd[10459]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  571.243749][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  571.724776][T10601] "syz.8.1406" (10601) uses obsolete ecb(arc4) skcipher
[  572.548607][T10609] netlink: 60 bytes leftover after parsing attributes in process `syz.9.1399'.
[  575.453757][T10630] loop2: detected capacity change from 0 to 1024
[  576.284122][ T9628] hfsplus: b-tree write err: -5, ino 3
[  576.426396][T10632] loop8: detected capacity change from 0 to 1024
[  576.492353][T10632] EXT4-fs: Ignoring removed orlov option
[  576.564302][T10632] EXT4-fs: Ignoring removed bh option
[  576.645144][T10632] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  577.385565][T10650] "syz.0.1418" (10650) uses obsolete ecb(arc4) skcipher
[  577.434108][T10653] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  577.772407][T10647] kvm [10646]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x1000011d8
[  577.953507][T10647] kvm [10646]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x58ba
[  578.717240][T10668] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1419'.
[  579.801271][T10676] loop7: detected capacity change from 0 to 16
[  581.530930][T10676] erofs: (device loop7): mounted with root inode @ nid 36.
[  581.542482][T10674] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  581.553617][T10674] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  581.564692][T10674] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  585.297009][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  588.723332][T10728] loop7: detected capacity change from 0 to 16
[  589.096559][T10728] erofs: (device loop7): mounted with root inode @ nid 36.
[  589.110602][T10727] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  589.121796][T10727] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  589.132962][T10727] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  594.300644][T10775] loop8: detected capacity change from 0 to 128
[  594.384765][T10775] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  596.198065][ T4284] Bluetooth: hci2: command 0x0406 tx timeout
[  596.539578][T10796] loop0: detected capacity change from 0 to 1024
[  596.616062][T10796] EXT4-fs: Ignoring removed orlov option
[  596.621825][T10796] EXT4-fs: Ignoring removed bh option
[  596.763433][T10796] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  597.276281][T10814] loop2: detected capacity change from 0 to 16
[  598.022466][T10814] erofs: (device loop2): mounted with root inode @ nid 36.
[  598.036573][T10812] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  598.047696][T10812] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  598.058737][T10812] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  602.581887][T10859] loop8: detected capacity change from 0 to 1024
[  602.590203][T10859] EXT4-fs: Ignoring removed nomblk_io_submit option
[  602.607629][T10859] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  602.630377][T10859] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  602.638930][T10859] System zones: 0-1, 3-36
[  602.647600][T10859] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  603.317369][ T8338] EXT4-fs (loop8): unmounting filesystem.
[  606.165181][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  608.785236][ T4277] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  608.834416][ T4277] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  608.843412][ T4277] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  608.874917][ T4277] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  608.882433][ T4277] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  608.889965][ T4277] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  609.223492][   T75] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  609.532658][   T75] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  609.703005][   T75] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  609.882154][   T75] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  610.077836][T10922] loop7: detected capacity change from 0 to 256
[  610.102186][T10922] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  611.319239][ T4277] Bluetooth: hci0: command 0x0409 tx timeout
[  611.384309][T10922] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  611.485996][T10922] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  611.502613][T10904] chnl_net:caif_netlink_parms(): no params data found
[  612.015184][T10938] loop8: detected capacity change from 0 to 1024
[  612.983454][T10904] bridge0: port 1(bridge_slave_0) entered blocking state
[  613.032684][T10949] loop8: detected capacity change from 0 to 256
[  613.050209][T10949] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  613.061033][T10949] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  613.074771][T10949] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  613.100762][T10904] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.181245][T10904] device bridge_slave_0 entered promiscuous mode
[  613.324549][T10904] bridge0: port 2(bridge_slave_1) entered blocking state
[  613.331681][T10904] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.364498][ T4277] Bluetooth: hci0: command 0x041b tx timeout
[  613.424458][T10904] device bridge_slave_1 entered promiscuous mode
[  614.601317][T10904] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  615.501213][ T4277] Bluetooth: hci0: command 0x040f tx timeout
[  615.510999][T10904] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  615.794733][T10904] team0: Port device team_slave_0 added
[  615.892938][T10904] team0: Port device team_slave_1 added
[  617.342927][T10904] batman_adv: batadv0: Adding interface: batadv_slave_0
[  617.359744][T10904] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  617.425865][T10904] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  617.561067][ T4277] Bluetooth: hci0: command 0x0419 tx timeout
[  617.622106][T10989] loop8: detected capacity change from 0 to 1024
[  617.823956][T10904] batman_adv: batadv0: Adding interface: batadv_slave_1
[  617.835421][T10904] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  617.894292][T10904] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  618.062779][T10992] loop7: detected capacity change from 0 to 1024
[  618.186286][T10419] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  618.195896][T10904] device hsr_slave_0 entered promiscuous mode
[  619.514671][T10904] device hsr_slave_1 entered promiscuous mode
[  620.964582][T10986] usb 9-1: new full-speed USB device number 5 using dummy_hcd
[  621.165669][T10986] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  621.204617][T10986] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  621.255387][T10986] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  621.273566][T10986] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  621.315133][T10986] usb 9-1: SerialNumber: syz
[  621.369096][T10986] cdc_ether: probe of 9-1:1.0 failed with error -22
[  621.380257][T10986] usb-storage 9-1:1.0: USB Mass Storage device detected
[  621.452223][T10986] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  621.481956][T10986] scsi host1: usb-storage 9-1:1.0
[  622.803294][ T6478] usb 9-1: USB disconnect, device number 5
[  623.025916][   T75] device hsr_slave_0 left promiscuous mode
[  623.033865][   T75] device hsr_slave_1 left promiscuous mode
[  624.476689][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  624.483028][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  624.589870][   T75] device veth1_macvtap left promiscuous mode
[  624.599253][   T75] device veth0_macvtap left promiscuous mode
[  624.643602][   T75] device veth1_vlan left promiscuous mode
[  624.680906][   T75] device veth0_vlan left promiscuous mode
[  625.018642][T11054] loop9: detected capacity change from 0 to 256
[  625.040395][T11054] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[  625.064520][T11054] exFAT-fs (loop9): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  625.100966][T11054] syz.9.1491: attempt to access beyond end of device
[  625.100966][T11054] loop9: rw=524288, sector=280, nr_sectors = 128 limit=256
[  625.116752][T11054] syz.9.1491: attempt to access beyond end of device
[  625.116752][T11054] loop9: rw=524288, sector=408, nr_sectors = 256 limit=256
[  625.132665][T11054] syz.9.1491: attempt to access beyond end of device
[  625.132665][T11054] loop9: rw=0, sector=280, nr_sectors = 8 limit=256
[  625.161020][   T26] audit: type=1800 audit(1770023273.200:16): pid=11054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1491" name="file1" dev="loop9" ino=1048812 res=0 errno=0
[  625.820481][T11065] loop9: detected capacity change from 0 to 1024
[  628.767075][T11085] fuse: Bad value for 'group_id'
[  629.873606][T11090] loop8: detected capacity change from 0 to 1024
[  632.427977][T11090] hfsplus: failed to load extents file
[  632.621107][T11094] loop9: detected capacity change from 0 to 512
[  632.650604][T11094] EXT4-fs: Ignoring removed oldalloc option
[  632.722076][T11094] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  632.956277][T11094] EXT4-fs (loop9): 1 truncate cleaned up
[  632.962081][T11094] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  633.796299][ T9040] EXT4-fs (loop9): unmounting filesystem.
[  635.470429][T11128] loop9: detected capacity change from 0 to 1024
[  636.403121][   T75] bond0 (unregistering): Released all slaves
[  638.215629][T11144] loop7: detected capacity change from 0 to 512
[  638.456807][T11144] EXT4-fs: Ignoring removed oldalloc option
[  638.734836][T11144] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  638.886014][T11144] EXT4-fs (loop7): 1 truncate cleaned up
[  638.891753][T11144] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  640.191115][T10904] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  640.222918][T10904] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  640.273059][T10904] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  640.334864][T10904] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  640.432359][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  640.764598][T10904] 8021q: adding VLAN 0 to HW filter on device bond0
[  640.960319][T11175] loop7: detected capacity change from 0 to 1024
[  643.596089][T11175] hfsplus: failed to load extents file
[  643.661125][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  643.681191][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  643.747508][T10904] 8021q: adding VLAN 0 to HW filter on device team0
[  643.794896][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  643.854906][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  643.895655][ T9583] bridge0: port 1(bridge_slave_0) entered blocking state
[  643.902767][ T9583] bridge0: port 1(bridge_slave_0) entered forwarding state
[  643.969359][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  643.995816][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  644.049582][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  644.060112][ T9583] bridge0: port 2(bridge_slave_1) entered blocking state
[  644.067296][ T9583] bridge0: port 2(bridge_slave_1) entered forwarding state
[  644.124529][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  644.168841][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  644.217046][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  644.236485][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  644.285924][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  644.315366][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  644.344084][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  644.374097][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  644.407669][T10904] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  644.437251][T10904] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  644.466830][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  644.485090][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  644.529736][ T9583] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  645.309095][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  645.329292][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  645.369941][T10904] 8021q: adding VLAN 0 to HW filter on device batadv0
[  645.433329][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  645.459783][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  645.503231][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  645.520464][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  645.546257][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  645.609887][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  645.640973][T10904] device veth0_vlan entered promiscuous mode
[  645.728305][T10904] device veth1_vlan entered promiscuous mode
[  646.504407][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  646.529471][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  646.598067][T10904] device veth0_macvtap entered promiscuous mode
[  646.636180][T10904] device veth1_macvtap entered promiscuous mode
[  646.703626][T10904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  646.765874][T10904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  646.810815][T10904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  646.846269][T10904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  646.873867][T10904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  646.904223][T10904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  646.925154][T10904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  646.958587][T10904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.302963][T10904] batman_adv: batadv0: Interface activated: batadv_slave_0
[  647.376506][T10904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.387272][T10904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.398719][T10904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.410499][T10904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.421564][T10904] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  647.433169][T10904] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.453175][T10904] batman_adv: batadv0: Interface activated: batadv_slave_1
[  647.478250][T10904] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  647.489333][T10904] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  647.506084][T10904] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  647.516628][T10904] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  648.347560][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  648.371200][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  648.380852][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  648.390582][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  648.399913][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  648.409025][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  648.592474][ T9583] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.642204][ T9583] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.722668][ T5244] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  648.798904][ T5244] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  648.877897][ T5244] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  648.942390][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  650.753217][T11262] loop7: detected capacity change from 0 to 1024
[  659.018676][T11325] netlink: 60 bytes leftover after parsing attributes in process `syz.8.1549'.
[  660.802493][T11344] loop8: detected capacity change from 0 to 1024
[  662.436635][T11343] hfsplus: xattr searching failed
[  680.401049][T11456] loop2: detected capacity change from 0 to 16
[  680.696045][T11456] erofs: (device loop2): mounted with root inode @ nid 36.
[  680.709762][T11455] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  680.721527][T11455] erofs: (device loop2): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  680.732650][T11455] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  685.484956][T11483] "syz.9.1588" (11483) uses obsolete ecb(arc4) skcipher
[  685.528297][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  685.535620][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  687.462361][T11491] Bluetooth: MGMT ver 1.22
[  689.273287][T11504] loop9: detected capacity change from 0 to 1024
[  693.138227][T11538] loop2: detected capacity change from 0 to 1024
[  693.444040][ T9628] hfsplus: b-tree write err: -5, ino 3
[  693.499828][T11543] loop8: detected capacity change from 0 to 256
[  693.637225][T11543] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  693.693787][T11543] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  693.805271][T11543] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  694.772826][   T26] audit: type=1800 audit(1770023342.810:17): pid=11543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.1603" name="file1" dev="loop8" ino=1048816 res=0 errno=0
[  694.953944][T11554] loop2: detected capacity change from 0 to 512
[  695.078543][T11554] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  695.144566][T11554] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1606: attempt to clear invalid blocks 2 len 1
[  695.224657][T11554] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  695.303745][T11554] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1606: invalid indirect mapped block 1819239214 (level 0)
[  695.368424][T11554] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1606: invalid indirect mapped block 1819239214 (level 1)
[  695.532061][T11566] loop8: detected capacity change from 0 to 1024
[  695.549642][T11554] EXT4-fs (loop2): 1 truncate cleaned up
[  695.605069][T11554] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  697.089069][T11576] 9pnet_fd: Insufficient options for proto=fd
[  697.765534][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  697.974048][T11584] binder: BINDER_SET_CONTEXT_MGR already set
[  698.014284][T11584] binder: 11583:11584 ioctl 4018620d 200000000040 returned -16
[  698.047173][T11584] binder: 11583:11584 ioctl c0306201 200000000240 returned -11
[  698.566594][T11591] loop1: detected capacity change from 0 to 1024
[  699.116861][T11591] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  699.384103][T10904] EXT4-fs (loop1): unmounting filesystem.
[  703.609006][T11630] loop1: detected capacity change from 0 to 1024
[  703.721725][T11632] loop2: detected capacity change from 0 to 512
[  704.003455][T11632] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  704.060828][T11632] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1620: attempt to clear invalid blocks 2 len 1
[  704.135268][T11632] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  704.184505][T11632] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1620: invalid indirect mapped block 1819239214 (level 0)
[  704.278314][T11632] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1620: invalid indirect mapped block 1819239214 (level 1)
[  704.478792][T11632] EXT4-fs (loop2): 1 truncate cleaned up
[  704.504451][T11632] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  706.664098][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  706.976056][T11655] binder: 11653:11655 ioctl c0306201 200000000240 returned -11
[  711.077232][T11688] fuse: Unknown parameter 'group_i00000000000000000000'
[  711.660673][T11703] "syz.9.1632" (11703) uses obsolete ecb(arc4) skcipher
[  712.308999][T11704] loop7: detected capacity change from 0 to 512
[  712.488243][T11704] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -13
[  712.666434][T11704] EXT4-fs error (device loop7): ext4_clear_blocks:883: inode #13: comm syz.7.1633: attempt to clear invalid blocks 2 len 1
[  712.704546][T11704] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  713.410768][T11704] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.1633: invalid indirect mapped block 1819239214 (level 0)
[  715.091529][T11704] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.1633: invalid indirect mapped block 1819239214 (level 1)
[  715.264958][T11704] EXT4-fs (loop7): 1 truncate cleaned up
[  715.270665][T11704] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  716.621848][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  717.358016][T11748] loop7: detected capacity change from 0 to 16
[  717.385531][T11748] erofs: (device loop7): mounted with root inode @ nid 36.
[  717.394354][T11748] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  717.405452][T11748] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  717.416505][T11748] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  718.694290][T11765] "syz.9.1644" (11765) uses obsolete ecb(arc4) skcipher
[  720.928038][T11776] loop9: detected capacity change from 0 to 1024
[  721.108347][T11779] fuse: Unknown parameter 'group_id00000000000000000000'
[  724.450235][T11797] loop9: detected capacity change from 0 to 1024
[  724.610695][T11797] EXT4-fs: inline encryption not supported
[  724.687644][T11797] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  724.841068][T11797] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  725.156760][ T9040] EXT4-fs (loop9): unmounting filesystem.
[  727.813904][T11832] "syz.1.1656" (11832) uses obsolete ecb(arc4) skcipher
[  728.631474][T11834] fuse: Unknown parameter 'group_id00000000000000000000'
[  729.077106][T11843] loop1: detected capacity change from 0 to 512
[  729.208153][T11843] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  729.254822][T11843] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.1663: attempt to clear invalid blocks 2 len 1
[  729.366409][T11843] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  729.446077][T11843] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1663: invalid indirect mapped block 1819239214 (level 0)
[  729.676858][T11843] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1663: invalid indirect mapped block 1819239214 (level 1)
[  729.729639][T11843] EXT4-fs (loop1): 1 truncate cleaned up
[  730.755066][T11843] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  730.816219][ T6476] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  731.531631][T10904] EXT4-fs (loop1): unmounting filesystem.
[  731.564237][ T6476] usb 10-1: Using ep0 maxpacket: 32
[  731.571364][ T6476] usb 10-1: config 2 has an invalid interface number: 88 but max is 0
[  732.898881][ T6476] usb 10-1: config 2 has no interface number 0
[  732.967842][ T6476] usb 10-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  733.043301][ T6476] usb 10-1: config 2 interface 88 has no altsetting 0
[  733.105363][ T6476] usb 10-1: string descriptor 0 read error: -71
[  733.111718][ T6476] usb 10-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  733.222593][ T6476] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.265593][ T6476] usb 10-1: can't set config #2, error -71
[  733.284862][ T6476] usb 10-1: USB disconnect, device number 5
[  735.368286][T11877] "syz.9.1671" (11877) uses obsolete ecb(arc4) skcipher
[  735.399866][ T4277] Bluetooth: hci0: command 0x0406 tx timeout
[  736.551128][T11890] fuse: Unknown parameter 'group_id00000000000000000000'
[  740.969445][T11910] loop1: detected capacity change from 0 to 1024
[  741.096854][T11910] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  741.105562][T11910] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  741.562310][T11917] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: comm syz.1.1679: lblock 0 mapped to illegal pblock 0 (length 6)
[  741.641530][T11917] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[  741.655295][T11917] EXT4-fs (loop1): This should not happen!! Data will be lost
[  741.655295][T11917] 
[  741.684180][   T26] audit: type=1326 audit(1770023389.720:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11915 comm="syz.2.1665" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7eff18b9aeb9 code=0x0
[  742.360162][T11924] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  742.437468][T11924] kvm: pic: non byte read
[  742.448263][T11924] kvm: pic: level sensitive irq not supported
[  742.448402][T11924] kvm: pic: non byte read
[  742.485145][T11924] kvm: pic: level sensitive irq not supported
[  742.485446][T11924] kvm: pic: non byte read
[  742.571253][T11932] loop7: detected capacity change from 0 to 512
[  742.689354][T11932] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -13
[  742.719580][T11932] EXT4-fs error (device loop7): ext4_clear_blocks:883: inode #13: comm syz.7.1677: attempt to clear invalid blocks 2 len 1
[  742.729491][   T75] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:4: lblock 8 mapped to illegal pblock 8 (length 8)
[  742.747768][T11932] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  742.780206][T11932] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.1677: invalid indirect mapped block 1819239214 (level 0)
[  742.808653][T11932] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.1677: invalid indirect mapped block 1819239214 (level 1)
[  742.817754][   T75] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  742.837351][   T75] EXT4-fs (loop1): This should not happen!! Data will be lost
[  742.837351][   T75] 
[  742.859767][T10904] EXT4-fs (loop1): unmounting filesystem.
[  742.880999][T11932] EXT4-fs (loop7): 1 truncate cleaned up
[  742.903350][T11932] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  745.551922][T11948] "syz.1.1682" (11948) uses obsolete ecb(arc4) skcipher
[  745.571966][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  746.120589][T11958] fuse: Bad value for 'user_id'
[  747.411232][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  747.417543][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  747.853722][T11973] loop7: detected capacity change from 0 to 512
[  750.252143][T11973] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  750.281441][T11973] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  750.477069][T11983] loop8: detected capacity change from 0 to 16
[  750.484442][T11983] erofs: (device loop8): mounted with root inode @ nid 36.
[  750.492849][T11983] erofs: (device loop8): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  750.503967][T11983] erofs: (device loop8): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  750.515840][T11983] erofs: (device loop8): z_erofs_read_folio: failed to read, err [-117]
[  751.125493][   T26] audit: type=1326 audit(1770023399.160:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11972 comm="syz.7.1691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b6279aeb9 code=0x7ffc0000
[  751.192980][   T26] audit: type=1326 audit(1770023399.160:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11972 comm="syz.7.1691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b6279aeb9 code=0x7ffc0000
[  751.620740][T11994] "syz.8.1695" (11994) uses obsolete ecb(arc4) skcipher
[  752.325647][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  752.879122][T12007] loop1: detected capacity change from 0 to 512
[  752.897006][T12008] printk: syz.7.1696 (12008): Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated).
[  753.347551][T12007] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  753.415272][T12007] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.1694: attempt to clear invalid blocks 2 len 1
[  753.557006][T12022] binder: 12020:12022 ioctl 4018620d 0 returned -22
[  753.610709][T12007] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  753.646154][T12022] binder: 12020:12022 ioctl c0306201 200000000240 returned -11
[  753.688781][T12007] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1694: invalid indirect mapped block 1819239214 (level 0)
[  753.730546][T12007] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1694: invalid indirect mapped block 1819239214 (level 1)
[  753.842957][T12025] fuse: Bad value for 'user_id'
[  753.877402][T12007] EXT4-fs (loop1): 1 truncate cleaned up
[  753.883121][T12007] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  757.065069][T12038] loop2: detected capacity change from 0 to 1024
[  757.122408][T10904] EXT4-fs (loop1): unmounting filesystem.
[  757.359610][ T6300] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  757.389435][T12043] loop1: detected capacity change from 0 to 2048
[  757.444514][ T6300] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  757.486874][T12043] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  757.916851][T12052] "syz.2.1707" (12052) uses obsolete ecb(arc4) skcipher
[  758.533530][T12047] fido_id[12047]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  761.179862][T12071] binder: 12070:12071 ioctl 4018620d 0 returned -22
[  761.219275][T12071] binder: 12070:12071 ioctl c0306201 200000000240 returned -11
[  761.277200][T12073] 9pnet_fd: Insufficient options for proto=fd
[  765.768661][T12103] "syz.8.1719" (12103) uses obsolete ecb(arc4) skcipher
[  767.641213][T12120] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1722'.
[  769.207640][T12130] loop7: detected capacity change from 0 to 1024
[  770.487214][T12136] binder: 12135:12136 ioctl c0306201 0 returned -14
[  770.538382][T12136] binder: 12135:12136 ioctl c0306201 200000000240 returned -11
[  770.840120][T12142] loop1: detected capacity change from 0 to 512
[  770.939485][T12142] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  770.962762][T12142] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.1716: attempt to clear invalid blocks 2 len 1
[  771.105023][T12142] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  771.140042][T12142] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1716: invalid indirect mapped block 1819239214 (level 0)
[  771.210165][T12142] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1716: invalid indirect mapped block 1819239214 (level 1)
[  771.274650][T12142] EXT4-fs (loop1): 1 truncate cleaned up
[  771.280853][T12142] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  773.658259][T10904] EXT4-fs (loop1): unmounting filesystem.
[  774.039972][T12172] "syz.2.1731" (12172) uses obsolete ecb(arc4) skcipher
[  775.721507][T12181] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  777.007110][T12181] kvm: pic: non byte read
[  777.011968][T12181] kvm: pic: level sensitive irq not supported
[  777.012030][T12181] kvm: pic: non byte read
[  777.030263][T12181] kvm: pic: level sensitive irq not supported
[  777.030337][T12181] kvm: pic: non byte read
[  782.589988][T12235] "syz.7.1743" (12235) uses obsolete ecb(arc4) skcipher
[  786.803857][T12225] binder: 12224:12225 ioctl c0306201 0 returned -14
[  790.334397][T12266] capability: warning: `syz.1.1754' uses 32-bit capabilities (legacy support in use)
[  790.375795][T12266] kernel profiling enabled (shift: 9)
[  790.678844][T12272] loop1: detected capacity change from 0 to 1024
[  792.355508][T12288] loop2: detected capacity change from 0 to 1024
[  792.774893][T12288] EXT4-fs: inline encryption not supported
[  792.793668][T12288] EXT4-fs: Ignoring removed oldalloc option
[  792.824297][T12288] EXT4-fs: Ignoring removed mblk_io_submit option
[  792.883018][T12288] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  793.038602][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  794.580383][T12307] fuse: Unknown parameter 'user_id00000000000000000000'
[  797.722121][T12323] loop7: detected capacity change from 0 to 512
[  797.869985][T12323] EXT4-fs error (device loop7): ext4_xattr_inode_iget:401: comm syz.7.1757: inode #1: comm syz.7.1757: iget: illegal inode #
[  797.904300][T12323] EXT4-fs error (device loop7): ext4_xattr_inode_iget:406: comm syz.7.1757: error while reading EA inode 1 err=-117
[  797.944606][T12323] EXT4-fs error (device loop7): ext4_xattr_inode_iget:401: comm syz.7.1757: inode #1: comm syz.7.1757: iget: illegal inode #
[  797.985924][T12323] EXT4-fs error (device loop7): ext4_xattr_inode_iget:406: comm syz.7.1757: error while reading EA inode 1 err=-117
[  798.044788][T12323] EXT4-fs (loop7): 1 orphan inode deleted
[  798.050589][T12323] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  798.154409][T12323] EXT4-fs error (device loop7): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.7.1757: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  798.334052][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  798.445512][T12334] loop8: detected capacity change from 0 to 1024
[  799.865423][T12344] loop9: detected capacity change from 0 to 16
[  799.880137][T12344] erofs: (device loop9): mounted with root inode @ nid 36.
[  799.888776][T12344] erofs: (device loop9): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  799.899884][T12344] erofs: (device loop9): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  799.910969][T12344] erofs: (device loop9): z_erofs_read_folio: failed to read, err [-117]
[  802.707962][ T5271] hfsplus: b-tree write err: -5, ino 4
[  807.213559][T12388] loop7: detected capacity change from 0 to 16
[  807.220094][T12389] loop2: detected capacity change from 0 to 512
[  807.229491][T12388] erofs: (device loop7): mounted with root inode @ nid 36.
[  807.238081][T12388] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  807.249317][T12388] erofs: (device loop7): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  807.260449][T12388] erofs: (device loop7): z_erofs_read_folio: failed to read, err [-117]
[  807.375014][T12389] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1777: inode has both inline data and extents flags
[  807.491612][T12389] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1777: couldn't read orphan inode 15 (err -117)
[  807.578926][T12389] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  807.897884][ T4269] EXT4-fs (loop2): unmounting filesystem.
[  808.408505][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  808.418375][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  809.345196][T12410] loop2: detected capacity change from 0 to 512
[  809.416235][T12410] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  809.850646][T12410] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  809.874257][T12410] System zones: 1-12
[  809.898732][T12410] EXT4-fs error (device loop2): ext4_iget_extra_inode:4756: inode #15: comm syz.2.1782: corrupted in-inode xattr
[  809.912639][T12421] loop7: detected capacity change from 0 to 1024
[  810.019542][T12410] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1782: couldn't read orphan inode 15 (err -117)
[  810.037482][T12410] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  810.061793][T12410] EXT4-fs (loop2): unmounting filesystem.
[  815.731646][T12464] loop1: detected capacity change from 0 to 1024
[  815.900943][T12467] loop8: detected capacity change from 0 to 128
[  816.090974][T12467] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  816.172629][T12467] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  817.839872][T12487] loop9: detected capacity change from 0 to 512
[  817.849331][T12485] 9pnet_fd: Insufficient options for proto=fd
[  818.075461][T12487] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  818.142484][T12487] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  818.241636][T12487] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.1801: bg 0: block 275: padding at end of block bitmap is not set
[  818.348272][T12487] Quota error (device loop9): write_blk: dquota write failed
[  818.375107][T12487] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[  818.415023][T12487] Quota error (device loop9): qtree_write_dquot: Error -28 occurred while creating quota
[  818.450802][T12500] loop2: detected capacity change from 0 to 256
[  818.463789][T12487] EXT4-fs error (device loop9): ext4_acquire_dquot:6835: comm syz.9.1801: Failed to acquire dquot type 1
[  818.502014][T12500] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe65d9f0a, utbl_chksum : 0x7319d30d)
[  818.636648][T12506] loop7: detected capacity change from 0 to 128
[  818.718253][ T9040] EXT4-fs (loop9): unmounting filesystem.
[  818.745276][T12506] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  818.864332][T12506] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  819.426875][T12512] xt_socket: unknown flags 0x4c
[  820.556941][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  821.268600][T12543] loop7: detected capacity change from 0 to 512
[  821.439081][T12543] EXT4-fs: Ignoring removed i_version option
[  821.517943][T12543] EXT4-fs: Ignoring removed bh option
[  821.794594][T12543] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  821.808487][T12543] ext4 filesystem being mounted at /166/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  822.602213][T12543] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1812'.
[  822.675783][T12543] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1812'.
[  824.083856][ T8278] EXT4-fs (loop7): unmounting filesystem.
[  825.607362][T12582] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  825.658428][T12582] kvm: pic: non byte read
[  825.663087][T12582] kvm: pic: level sensitive irq not supported
[  825.663146][T12582] kvm: pic: non byte read
[  826.898344][T12582] kvm: pic: level sensitive irq not supported
[  826.898413][T12582] kvm: pic: non byte read
[  827.383120][T12600] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1826'.
[  836.007069][T12655] loop1: detected capacity change from 0 to 1024
[  836.014971][T12655] EXT4-fs: inline encryption not supported
[  836.021146][T12655] EXT4-fs: Ignoring removed nobh option
[  836.027266][T12655] EXT4-fs: Ignoring removed bh option
[  836.047188][T12655] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  836.143887][T12655] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  837.029738][T10904] EXT4-fs (loop1): unmounting filesystem.
[  838.753168][T12676] loop1: detected capacity change from 0 to 16
[  838.805410][T12676] erofs: (device loop1): mounted with root inode @ nid 36.
[  838.895510][T12676] erofs: (device loop1): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  838.910317][T12676] erofs: (device loop1): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[  838.923219][T12676] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  842.874799][T12724] "syz.2.1842" (12724) uses obsolete ecb(arc4) skcipher
[  849.849948][T12750] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  850.784916][T12765] "syz.8.1858" (12765) uses obsolete ecb(arc4) skcipher
[  852.466758][T12794] loop8: detected capacity change from 0 to 1024
[  857.257330][T12813] loop8: detected capacity change from 0 to 2048
[  857.563865][T12819] "syz.9.1869" (12819) uses obsolete ecb(arc4) skcipher
[  862.806474][T12849] loop2: detected capacity change from 0 to 256
[  863.087894][T12852] loop9: detected capacity change from 0 to 256
[  864.944880][T12865] "syz.9.1880" (12865) uses obsolete ecb(arc4) skcipher
[  972.854034][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  972.861056][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P12887/1:b..l
[  972.869824][    C0] 	(detected by 0, t=10502 jiffies, g=60305, q=160 ncpus=2)
[  972.877144][    C0] task:rm              state:R  running task     stack:24336 pid:12887 ppid:12850  flags:0x00004002
[  972.889320][    C0] Call Trace:
[  972.892635][    C0]  <TASK>
[  972.895601][    C0]  __schedule+0x11d1/0x40e0
[  972.900134][    C0]  ? do_syscall_64+0x4c/0xa0
[  972.904769][    C0]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  972.910781][    C0]  ? __sched_text_start+0x8/0x8
[  972.915658][    C0]  ? lock_chain_count+0x20/0x20
[  972.920543][    C0]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  972.926573][    C0]  ? preempt_schedule_irq+0xb0/0x160
[  972.931888][    C0]  preempt_schedule_irq+0xbb/0x160
[  972.937030][    C0]  ? preempt_schedule_notrace+0x120/0x120
[  972.942791][    C0]  ? rcu_is_watching+0x11/0xa0
[  972.947597][    C0]  ? rcu_irq_exit_check_preempt+0xdb/0x210
[  972.953447][    C0]  irqentry_exit+0x63/0x70
[  972.957886][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  972.963892][    C0] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x4/0x80
[  972.970691][    C0] Code: 77 22 89 ff 89 f6 49 ff c0 4c 89 01 48 c7 44 11 08 03 00 00 00 48 89 7c 11 10 48 89 74 11 18 48 89 44 11 20 c3 90 48 8b 04 24 <65> 48 8b 15 64 f9 7f 7e 65 8b 0d 65 f9 7f 7e 81 e1 00 01 ff 00 74
[  972.990375][    C0] RSP: 0018:ffffc9000c7af5f8 EFLAGS: 00000202
[  972.996484][    C0] RAX: ffffffff8a19dde3 RBX: 00007f0119c34fff RCX: ffff88802aa5d940
[  973.004482][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000003
[  973.012469][    C0] RBP: ffffc9000c7af7b0 R08: ffff88802aa5d940 R09: 0000000000000004
[  973.020467][    C0] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[  973.028463][    C0] R13: 0000000000000001 R14: 0000000000000008 R15: ffff888067b1f400
[  973.036477][    C0]  ? mt_validate+0x2b53/0x4cb0
[  973.041277][    C0]  mt_validate+0x2b53/0x4cb0
[  973.045905][    C0]  ? mt_validate+0x110/0x4cb0
[  973.050610][    C0]  ? mt_cache_shrink+0x20/0x20
[  973.055410][    C0]  ? mas_destroy+0x25be/0x2d90
[  973.060222][    C0]  validate_mm_mt+0xe2/0x440
[  973.064853][    C0]  ? mas_store_prealloc+0x440/0x440
[  973.070076][    C0]  ? __split_vma+0x500/0x500
[  973.074712][    C0]  validate_mm+0xe1/0x2e0
[  973.079070][    C0]  ? vma_expand+0x880/0x880
[  973.083604][    C0]  ? up_write+0x1bb/0x420
[  973.087973][    C0]  __vma_adjust+0x1855/0x1cd0
[  973.092698][    C0]  ? validate_mm+0x2e0/0x2e0
[  973.097344][    C0]  ? up_write+0x1bb/0x420
[  973.101732][    C0]  __split_vma+0x3a7/0x500
[  973.106185][    C0]  mprotect_fixup+0x5b1/0x800
[  973.110903][    C0]  ? change_protection+0x3830/0x3830
[  973.116233][    C0]  ? common_file_perm+0x171/0x1c0
[  973.121291][    C0]  ? bpf_lsm_file_mprotect+0x5/0x10
[  973.126522][    C0]  ? security_file_mprotect+0x7e/0xb0
[  973.131921][    C0]  do_mprotect_pkey+0x7fe/0xba0
[  973.136817][    C0]  ? prot_none_test+0x10/0x10
[  973.141538][    C0]  ? __up_read+0x2b2/0x6b0
[  973.145991][    C0]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  973.152028][    C0]  __x64_sys_mprotect+0x7c/0x90
[  973.156913][    C0]  do_syscall_64+0x4c/0xa0
[  973.161356][    C0]  ? clear_bhb_loop+0x60/0xb0
[  973.166057][    C0]  ? clear_bhb_loop+0x60/0xb0
[  973.170761][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  973.176677][    C0] RIP: 0033:0x7f0119efc2c7
[  973.181123][    C0] RSP: 002b:00007ffe28b55128 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  973.189560][    C0] RAX: ffffffffffffffda RBX: 00007f0119ed8b20 RCX: 00007f0119efc2c7
[  973.197555][    C0] RDX: 0000000000000001 RSI: 0000000000001000 RDI: 00007f0119c34000
[  973.205546][    C0] RBP: 00007ffe28b553f0 R08: 0000000000000000 R09: 00007f0119c6e2e0
[  973.213536][    C0] R10: 00007f0119ed8b20 R11: 0000000000000206 R12: 0000000000000018
[  973.221529][    C0] R13: 000001be590c467e R14: 0000000000000000 R15: 00007f0119f10310
[  973.229532][    C0]  </TASK>
[  973.232579][    C0] rcu: rcu_preempt kthread starved for 10516 jiffies! g60305 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  973.243803][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  973.253794][    C0] rcu: RCU grace-period kthread stack dump:
[  973.259704][    C0] task:rcu_preempt     state:R  running task     stack:27184 pid:16    ppid:2      flags:0x00004000
[  973.270513][    C0] Call Trace:
[  973.273819][    C0]  <TASK>
[  973.276778][    C0]  __schedule+0x11d1/0x40e0
[  973.281328][    C0]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  973.287260][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  973.293188][    C0]  ? __sched_text_start+0x8/0x8
[  973.298073][    C0]  ? __mod_timer+0x91e/0xd00
[  973.302716][    C0]  schedule+0xb9/0x180
[  973.306825][    C0]  schedule_timeout+0x184/0x2d0
[  973.311706][    C0]  ? console_conditional_schedule+0x40/0x40
[  973.317634][    C0]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  973.323551][    C0]  ? update_process_times+0x1b0/0x1b0
[  973.328962][    C0]  ? prepare_to_swait_event+0x335/0x350
[  973.334559][    C0]  rcu_gp_fqs_loop+0x303/0x1340
[  973.339445][    C0]  ? rcu_gp_kthread+0x3b0/0x3b0
[  973.344319][    C0]  ? dyntick_save_progress_counter+0x2b0/0x2b0
[  973.350503][    C0]  ? rcu_gp_init+0x14e0/0x14e0
[  973.355291][    C0]  ? rcu_gp_cleanup+0xb41/0xc90
[  973.360170][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  973.365397][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  973.370629][    C0]  rcu_gp_kthread+0x99/0x3b0
[  973.375252][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  973.380389][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  973.386306][    C0]  ? __kthread_parkme+0x162/0x1c0
[  973.391365][    C0]  kthread+0x29d/0x330
[  973.395469][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  973.400606][    C0]  ? kthread_blkcg+0xd0/0xd0
[  973.405234][    C0]  ret_from_fork+0x1f/0x30
[  973.409692][    C0]  </TASK>
[  973.412734][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  973.419077][    C0] Sending NMI from CPU 0 to CPUs 1:
[  973.424339][    C1] NMI backtrace for cpu 1
[  973.424366][    C1] CPU: 1 PID: 12892 Comm: syz.9.1884 Not tainted syzkaller #0
[  973.424383][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  973.424394][    C1] RIP: 0010:kasan_check_range+0x1b0/0x290
[  973.424423][    C1] Code: f3 4d 01 f3 49 89 df 49 8d 5f 07 4d 85 ff 49 0f 49 df 48 83 e3 f8 49 29 df 74 0e 41 80 3b 00 75 69 49 ff c3 49 ff cf 75 f2 5b <41> 5c 41 5e 41 5f 5d c3 45 84 ff 0f 85 91 00 00 00 41 f7 c7 00 ff
[  973.424438][    C1] RSP: 0018:ffffc9000c8a7658 EFLAGS: 00000056
[  973.424453][    C1] RAX: 0000000000000001 RBX: ffff88806578bb80 RCX: ffffffff8164fb44
[  973.424466][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90af3270
[  973.424477][    C1] RBP: 0000000000000003 R08: ffffffff90af3277 R09: 1ffffffff215e64e
[  973.424489][    C1] R10: dffffc0000000000 R11: fffffbfff215e64f R12: dffffc0000000001
[  973.424502][    C1] R13: dffffc0000000000 R14: 1ffffffff215e64e R15: 0000000000000001
[  973.424514][    C1] FS:  00007f424af796c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  973.424530][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  973.424542][    C1] CR2: 000020000006b000 CR3: 000000007d708000 CR4: 00000000003506e0
[  973.424557][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  973.424567][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  973.424578][    C1] Call Trace:
[  973.424584][    C1]  <TASK>
[  973.424590][    C1]  mark_lock+0x94/0x320
[  973.424616][    C1]  __lock_acquire+0xcc1/0x7d10
[  973.424649][    C1]  ? ktime_get+0x7b/0x270
[  973.424669][    C1]  ? verify_lock_unused+0x140/0x140
[  973.424696][    C1]  ? ktime_get+0x7b/0x270
[  973.424715][    C1]  ? seqcount_lockdep_reader_access+0x177/0x1d0
[  973.424736][    C1]  ? ktime_get_real_ts64+0x440/0x440
[  973.424760][    C1]  lock_acquire+0x1bb/0x4a0
[  973.424783][    C1]  ? __might_fault+0xa6/0x120
[  973.424803][    C1]  ? __might_sleep+0xd0/0xd0
[  973.424819][    C1]  ? read_lock_is_recursive+0x10/0x10
[  973.424845][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  973.424870][    C1]  ? __might_fault+0xa6/0x120
[  973.424886][    C1]  __might_fault+0xc2/0x120
[  973.424902][    C1]  ? __might_fault+0xa6/0x120
[  973.424919][    C1]  copy_fpstate_to_sigframe+0x1bc/0xd50
[  973.424938][    C1]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  973.424958][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  973.424989][    C1]  ? fpregs_set+0x5f0/0x5f0
[  973.425012][    C1]  ? _raw_spin_unlock_irq+0x25/0x40
[  973.425028][    C1]  ? _raw_spin_unlock_irq+0x2a/0x40
[  973.425045][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  973.425071][    C1]  ? lock_chain_count+0x20/0x20
[  973.425095][    C1]  ? arch_do_signal_or_restart+0x23e/0x1350
[  973.425116][    C1]  ? fpu__alloc_mathframe+0xa3/0x120
[  973.425134][    C1]  arch_do_signal_or_restart+0x69f/0x1350
[  973.425158][    C1]  ? __ia32_sys_rt_sigreturn+0x619/0x760
[  973.425182][    C1]  ? load_gs_index+0x130/0x130
[  973.425202][    C1]  ? get_sigframe_size+0x10/0x10
[  973.425232][    C1]  ? exit_to_user_mode_loop+0x3b/0x110
[  973.425258][    C1]  exit_to_user_mode_loop+0x70/0x110
[  973.425284][    C1]  exit_to_user_mode_prepare+0xee/0x180
[  973.425309][    C1]  syscall_exit_to_user_mode+0x16/0x40
[  973.425326][    C1]  do_syscall_64+0x58/0xa0
[  973.425347][    C1]  ? clear_bhb_loop+0x60/0xb0
[  973.425365][    C1]  ? clear_bhb_loop+0x60/0xb0
[  973.425385][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  973.425404][    C1] RIP: 0033:0x7f424a19aeb7
[  973.425418][    C1] Code: 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89
[  973.425432][    C1] RSP: 002b:00007f424af790e8 EFLAGS: 00000246
[  973.425446][    C1] RAX: 00000000000000ca RBX: 00007f424a415fa8 RCX: 00007f424a19aeb9
[  973.425457][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f424a415fa8
[  973.425468][    C1] RBP: 00007f424a415fa0 R08: 0000000000000000 R09: 0000000000000000
[  973.425479][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  973.425500][    C1] R13: 00007f424a416038 R14: 00007ffdacb1fa90 R15: 00007ffdacb1fb78
[  973.425518][    C1]  </TASK>