last executing test programs:

8m5.506133489s ago: executing program 1 (id=56):
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000000300)=[{0x0}, {0x0}, {&(0x7f00000005c0)="f2", 0x1}], 0x3}}, {{&(0x7f0000000600)=@can, 0x80, &(0x7f0000000680)=[{&(0x7f0000000980)="d542f6300b61ca7913e7cd7b4036afcfddb3c77fc63db30ef223f1cc4fcdcbb56655be4873ea15e1a9d348fadc935180e702560acae65d42d95f6ddcae59879a1ce7e78eb197a0c8231a504b2614ac6dfd9a5760fe75ba4204694d382eb51806597cde99cedde3f0edd8bd3fce154f", 0x6f}, {0x0}, {&(0x7f0000000580)="49a6cc7e52cf0644e1fb10e13cb6893bd19afc65f2af20dd1746a881eb4dabcaf163ce54133d2499c296320937b805f1880adf0cb1507df75aaf", 0x3a}, {&(0x7f0000000a80)="190e431aa3b287c28be2f5404c8034cc87b917c381ccff6f8d431e872be3df64fee6c95001ceff12f2e942df6a8738cd4ad9ef7ad532fd0c824bf8d36d616e99807b3be837b3145efe65f7c6b66b9813e122d9be7799ebf0160d4bd329ac230e639a58a6538ec01e2de41722469556b03344f32eac19", 0x76}], 0x4, &(0x7f0000000b40)=[@timestamping={{0x14, 0x1, 0x25, 0x2d}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0xc}}], 0x60}}, {{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000bc0)="e7bc2f4799fe560c31cf5a20a1b22fb77ce7f19e605b6a8d2645af02e63f9a9d7ba31907ccc0f4aa71ec0762b3a8e3332fe3603b4624ac6a578ccd9a27b381a8dad12b3e3de940a99238945935184cd93dd174b70ecb9c3c99d2df9dd0cbef6a9e230f7dd8367384f034a7a011388990e94cd43e9f80ec3358dc596926960604b9f051", 0x83}, {&(0x7f0000000c80)="6c3e28dcd5c7eb9bc39a4bbc398357f3ad842b38a95863911bbd6e6afd9641d356257181e43b6e60349f69ec5f529734f76708a6c5eccb57005c1a513d8030d12c", 0x41}, {&(0x7f0000000d00)="dc6e94ac2db166801ffce85f6f44f2cb071c6b5113bc6bbf2f503d468253693a01102fcb8157c6e8a2b5620efa5d22400147cce896821150f95c0c69fa587a1f99fcb28cfeb09f45cb836f0ff891be10bb209dc04adc202ef866f27b74faa5ad3a2e5d40ebd6785c4e4a97ac13238c746d1109d12af5446c4e84591f121a494251e43bed18f6269bdd2e56f9c211dd7145f664286911b8bb3acf76a1b5ece94183a6c8cc47f2e1dd4e91dc10be8732e92e8620fa060fb15016c2dc9b6da18325e778660d499aec6215b0f9f679fa76d22cdd4ae3776203e2054240594f1c9b77ad77cf3f5631012fa0788c5b17f98cc34720b0", 0xf3}, {&(0x7f0000000fc0)="c6eae69212ba50dd664af774c32d34273a3baad9692140de74d9294c555a8c2e0d53acea79b788b5eb1a12ada17eda2b2fb96c439ce16e6266afda6613fd7c90be9a9dfcd1b099fe6b023b725241a6e1048c700e7a939bd3a38f1101213b81c252dd8c44b7e647940438343d0d082507d218a952e6d77ec0918968c74f220c981a3797fb6cadfd6723a75c5c4da33e830ecf602c55bc60831ddd694f15728f4d1eacad82a03540713f52f9485138574e5b6aec693c2c613e442d5306c2", 0xbd}, {&(0x7f00000010c0)="978d1129fddf5e2f1be8be48f935ef4f71893a57f79be3e44522d3987ccee23f4e717d8c8e14573937040fb658a24f1c9e0c7f98a24fa1209a6ea754e1244234c715713d120b6929614443fd6b4223bc04c3a8c9241ccbb6a8b0bb19fe4eedae48642a74e97588dc36bf06a4c1fb17b47b39240a6a8e9b5daa97e63d777e665841a349c52022252eafc1c129e154ab390624dd7fb8ac1e44c203140d6aab524f61cd8642ee0f380ebb21dc9267a8fbefa6eec89ff97e7800f44f89b17d43206217941c34067892c05465382550a1da2519", 0xd1}, {&(0x7f0000000800)="b56380b7487ff3b0cd079ed795bdeeb3ad75fe878a", 0x15}, {&(0x7f00000011c0)}, {&(0x7f0000001200)}, {&(0x7f0000001300)="ceff7472ad7240514c6f826361e8daefdb50fe704622e5641d1b096ad682a5682aa51b6eea91858d93228379d70f8489a6de471b8361073ce93c3bf35183529235eed04037cb6851e51dec4562fe30f99bd5de546427fecd0aa008bcbb2983ce2cfff078d49f7ecf297f85da5c094c0e7f07b12ec543a068bd2d654348f0e303f208c9190f58b7a9e0e1d2ba846bc248a3ec1530f702a9bd45a1d7bec2b2ccf08c24fec06bd18667119d193444ed6c60c641f54a3826524167885f2542b1bef1198ab8", 0xc3}], 0x9, &(0x7f00000014c0)}}], 0x3, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f80)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x80000000, @empty, 0x7}, 0x1c, &(0x7f0000000f00)=[{&(0x7f0000000880)="562f2edb8e8c8229195820c788783ff270fb0f06936fe49376e5519e3fa8f998387d7011fc5d8c9f5fc8e0e1663c9f6919128a8941ae935aaba3f683642630f5a74535b0e1f886ea2807f04d3a68ff4285f2bf581674a033cb5ecf8c756e8df3968c959df5326ed67c09d8b72eceeb87023f6188e15cb258cd8c85be3eddaac311ee4cb17a08ef47157753606ce7996162ea4b18214763730e2b944b468575927829842ee7f6f8a3603a7a522025c55284c9ca0ab899626f86c9336ead2278445733db5e643e10fa93339be48ff1592bc6bcf2b68b4536951c600a0e6d1b5d5b0cdbdf85122560b431", 0xe9}, {&(0x7f0000000540)}, {&(0x7f00000006c0)="58b327f21946add0e0c31b173119ac7b4ceda64bbfbc8159462a8686f4303aeee1d7c9b54c4bd660fe192582950eb09a8bae632fb4e7313e3828773c09fec9b010373ca7be0ccc91233fffcfe03f287a50f2b4a970278097aed06e61a0f2da47b0bd02fcb45bf35e78c15cc4c5d6d163a6eaf921d8afc7d8376e847f403535371a24ce2a19c3898aca95be", 0x8b}, {0x0}, {0x0}, {0x0}], 0x6}}], 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0x3, 0xf1, 0x5, 0xfa, 0xd4, 0x6, 0x0, 0x4, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0xb, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0xffff1000, 0x9000, 0xb, 0x1, 0x2, 0x7, 0x4, 0x4, 0x81, 0x0, 0x6, 0x5}, {0xeeee8000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0xf3, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x9, 0x3, 0x9, 0xd, 0x6, 0x5, 0x9, 0xc, 0x4b}, {0x6000, 0x0, 0x4, 0x4, 0x3, 0x7d, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x8000000, 0x4000, 0x0, 0x9d, 0x3, 0x0, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x7, 0x3, 0xa, 0x9, 0x54, 0x1, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40030000, 0x0, 0x80a0000, 0x300, 0x1, 0xa901, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

8m5.105967058s ago: executing program 1 (id=59):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r5)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r6 = socket$kcm(0x11, 0x3, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000009b40)=@newtfilter={0xe8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x1, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xe58, 0x2, [@TCA_MATCHALL_ACT={0xe54, 0x2, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x2, 0x9, 0x4, 0x6}, 0x1, 0xfb}, [{0x2, 0x9c, 0x81, 0x6, 0x2, 0x7}, {0x1, 0x6, 0x4, 0x3, 0xfffffffd, 0x81}, {0x1, 0x80000001, 0x8, 0x101, 0x3}, {0x3, 0x9, 0x0, 0x7, 0x5, 0x4}, {0xf, 0x7, 0x9, 0x51, 0x8}, {0x3, 0x4, 0xc, 0x101, 0x3, 0x84b5}, {0x9c, 0x4, 0x9, 0x2, 0x487, 0x8}, {0x1, 0x10000, 0x5, 0x4, 0x3, 0x8000}, {0x7, 0x9, 0x1ff, 0x8, 0x2, 0x7fff}, {0x439356e7, 0x609, 0x16, 0x0, 0x10000, 0x6}, {0x5, 0x3, 0x8, 0x3, 0x0, 0xffffffff}, {0x5, 0x0, 0x7, 0x7, 0x8, 0x5}, {0x5, 0x8, 0x9, 0x5, 0xfffff000, 0x7}, {0x768d, 0xcd, 0x8, 0x7, 0x5, 0x9}, {0x1, 0xfffffffb, 0x6, 0x5, 0x7ff, 0x6}, {0xfffffffb, 0x3, 0xfffffffe, 0x6, 0x2}, {0xfffff9fd, 0x9, 0xa5f, 0xa, 0x5, 0x2}, {0xffff997c, 0x9, 0x167, 0x2, 0x71, 0xa2}, {0x5, 0x2, 0xc, 0x8, 0x9, 0x60}, {0x5, 0xa, 0x2, 0x4, 0x3, 0x2000}, {0x32d, 0x8, 0x7fff, 0x4, 0x8, 0x9}, {0x8, 0x200, 0x58fe, 0x7ff, 0x4, 0x3}, {0x101, 0xd, 0x101, 0x1, 0x3, 0x8}, {0x0, 0x3, 0x1ff, 0x7437ec78, 0x2, 0x9}, {0xffffffff, 0x1, 0x9, 0x0, 0x1, 0x4}, {0xc, 0xe, 0x0, 0x3, 0x8, 0x81}, {0x3, 0x3, 0x6, 0xe, 0x0, 0x80}, {0xd, 0x0, 0x7ff, 0x0, 0x80000000, 0x2}, {0x4, 0xb, 0x6c5f1878, 0x57c4, 0x8, 0x25ff}, {0x4, 0xd, 0x1fadd976, 0x3071, 0x0, 0x1}, {0x5, 0x800, 0x3, 0x3, 0x3, 0x9}, {0x9, 0x1ff, 0x81, 0x9c, 0x1, 0x5}, {0x9, 0xd76, 0x6, 0xdc2, 0xa16a, 0x2}, {0x1ff, 0x5, 0x7, 0x2, 0x2, 0x1}, {0x1, 0x32158140, 0x0, 0x8, 0x6, 0x7}, {0xe, 0x4, 0x9000, 0x5, 0x2, 0x7f}, {0x3, 0x2ec74d53, 0x0, 0x0, 0x8, 0x2}, {0x5, 0xfff, 0xffffff13, 0x6, 0x2, 0x6}, {0x1, 0x6, 0x3, 0x4, 0xffb, 0x9}, {0x6, 0x6, 0x1ff, 0x8, 0x7ff, 0x8001}, {0x4, 0xffffffff, 0x0, 0xfffff740, 0x4, 0x4}, {0xffff, 0x5, 0x7, 0xac, 0xf}, {0x5, 0x3, 0x6, 0x1000, 0xd8fe, 0x8001}, {0xd, 0x3, 0x80000000, 0x0, 0xffffff81, 0x7ff}, {0xfffffffb, 0x2, 0x1ff, 0xf9, 0xffff8001}, {0x0, 0x6, 0x8000, 0x9, 0x500, 0x7}, {0x1, 0xffffffff, 0x834, 0x7, 0x0, 0x3}, {0x7fff, 0x6, 0x0, 0x2, 0x2, 0x8}, {0xf61, 0x101, 0x9, 0x2, 0x80000000, 0x7fff}, {0xc7, 0x1, 0xad, 0x2, 0xffff, 0x20000000}, {0x0, 0x5, 0x1, 0xffff, 0x3, 0x3}, {0x8, 0x10001, 0x9f98, 0x1, 0x8, 0x66a}, {0xfff, 0x6, 0x8, 0x80000001, 0x0, 0x7f}, {0x8, 0x6, 0x7f, 0x5, 0x3, 0xb}, {0x4, 0x4b, 0x0, 0x1, 0x7f, 0x7fffffff}, {0xfff, 0x47e4, 0x1, 0x0, 0x80000001, 0x9}, {0x3, 0x9, 0x7, 0x6, 0x3e6b7592, 0xe5}, {0x9, 0x9, 0x1, 0x9, 0x0, 0x2}, {0x8, 0x80000001, 0x7fff, 0xb2d9, 0xfffffffe, 0x8}, {0x80000001, 0x9, 0x5202, 0x2, 0x53ce, 0x3}, {0xffffff81, 0x7, 0x8, 0x8, 0x7f, 0x80000000}, {0xfffffff9, 0x9, 0x6, 0x6, 0x9, 0x3}, {0xfffffffd, 0x8, 0x6, 0x5, 0x3, 0x8f}, {0x741, 0x0, 0x9, 0x7fffffff, 0x2, 0x200}, {0x401, 0x2, 0x8, 0x6, 0x4, 0xc6e9}, {0x1, 0x2d73, 0x3ff, 0x5, 0x9f17, 0xffffff7f}, {0x2, 0x401, 0x2b00, 0xfffff57b, 0xfffffc00, 0xd}, {0x3, 0x4, 0xc52b, 0x9, 0x5, 0xff}, {0x0, 0x4, 0x401, 0x0, 0x1, 0x9}, {0x8, 0x4, 0x1, 0x2, 0x10, 0x1}, {0xff, 0x8, 0x6, 0x5, 0xff, 0x5}, {0x2, 0xb15ce2d, 0x80000001, 0xbeab, 0x8, 0x5}, {0x3, 0x8, 0x3, 0x7, 0x8, 0x4}, {0xfff, 0x9, 0x6, 0x3, 0x100, 0x57}, {0x9, 0x5, 0x4, 0x3, 0xa, 0x2}, {0xb3, 0xe, 0x3, 0x8000, 0x7, 0x9}, {0xff, 0x7, 0x5, 0x10001, 0x6, 0x6}, {0x2, 0x8f, 0x9, 0xffffff46, 0x4, 0x80000000}, {0x9, 0x2, 0xfffffffc, 0x1, 0xd50, 0x3}, {0xd203, 0x7, 0x1, 0x10000, 0x43, 0x1ff}, {0x4, 0x3ff, 0xffffffff, 0x1, 0x5, 0x100}, {0x1ff, 0x3, 0x7ff, 0xfffffff8, 0x1ff, 0xfffffffc}, {0x7, 0x9, 0x3ff, 0x1, 0x7, 0x4}, {0x0, 0x6, 0x0, 0x9, 0xffff0001, 0xcca}, {0x7, 0x1, 0xfffffff1, 0x3ff, 0x100, 0x4}, {0x3, 0x9, 0x0, 0xed4, 0x4, 0x6}, {0x9, 0x7, 0x8001, 0x7, 0x7, 0x2}, {0x3, 0xfff, 0x9, 0x5, 0xb5, 0x3}, {0x0, 0x1, 0x1, 0x5, 0xffffff01, 0xfff}, {0x7, 0x5, 0x2, 0x2, 0x0, 0xfffff9de}, {0x5, 0xffffffff, 0xe6b, 0xb, 0xb, 0x4}, {0x1d, 0xffffff10, 0x1, 0x2, 0xff, 0x52e2}, {0x0, 0x9, 0x0, 0x7, 0xdb, 0x5}, {0x7, 0x2, 0x9, 0x8, 0xa, 0x100}, {0x81, 0x4, 0x988, 0x0, 0x0, 0x7}, {0xdc03, 0x7, 0x402c, 0xffff, 0xfffffff9, 0x4}, {0xa, 0xfffffffe, 0x1, 0x1ff, 0x1ff, 0xc1b5}, {0xa24b, 0x947d, 0x3, 0x4, 0x80000000, 0x2}, {0x9, 0x401, 0xa89, 0x5ef, 0x9, 0x8}, {0x4, 0x7fff, 0x0, 0x4, 0x7fffffff}, {0x3, 0xb8c, 0x6, 0x21761f6a, 0x1, 0x6}, {0xfff, 0xda, 0x1f, 0x4, 0x8, 0x2}, {0x8, 0x10, 0x0, 0x0, 0xfffffff7, 0x43}, {0xfffff000, 0x8, 0xe96, 0x9, 0x9, 0x34b0}, {0x4, 0x8, 0x8, 0x3, 0x6cf4, 0x1}, {0x3, 0x3, 0x7, 0x4, 0xbe, 0x81}, {0x4, 0x800, 0x0, 0x5, 0x8, 0xfa2f}, {0x3, 0x8d, 0x81, 0x2, 0x8, 0x6}, {0x9, 0x2, 0x6, 0x4, 0xf, 0x5}, {0x100, 0x1, 0x2, 0xffffffff, 0x9, 0x74}, {0x4, 0x4, 0x8, 0x1, 0x0, 0x3}, {0xfffffff8, 0x7, 0xffffffff, 0x62f, 0x401, 0x30564e0}, {0x9a2f, 0x800, 0x8, 0x7, 0x7}, {0x20000006, 0x2, 0x800, 0x200, 0x9, 0x3}, {0x7, 0x6, 0x8936, 0xdcb, 0x0, 0x2}, {0x6, 0x80000000, 0x8, 0xe, 0xfffffffa, 0x8de3}, {0x0, 0x9, 0x8, 0xfff, 0x6, 0x1ff}, {0x8195, 0x2, 0x1000}, {0x1, 0x5, 0xff, 0x9e0f, 0x5, 0x6}, {0x7fff, 0x6, 0x0, 0x5, 0x8000, 0x3}, {0x7ff, 0x9, 0xa, 0x6, 0x7, 0xe77}, {0x1, 0x5e12, 0x3, 0xfffffffa, 0x2, 0x80000001}, {0xffffff8c, 0x2, 0x1, 0x1, 0x10, 0x5}, {0x4, 0x7, 0x4, 0x78d, 0xffffcff9, 0x9}, {0x1, 0xe, 0x7, 0x2, 0x2, 0x207f}, {0x10, 0x5, 0xfffffffa, 0xff, 0x80000, 0xfff}, {0x1, 0x7ff, 0x696e, 0xa, 0x49d, 0xb}, {0x9bf4, 0x0, 0x5, 0x3, 0x3, 0x1000}], [{0x1, 0x1}, {0x2}, {0x5}, {0x2}, {0x2, 0x745e81639ff0f356}, {0x4}, {0x5}, {0x3, 0x1}, {0x3}, {0x2}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x2}, {0x2}, {}, {0x3, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x2}, {0x3, 0x1}, {0x2}, {0x5}, {0x2}, {0x1, 0x1}, {0x1}, {0x1, 0x1}, {0x5}, {0x4}, {0x5, 0x1}, {0x5, 0x1}, {}, {0x4, 0x1}, {0x3}, {0x4, 0x1}, {0x1, 0x1}, {0x5}, {0xa}, {0x3}, {0x3}, {0x2, 0x1}, {0x3}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x4}, {0x4, 0x1}, {0x4}, {0x4}, {0x2, 0x1}, {0x2, 0x1}, {0x5, 0x3}, {0x4, 0x1}, {0x1}, {0x4}, {0x0, 0x1}, {0x2}, {0x1, 0x1}, {0x3, 0x1}, {0x5}, {0x3, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x3}, {0x6}, {0xa}, {0x3, 0x1}, {}, {0x2, 0x1}, {0x1}, {0x4}, {0x5}, {0x3}, {0x3, 0x1}, {0x4}, {0x0, 0x1}, {0x5, 0x1}, {0x6}, {0x2}, {0xb82e57098c7a44ef}, {0x3, 0x1}, {0x1}, {0x0, 0x1}, {0x5}, {0x1, 0x1}, {0x5}, {0x0, 0x1}, {0x4}, {0x4}, {0x0, 0x1}, {0x2}, {0x4, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x2}, {0x3}, {0x1, 0x1}, {}, {0x4}, {0x3}, {0x3}, {0x1}, {0x5}, {0x3, 0x1}, {0x4}, {0x3, 0x1}, {0x0, 0x1}, {0x1}, {0x4, 0x1}, {0x1}, {0x5, 0x1}, {0x4}, {0x0, 0x1}, {0x3}, {0x1}, {0x0, 0x1}, {0x5}], 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0xe8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$kcm(r6, &(0x7f0000002900)={&(0x7f0000000500)=@xdp={0x2c, 0x8, r4, 0xc}, 0x80, &(0x7f0000002f40)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

8m4.754645386s ago: executing program 1 (id=62):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000040)={0x4, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", <r2=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda501009bdeffafde25", <r3=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f00000001c0)={"0080bced01eb0100000000000000000700000000000000c900", r3, <r7=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r7, 0xc0383e04, &(0x7f00000003c0)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)

8m3.65538572s ago: executing program 1 (id=63):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x3200400, &(0x7f0000000180)=ANY=[], 0xfe, 0xa7f, &(0x7f0000000b40)="$eJzs3U2MG1cBAOA33vUmmwTilIQuSWgTftry091ms4SfCJqquRA1FbdKEZcoTUtEGhCpBK0qkeTEjVZVuPIjTuVQAUJqLyjqiUslGolLxaFw4EAUpEocoJC4yvo9r/3W1tib9dpef5/0/PbNG897Mzsej2fmvReAiVVZfl1amitCuPrmq8f/+cA/Zu9MebQ5R235dbolVQ0hFDE9nS3vvalGfOv9l850iouwuPya0uHJm833bg8hXAoHwrVQC3uvXn/l7cUnTl4+ceXgO68dvTGYtQcAgMnyrWtHl/b87c/7dn3w+n3Hwpbm9HR+XovpHfG8/1g88U/n/5XQni5aQquZbL7pGCrZfFMd5mstp5rNN92l/JlsudVm/r62+baUlD/VMq3TesM4S/txLRSV+bZ0pTI/3/hNHpZ/188U8xfOnX/m4pAqCqy7f98fQjgwwBAGvPwhhXq9/uPNum6rw4368OsgDCLUdw718APQlN8vXOVSfmXh7jSXNt1b+Tcfq3R+P6yDjd7/lT9e5f/6ciz/1F8HWg8mw2b9/krrlT5HO2I6v4+QP7/U7+c/LW8qvkxnyy/T7T7CuNxf6FbPqQ2ux1p1q3++X2xWX49x2g7fyPJbPz/5/3Rc/sdAZ/8Z9PX/EQsHRqAOmzpUR6AOQs+hPuwDEDCyVp6ba6hHKT9/ri/P31KSv7Ukf7Ykf1tJ/vaSfJhkv3/+p+HlYuV3fv6bvt/rYek620di/NE+65Nfj+y3/Py5337dbfn588Qwyt44/dTZrzx96nrj+f+iuf/fjvv7gZiuxc/WtThDul6YX1dvPvtfay+n0mW+e7L6pONGZUuav94ocXf7fMXuleWEluPMqnrMtb9vZ7f59rfPV8vmm41ha1bf/PxkW/a+dP6Rjqtpe01n61vN1mMmq0c6ruyKcV4PWIu0P3Z7/j/tn3OhWjxz7vzZR2I67ad/mqpuuTP9UOtCf7MxdQfuTq/tf+ZCe/ufHc3p1UrrcWHnyvSi9bhQy6YvNpLN2+Rp+uGYTt9z35maXZ4+f+Z7559e75WHCXfxhRe/e/r8+bM/8Ef6Y9Zm8Yc/hn1kAgZt4fnnvr9w8YUXHz733Olnzz579sLhI0cOLy4e+erhpYXl8/qF1rN7YDNZ+dIfdk0AAAAAAAAAAACAXv3wxPHrf3nry+822v+vtP9L7f/Tk7+p/f9Psvb/eTv51A4+tQPc1SF/edy9N9rrMZPNV43hY1l9d2fl7Mne9/EYN8fxi+3/U3v7vF/XVJ97s+l5/71pvqw7gVX9pcxkfZDk4wV+KsZXYvyrAENUzHaeHOO2/q3D6v6t076e+qfQL8V4Sv+3tDekfkxS++9u/Tql4/+uDagj628jmhMOex2Bzv418v1/t5yJD70uExBs54kK9bpRPIDRMOzxP9N1zxRf+OM3t94Jababj7UfL/P+S+FujPr4k8ofhfE/i3WrRHP8u56Ofx16V2/r57n30RX++/Mb77YUG/b2evy9nK166gd6d3mZrT6I5af1fzD0Vn79l1n5+Q2hHv0vK39bj+WvWv/9ayv//7H8tNke+nSv5TdqnO+B+XXjdP8vv26c3MrWP/Xt2ff6r3GgxtuxfJhk3ceZ7XUE29E0lPF/O9wfXav8OYwvxXQ6EKbnHPJv5H7rn56vSN8De7LlFyXfb+MyTnE3kz7+79diXPZ5SOP/pv2x1iFdaUlXO2zbcd9XYLN5b+Tv/41ZuDQCdRBGNMz2M3/jkboB16lerw/2glaJoRbO0Lf/sO8+D7v8YW//Mvn4v/k5fD7+byX7AZGP/5u/Px//N8/Px9fL8/Pxf/PtmY//m+ffmy03v4I9V5L/iZL8vSX5+1byZzvl7y95/ydL8g+GeE7SJf++kvffX5J/T0n+VEn+Z0ryP1uS/0BJ/kMl+Z8ryd/sUnuUSV1/mGR5+zyff5gc6f5Pt8//7pJ8YHz97PVDj5/63bdrjfb/M83fa+k+3rGYrsbfzj+K6fy+d2hJ38l7K6b/nuWP+vUOmCR5/xn59/uDJfnA+ErPefl8wwQqOvfY02u/Vd3O8xkvn4/xF2L8xRg/HOP5GC/E+FCMFzeofgzG47/9w9GXi5Xf+zuz/F6fJy8q7b/s836iDvdYn/z6QL/Ps+f9+PXrbstfY3MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoaksvy4tzRUhXH3z1eNPnTy3cGfKo805asuv0y2pavN9ITwS46kY/yL+cev9l860xrdjXITFUISiOT08ebNZ0vYQwqVwIFwLtbD36vVX3l584uTlE1cOvvPa0RuD2wIAAACw+X0YAAD//7e9G+Y=")
socketpair$unix(0x1, 0x5, 0x0, 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x9ffc)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0xd01ce0, 0x0, 0x82, 0x0, &(0x7f0000000080))
r2 = syz_clone(0x20000, &(0x7f0000000140)="cb8235e7a3c860838693499b655209e13640ce6c2b077c78e26ebfbabd681769227aabeaac1d13049351a822e553d3a9be11a9b6cacdbf5fa6cc5acb2b94edc99fbc1a4498e4ec7469932359833054b962577f79b7521a54e25a2e5edac43c04e5fbb3557dbe4be1c09e25e526ae1d8c373d66a06d6b90e33d1e43480139f5424f7996c7aebb8b51c447da888155ac7220dc8a15c017497d8b26e7690230dfaca8fcf8068d6cbb8d5ebe23e157e96107587d21c0a474d07cb41a2fda30c67e9868d3c485f55d9b3bef10a9d977f9b2ff93103af8cc3c83649d07a55dfc7b65b8c0fc", 0xe2, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000300)="b8473c632ab718fe77a6e744d34d278323c986d457a19587f7ec61111e1cf8616442655d2a222f3076855f596100aff23164ce4f61a04a4c745e6dc920a51ece3aa22a352450e8b9606ad0b8b290e6333c8ad539cd6fefc1aaf209805a396aeefc0f62273b7ce3bd7efbc472bc11fef348d82784a256ee05ed495614a54ee426bf965e84afb2120ccd0bc8d7913e47ba3abff1d7bb1e11415df6da8c1272a801db9ccaf91352d48fbd360e176e424226ada0396c9e2841f12f19")
r3 = syz_open_procfs$namespace(r2, &(0x7f0000000240)='ns/user\x00')
bind$rose(r0, &(0x7f0000000280)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, 0x5, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @null]}, 0x40)
ioctl$NS_GET_PARENT(r3, 0xb702, 0x0)

7m58.415807508s ago: executing program 1 (id=69):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$dri(&(0x7f0000002a40), 0x0, 0x0)
close(r1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
sendmmsg$inet6(r2, &(0x7f0000003cc0), 0x0, 0x4001c00)

7m54.212088425s ago: executing program 1 (id=77):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg2\x00'})
socket(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x4780, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x20202)
syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1cf)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x8000, 0x44, 0x18}, 0x18)

7m53.555352198s ago: executing program 32 (id=77):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg2\x00'})
socket(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x4780, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x20202)
syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1cf)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x8000, 0x44, 0x18}, 0x18)

7m23.122534557s ago: executing program 4 (id=145):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240), 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x14, 0x1, 0x1, 0x101, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8880}, 0x4001)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x8000000000000001, 0x5, 0x6, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000005, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m21.311960436s ago: executing program 4 (id=150):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
setresgid(0xee00, 0xee01, 0x0)
setregid(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)
ioctl$int_in(r3, 0x5421, 0x0)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r3)

7m20.21604585s ago: executing program 4 (id=152):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c09c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

7m19.254960908s ago: executing program 4 (id=156):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x3200400, &(0x7f0000000180)=ANY=[], 0xfe, 0xa7f, &(0x7f0000000b40)="$eJzs3U2MG1cBAOA33vUmmwTilIQuSWgTftry091ms4SfCJqquRA1FbdKEZcoTUtEGhCpBK0qkeTEjVZVuPIjTuVQAUJqLyjqiUslGolLxaFw4EAUpEocoJC4yvo9r/3W1tib9dpef5/0/PbNG897Mzsej2fmvReAiVVZfl1amitCuPrmq8f/+cA/Zu9MebQ5R235dbolVQ0hFDE9nS3vvalGfOv9l850iouwuPya0uHJm833bg8hXAoHwrVQC3uvXn/l7cUnTl4+ceXgO68dvTGYtQcAgMnyrWtHl/b87c/7dn3w+n3Hwpbm9HR+XovpHfG8/1g88U/n/5XQni5aQquZbL7pGCrZfFMd5mstp5rNN92l/JlsudVm/r62+baUlD/VMq3TesM4S/txLRSV+bZ0pTI/3/hNHpZ/188U8xfOnX/m4pAqCqy7f98fQjgwwBAGvPwhhXq9/uPNum6rw4368OsgDCLUdw718APQlN8vXOVSfmXh7jSXNt1b+Tcfq3R+P6yDjd7/lT9e5f/6ciz/1F8HWg8mw2b9/krrlT5HO2I6v4+QP7/U7+c/LW8qvkxnyy/T7T7CuNxf6FbPqQ2ux1p1q3++X2xWX49x2g7fyPJbPz/5/3Rc/sdAZ/8Z9PX/EQsHRqAOmzpUR6AOQs+hPuwDEDCyVp6ba6hHKT9/ri/P31KSv7Ukf7Ykf1tJ/vaSfJhkv3/+p+HlYuV3fv6bvt/rYek620di/NE+65Nfj+y3/Py5337dbfn588Qwyt44/dTZrzx96nrj+f+iuf/fjvv7gZiuxc/WtThDul6YX1dvPvtfay+n0mW+e7L6pONGZUuav94ocXf7fMXuleWEluPMqnrMtb9vZ7f59rfPV8vmm41ha1bf/PxkW/a+dP6Rjqtpe01n61vN1mMmq0c6ruyKcV4PWIu0P3Z7/j/tn3OhWjxz7vzZR2I67ad/mqpuuTP9UOtCf7MxdQfuTq/tf+ZCe/ufHc3p1UrrcWHnyvSi9bhQy6YvNpLN2+Rp+uGYTt9z35maXZ4+f+Z7559e75WHCXfxhRe/e/r8+bM/8Ef6Y9Zm8Yc/hn1kAgZt4fnnvr9w8YUXHz733Olnzz579sLhI0cOLy4e+erhpYXl8/qF1rN7YDNZ+dIfdk0AAAAAAAAAAACAXv3wxPHrf3nry+822v+vtP9L7f/Tk7+p/f9Psvb/eTv51A4+tQPc1SF/edy9N9rrMZPNV43hY1l9d2fl7Mne9/EYN8fxi+3/U3v7vF/XVJ97s+l5/71pvqw7gVX9pcxkfZDk4wV+KsZXYvyrAENUzHaeHOO2/q3D6v6t076e+qfQL8V4Sv+3tDekfkxS++9u/Tql4/+uDagj628jmhMOex2Bzv418v1/t5yJD70uExBs54kK9bpRPIDRMOzxP9N1zxRf+OM3t94Jababj7UfL/P+S+FujPr4k8ofhfE/i3WrRHP8u56Ofx16V2/r57n30RX++/Mb77YUG/b2evy9nK166gd6d3mZrT6I5af1fzD0Vn79l1n5+Q2hHv0vK39bj+WvWv/9ayv//7H8tNke+nSv5TdqnO+B+XXjdP8vv26c3MrWP/Xt2ff6r3GgxtuxfJhk3ceZ7XUE29E0lPF/O9wfXav8OYwvxXQ6EKbnHPJv5H7rn56vSN8De7LlFyXfb+MyTnE3kz7+79diXPZ5SOP/pv2x1iFdaUlXO2zbcd9XYLN5b+Tv/41ZuDQCdRBGNMz2M3/jkboB16lerw/2glaJoRbO0Lf/sO8+D7v8YW//Mvn4v/k5fD7+byX7AZGP/5u/Px//N8/Px9fL8/Pxf/PtmY//m+ffmy03v4I9V5L/iZL8vSX5+1byZzvl7y95/ydL8g+GeE7SJf++kvffX5J/T0n+VEn+Z0ryP1uS/0BJ/kMl+Z8ryd/sUnuUSV1/mGR5+zyff5gc6f5Pt8//7pJ8YHz97PVDj5/63bdrjfb/M83fa+k+3rGYrsbfzj+K6fy+d2hJ38l7K6b/nuWP+vUOmCR5/xn59/uDJfnA+ErPefl8wwQqOvfY02u/Vd3O8xkvn4/xF2L8xRg/HOP5GC/E+FCMFzeofgzG47/9w9GXi5Xf+zuz/F6fJy8q7b/s836iDvdYn/z6QL/Ps+f9+PXrbstfY3MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoaksvy4tzRUhXH3z1eNPnTy3cGfKo805asuv0y2pavN9ITwS46kY/yL+cev9l860xrdjXITFUISiOT08ebNZ0vYQwqVwIFwLtbD36vVX3l584uTlE1cOvvPa0RuD2wIAAACw+X0YAAD//7e9G+Y=")
socketpair$unix(0x1, 0x5, 0x0, 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x9ffc)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0xd01ce0, 0x0, 0x82, 0x0, &(0x7f0000000080))
r2 = syz_clone(0x20000, &(0x7f0000000140)="cb8235e7a3c860838693499b655209e13640ce6c2b077c78e26ebfbabd681769227aabeaac1d13049351a822e553d3a9be11a9b6cacdbf5fa6cc5acb2b94edc99fbc1a4498e4ec7469932359833054b962577f79b7521a54e25a2e5edac43c04e5fbb3557dbe4be1c09e25e526ae1d8c373d66a06d6b90e33d1e43480139f5424f7996c7aebb8b51c447da888155ac7220dc8a15c017497d8b26e7690230dfaca8fcf8068d6cbb8d5ebe23e157e96107587d21c0a474d07cb41a2fda30c67e9868d3c485f55d9b3bef10a9d977f9b2ff93103af8cc3c83649d07a55dfc7b65b8c0fc", 0xe2, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000300)="b8473c632ab718fe77a6e744d34d278323c986d457a19587f7ec61111e1cf8616442655d2a222f3076855f596100aff23164ce4f61a04a4c745e6dc920a51ece3aa22a352450e8b9606ad0b8b290e6333c8ad539cd6fefc1aaf209805a396aeefc0f62273b7ce3bd7efbc472bc11fef348d82784a256ee05ed495614a54ee426bf965e84afb2120ccd0bc8d7913e47ba3abff1d7bb1e11415df6da8c1272a801db9ccaf91352d48fbd360e176e424226ada0396c9e2841f12f19")
r3 = syz_open_procfs$namespace(r2, &(0x7f0000000240)='ns/user\x00')
bind$rose(r0, &(0x7f0000000280)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, 0x5, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @null]}, 0x40)
ioctl$NS_GET_PARENT(r3, 0xb702, 0x0)

7m16.996410419s ago: executing program 4 (id=159):
pipe2(&(0x7f0000000000), 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xc3490000)
socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r3, 0xaea2, 0x80000000)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_TSC_KHZ_cpu(r4, 0xaea2, 0x8)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080), 0x4)
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7005}, 0x4)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000), 0x8)

7m12.998927726s ago: executing program 4 (id=172):
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x41982)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000100)='./file0\x00', 0x2a00005, &(0x7f00000002c0)=ANY=[], 0x0, 0x2b7, &(0x7f0000000580)="$eJzs3c9Ka1cUB+Bf1JjoJEI7Kh0cKJSORH2DUCyUBgqWQO3IUJUWI0IEoR1UZ32XPk4foy9QC4Vcridq4s31D3o93vh9EM6Cvdc5aychOwl7JzufHx7sHh3vb3/yT5rNIgvJWf5LkrnMZ+QqSGpZzLizAAAfm62tXrvqGviwBoN2r56k8U5Lt15JQQAAAAAAAAAAADza1PX/58nK2Pr/2ug4Z/0/AMwE6/9n32DQ7i2P3r9N6v5VSUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASc6Hw9bwllvV9QEAT+8x8/+/w9LzVQsAPIXJ+b92lvj8DwCz7nxirq/F9/8AMPt+2P7pu3ans7lVFM3k8M+T7km3PJbt7f38mn72spZW/k+GV8r4m287m2vFhZXsHJ6O8k9PGqMLXOavp5WV6fnrZX4xkd+tZ3n8+htp5dPp+RtT8xfz1Rdj+atp5e+fc5R+dvM29zr/j/Wi+Pr7zo38xkU/AAAAAAAAAAAAAAAAAAAAeA6rxZXJ/fvd+bJ99X3tSeqjk9zv9wFu7K9fyGcLlQ4dAAAAAAAAAAAAAAAAAAAAXozj334/6PX7ewPB7cGXjXt0Xnrae/XyQap67A8Lmrmrz9JLKfVVBMNW+Sx6YHpFL0gAAAAAAAAAAAAAAAAAAPCKXW/6TRarLgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKnL9//8PDn78pTzFnZ2rHiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOrwJAAD//ypU4JE=")
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000400))
r3 = dup(r2)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1, r3})
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f00000001c0)=0x304008000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0x3, 0xf1, 0x5, 0xfa, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0xffff1000, 0xeeef0000, 0xb, 0x1, 0x2, 0x7, 0x4, 0x1, 0x81, 0x0, 0x6, 0x5}, {0xeeee8000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x0, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x9, 0x3, 0x9, 0xd, 0x6, 0x5, 0x9, 0xc, 0x4b}, {0x6000, 0x0, 0x4, 0x6, 0x3, 0x7d, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x8000000, 0x4000, 0x0, 0x1d, 0x3, 0x0, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40030000, 0x0, 0x80a0000, 0x300, 0x1, 0xa901, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})

7m11.69481095s ago: executing program 33 (id=172):
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x41982)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000100)='./file0\x00', 0x2a00005, &(0x7f00000002c0)=ANY=[], 0x0, 0x2b7, &(0x7f0000000580)="$eJzs3c9Ka1cUB+Bf1JjoJEI7Kh0cKJSORH2DUCyUBgqWQO3IUJUWI0IEoR1UZ32XPk4foy9QC4Vcridq4s31D3o93vh9EM6Cvdc5aychOwl7JzufHx7sHh3vb3/yT5rNIgvJWf5LkrnMZ+QqSGpZzLizAAAfm62tXrvqGviwBoN2r56k8U5Lt15JQQAAAAAAAAAAADza1PX/58nK2Pr/2ug4Z/0/AMwE6/9n32DQ7i2P3r9N6v5VSUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASc6Hw9bwllvV9QEAT+8x8/+/w9LzVQsAPIXJ+b92lvj8DwCz7nxirq/F9/8AMPt+2P7pu3ans7lVFM3k8M+T7km3PJbt7f38mn72spZW/k+GV8r4m287m2vFhZXsHJ6O8k9PGqMLXOavp5WV6fnrZX4xkd+tZ3n8+htp5dPp+RtT8xfz1Rdj+atp5e+fc5R+dvM29zr/j/Wi+Pr7zo38xkU/AAAAAAAAAAAAAAAAAAAAeA6rxZXJ/fvd+bJ99X3tSeqjk9zv9wFu7K9fyGcLlQ4dAAAAAAAAAAAAAAAAAAAAXozj334/6PX7ewPB7cGXjXt0Xnrae/XyQap67A8Lmrmrz9JLKfVVBMNW+Sx6YHpFL0gAAAAAAAAAAAAAAAAAAPCKXW/6TRarLgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKnL9//8PDn78pTzFnZ2rHiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOrwJAAD//ypU4JE=")
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000400))
r3 = dup(r2)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1, r3})
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f00000001c0)=0x304008000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0x3, 0xf1, 0x5, 0xfa, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0xffff1000, 0xeeef0000, 0xb, 0x1, 0x2, 0x7, 0x4, 0x1, 0x81, 0x0, 0x6, 0x5}, {0xeeee8000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x0, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x9, 0x3, 0x9, 0xd, 0x6, 0x5, 0x9, 0xc, 0x4b}, {0x6000, 0x0, 0x4, 0x6, 0x3, 0x7d, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x8000000, 0x4000, 0x0, 0x1d, 0x3, 0x0, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0x1, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40030000, 0x0, 0x80a0000, 0x300, 0x1, 0xa901, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})

6.50900005s ago: executing program 5 (id=1160):
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000940), 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd(0x80801)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pipe2$watch_queue(&(0x7f0000001180), 0x80)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r1 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000180)={0x1, 0x0, &(0x7f00000000c0), &(0x7f0000000480)=[0xf], &(0x7f0000000200), &(0x7f00000001c0), 0x0, 0x1})

5.397080565s ago: executing program 5 (id=1163):
syz_open_dev$tty1(0xc, 0x4, 0x4)
creat(&(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20)
syz_usb_connect(0x3, 0x10e, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100006a249f08ec1888323a3f010203010902fc0001870000000904e67e350e010000062404"], 0x0)

4.195841334s ago: executing program 0 (id=1168):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r2, 0x0, 0x0)
read$FUSE(r2, &(0x7f00000047c0)={0x2020}, 0x2020)
socket(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x48042, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f0000000180)=""/171, 0xab)
creat(&(0x7f00000000c0)='./file1/file0\x00', 0xa0)

3.835945122s ago: executing program 3 (id=1169):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$alg(0x26, 0x5, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d000000080005", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x4, r2, 0x1, 0x7}, 0x14)

3.743389466s ago: executing program 0 (id=1171):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x8010, &(0x7f0000000180), 0x5, 0x565, &(0x7f0000000600)="$eJzs3cFrJFkZAPCvKulMMsmarHpYF1wXd2Wy6nQmG2c3eFgVRE8L6oonYYxJJ4R00kPS2Z2Ewc3iVRBUdMGLnrwI/gGC7MW7CAvrXVQcZMzoQWFmSqq7eibp6U4y2Olmkt8Paqpeve76vtedfl2vq6YqgHPr+YiYjoihiHgpIiaL9WkxxV5zyh93Z//mYj4lkWVv3E4iKda1tnWhmI8XTxuNiG98NeK7yaNxt3Z21xaq1cpmUZ6pryd3s2z38ur6wkplpbIxNzf7yvyr81fnSz1p51REvPblv/30h7/6ymu/++xbf752a/p7eVr/zbK3o60dvdRseqnxWrQMR8TmaQQbkOFGC5uunugZHf4gAADoi3x//8MR8cnG/v9kDDX25gAAAICzJPvCRNxNIrIkLwAAAABnURoRE5Gk5eJ834ni3MzxiPhoXEyrta36Z5Zr2xtLeV3EVJTS5dVq5UqMNs4dmIpSkpdni3NsW+WX28pzEfF0RPxkcqxRLi/WqkuD/vEDAAAAzonxtvH/vyfTtFwuKvcGnBwAAADQO1ODTgAAAAA4dcb/AAAAcLaV8vF/dqIbMqXF3B0CAAAA4Mnytddfz6esdf/rpTd3ttdqb15eqmytlde3F8uLtc3r5ZVabaVxzb7147ZXrdWufy42tm/M1Ctb9Zmtnd1r67Xtjfq11UO3wAYAAAD66OlPvPenJCL2Pj/WmHIjRV0pIhs6+GAH/uFMSR/nwX89vTyA/jv4/T42wDyA/rNLD+dXadAJAAN33H8A6nryzh96nwsAAHA6Ln2s+/H/28sDTQ04ZcXx/+REFwABzpShDuvK4wNIBOi75vG/+1nToLMB+qnUcQ+gYFAAZ17am+P/x1zfI9GhAADAgE00piQtF+OAiUjTcjniqcZtAUvJ8mq1ciUiPhQRH0yWLuTl2cYzE3vzAAAAAAAAAAAAAAAAAAAAAAAAAHBCWZZEBgAAAJxpEenfW3fmujT54kT77wMjyX8mG/OIeOvnb/zsxkK9vjmbr//ng/X1d4v1Lz/urw8/vtWjnzEAAACAA1rj9NY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66c7+zcU7WZZl+zcX+xn3H1+KiKkifjE1a4ZjtDEfjVJEXPxXEsMHnpdExFAP4u+9ExHPdIqf5GnFVJHFofgjEWlEjPUqfjxm/GjGH+9BfDjP3sv7ny92+vyl8Xxj3vnzN1xM/6/u/V/6oP8b6tL/PdVto6XDxWff/81M1/jvRDw73Ln/acVP8u11iP/CCdv4nW/u7nary34ZcalT/5ccjjVTX78+s7Wze3l1fWGlslLZmJubfWX+1fmr81dmllerleLfjjF+9PHf3n9YuvdI+y8e0f822t/l9X/xiDYf/G649/6N/Y80F9vemSjFL7Js+oXO7/8z+ezTnePnfxOfKr4H8vr8NUzf/VbHXJ779R+f65Zn3v6lLu0fbWv/hbb2Tx/R/oNe+vr3/3LChwIAfbC1s7u2UK1WNi0cXIipfsV6wt6CkWgu5PudA88niSTyhQ8OVS0MPrHmwtvFZ2yh2vq09WjLvy8GR6eZ/OFuoutQEwAAeHI83Olvr0kGkxAAAAAAAAAAAAAAAAAAAACcQ8deBqxbVRoRD9d8+wdHXI2sPebeYJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCk/wUAAP//kBLSkw==")
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x1000649, &(0x7f0000000600)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x19}}, {@grpquota}, {@user_xattr}, {@grpjquota}, {@data_err_ignore}, {@noblock_validity}, {@minixdf}, {@journal_checksum}]}, 0x0, 0x60d, &(0x7f0000000800)="$eJzs3c9rG9kdAPDvjGzXTtw6KSU0gVJDDwmU+EcaSNtTkktz6CHQHErpISa2g4mcmNiBJg3UuTXQQym9lpJL/4HeS+i1t1Joe9vzQnZZvOxhd4mWGc0kWllyFMX64cznA5LevBnpva+enueNxk8TQGXNZ3dpxOmIuJlEzLWsm43myvliu71PHt/Kbkk0Gr/4OImkyCu3f1k8Hs/ukojpiPj31Yhv1/aXu/3w0Z2VeqPpdxGLO5tbi9sPH53f2Fy5vXZ77e7yhR9fvLT0k+WLy4cSZxnXdPG4/p/6+SQux43J365GWxyHZT7m42URYmv+RERcyhId3pejpgwhGXE96E+t+DxORsSpmItavtQ0Fxt/GGnlgIFq1CIaQEUl+j9UVDkOKI/tB3EcPM5eXGkeAO2Pf6L53UhM58dGx/aSliOj5vHuiUMoPyvjy8dn/pLdosv3EBOHUE43u08i4rud4k/yup0ovjE5tpdG2vK8LL0UEVPFe5H2Wf582/KwP39vE39rO2TxXi4es/yrfZY/6vgBqKbnV4od+W629Hr/l40My/FPdBj/zHbYd/Vj1Pu/7uO/cn8/nX9HnraNw7Ixz/XOLznZnvHB02t/6lZ+6/gvu2Xll2PBYXjxJOJMW/y/zwdzyav2Tzq0f7bJzR7L+Nl/P7rWbV3/8R/OGafGs4izHY9/kq+VtLizuVXmtZ2fXFzfqK8tNe87lvGPf/36b93KH4f2jy7xH9T+Wd5Wj2X8/fqzzW7rZt8Yf/rhVHIjT00VOb9Z2dm5vxwxlfy82KQl/8LBdSm3KV8ji//cDzr3/wPizxt6t8f4t355Z6+Z2v+Z7bn99/1Vyb1s9FiHbrL4V/ts/z/2WMZnv3rwvbasmTJxUPwz+18q6fU9BwAAAAAAgCpK83OwSbrwKp2mCwvNObzfiWNp/d72zg/X7z24uxpxLv9/yMm0PNM911xOsuXl4v9hy+ULbcs/ioiTEfHn2ky+vHDrXn111MEDAAAAAAAAAAAAAAAAAADAmDhezP8vr1P9aa05/78nO6cGXDtg4AZ5gTlgvOn/UF15/+/3Cq7AkWb/D9Wl/0N16f9QXfo/VJf+D9XVU/+fGnw9gOGz/4fq0v8BAAAA4L108vvP/59ExO5PZ/JbtJzpmxxpzYBBe/s+Pj+QegDDVxvq04Bx8urUv+n/UDk9jf8/L34ccPDVAUYg6ZSZDw4aB3f+5x2f2aun7/JkAAAAAAAAAAAAAKias6fN/4eqSuOfo64CMCLvMJHfbwDAEeen/6G6HOMDb5rFP91txbvN/wcAAAAAAAAAAAAA3sJsfkvSheISoLORpgsLEd+MiBMxmaxv1NeWIuJbEfG/2uQ3suXlUVcaAAAAAAAAAAAAAAAAAAAA3jPbDx/dWanX1+63Jr7Yl/N+J8qroI5LfVoTkQy/0JmIGIfYB5OYaMlJInazlh+Lit3fjrGoRppXY8R/mAAAAAAAAAAAAAAAAAAAoIJa5h53duavQ64RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzf6+v/959I3vA6o44RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADiavgoAAP//F1A3Eg==")
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f00000000c0)='.\x00', 0x308a0ba, &(0x7f0000000600)=ANY=[], 0x0, 0x0, 0x0)

3.127458167s ago: executing program 2 (id=1173):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r4, 0x0, 0x0)
read$FUSE(r4, &(0x7f00000047c0)={0x2020}, 0x2020)
socket(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x48042, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f0000000180)=""/171, 0xab)
creat(&(0x7f00000000c0)='./file1/file0\x00', 0xa0)

3.008920853s ago: executing program 3 (id=1174):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x7)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

3.007600443s ago: executing program 0 (id=1175):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x20000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_HALT_POLL(r1, 0x4068aea3, &(0x7f00000000c0)={0xa8, 0x0, 0x2})

2.771059294s ago: executing program 0 (id=1176):
r0 = syz_io_uring_setup(0xf00, &(0x7f0000000100)={0x0, 0x0, 0x800}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_FADVISE={0x18, 0x8, 0x0, @fd=r0})
io_uring_enter(r0, 0x2, 0x0, 0x0, 0x0, 0x0)

2.487116258s ago: executing program 3 (id=1177):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x40080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0xc048aec8, 0x0)

2.362439884s ago: executing program 0 (id=1178):
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file0\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x2b2, &(0x7f0000000440)="$eJzs3U9rE08cx/HPbLbN/trS39pWBOmpWvAk/XMRL4L0GXjxJGoToRgqaAX1VD2LD8B7noIPwKMn8Sz01pMPoJ4i8yfNZrubNMGwbXy/oGFj5jv7ncxsZiYSVgD+Wfd3jtrbx/bPSDXVJN2VIkmJFEu6qmvJ6/2DvYNWszGoopqLsH9GPtKcKbO731R4MSvJ/WNqn8VaOFMQf13yU4er81VngaqZoutV7pOgHq5O+9ngr9UpcFh1AhUzJzrRGy1WnQcAoFrGz+9RmOcXJNlVYRRJ62Ha9/N/d5VwySfQk6oTmLCvQ17PzP9ul9Uxtn//dy/19nuus2PNhKD29vE4uczKj6xaXwLDdpUul+i/Z3ut5u3dF61GpA+6F8z0iq24x4Yful1HbeP2tPb4/dmq18Ja95z7y6N2clrbaNzGKpqxbdjK5p8pslx8xu0xzzic+Wa+m0cm1Wc1Ttd/ccfYbnI9leZ6yue/UV6ja+WsXKmSVl5xJ7kezhAMbGVNuTSyZkOdfR2YluQZ90Ut5aJ86zbLW+eilgujtoZEreSjeqO5PHLSzCfz0Kzpl75oJ7P+j+y7va7zXJm2jCsZRsbA9sSuZOqmmDB3HK4WlozGbRHG8FFPdUeLr96+e/6k1Wq+nNoDeyWOHGVH60VIfkIH3UFwUfKZ2gP7Jldy9u68M3495R8dfC0/PXqdPmIgg2Ba2HWX8fu/zH5lwy3W7EPav06vZ2M7wyrP1LhZsjdYco9z+R1cyd7AuK8e5ov/t0Jle67fHc8XcXuuG7ekm+c5o5eGPC+e0/eyPkKQ2dEPPeb7fwAAAAAAAAAAAAAAAAAAgMtmhB8GzA0uk5T+YKbqNgIAAAAAAAAAAAAAAAAAAAAAcNkV3P+3Pun7/+b13f/3gfwz7v8LTNyfAAAA///AXngC")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000080)='./file1\x00', 0x1e)

2.25551575s ago: executing program 3 (id=1179):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000100001005d790000000000000500000a60000000060a0b0400000000000000000200000234000480300001800b00010074617267657400002000028008000240000000010800030002b511120c0001004e465155455545000900010073797a30000000000900020073797a32"], 0x88}}, 0x0)

2.147777065s ago: executing program 0 (id=1180):
r0 = syz_usb_connect$uac3(0x3, 0x97, &(0x7f0000000040)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x10, 0x103d, 0x100, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x85, 0x3, 0x1, 0xd8, 0x10, 0xc, {0x8, 0xb, 0x1, 0x2, 0x1, 0x1, 0x30, 0x2}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x10, 0xa, 0x7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0xe, 0x0, 0x3, {0xa, 0x25, 0x25, 0x7fffffff, 0xc, 0x180}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {[@as_header={0x17, 0x24, 0x1, 0x6, 0x8000, 0x7, 0x2, 0x6, 0x4a, 0x9, 0x10}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x7f, 0x4, 0x0, {0xa, 0x25, 0x25, 0x400, 0x8f, 0x2}}}}}}}}]}}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac3(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000180)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io$uac3(r0, &(0x7f0000000140)={0x14, &(0x7f0000000240)=ANY=[], 0x0}, 0x0)

2.098029868s ago: executing program 5 (id=1181):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73a, &(0x7f0000000800)="$eJzs3E9rXOUaAPDnnCZtb5t7Jxfu4uJKqFih9iRN1a6EiOtCoR+ghslJCDnJhMykNjFg68KFIKgI/ulGv4EbRXBT+h0UwZ2CC0FrGheCi8iZzEx1OpOObdKR+vvBmfO875kzz/vMHF7mwLwTwD/W4+VDEjEWERciotLqTyPicDM6GnF193m3tzar21ub1SR2di7eSsrTmn3t10pa++PRPCX+HxE3RyNOvXZ33vr6xuJMUeSrrfZEY2llor6+cXphaWY+n8+XpyYnz559burZZyb3rdY3X/nkpzc+f/HLD88t/fb8radnk5hu1h1ddeyn3fdkNKa7+pcPItkQJcMeAAAAAym/5x+KiJHmt9RKHGpGAAAAwKNk58gOAAAA8MhLYtgjAAAAAA5W+3cAt7c2q+3tYf7+4McXImL8ztri7U7+keYa4oijMRoRx7aTP61MSHZPgwdy9VpE3Jjucf0nrevv/nWvXLdG+u/nRjn/TPea/9LO/BM95p+R9n8nPKD2/Ld91/x3J/+hPvPfhQFzHFk9+VXf/NciHhvplT/p5E/65H9pwPyfjn3zbb9jOx9HnIze+f+Ya4//h5iYWyjy1mPPHCc+e/XUXvUf65c/2bv+lQHr/+761Hy/uaTM/9SJvT//XvnLa+Kt1jjSiHi7tS/b73TlePLm5Ad71T/bp/57ff4fDVj/F69vfD/gUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKApjYixSNKsE6dplkUcj4j/xbG0qNUbp+Zqa8uz5bGI8RhN5xaKfDIiKrvtpGyfacZ32lNd7bMR8d+IeLfyr2Y7q9aK2WEXDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMfxiBiLJM0iIo2IXyppmmXDHhUAAACw78aHPQAAAADgwLn/BwAAgEef+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIbhw/ny57WxvbVbL9uzl9bXF2uXTs3l9MVtaq2bV2upKNl+rzRd5Vq0t3ev1ilpt5Vwsr12ZaOT1xkR9fePSUm1tuXFpYWlmPr+Ujz6UqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPirxppbkmYRkTbjNM2yiH9HxHiMJnMLRT4ZEf+JiK8ro0fK9plhDxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB9V1/fWJwpinxVIBAIOsGwZyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIahvr6xOFMU+Wp92CMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABguNIfkogot5OVJ8a6jx5Ofq009xHx8vWL712ZaTRWz5T9P3f6G++3+qeGMX4AAACgW/s+vX0fDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMKj6+sbiTFHkqwcYDLtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/vweAAD//4rSy1s=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r4, 0x0, 0x0)
read$FUSE(r4, &(0x7f00000047c0)={0x2020}, 0x2020)
socket(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x48042, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f0000000180)=""/171, 0xab)
creat(&(0x7f00000000c0)='./file1/file0\x00', 0xa0)

2.019989901s ago: executing program 2 (id=1182):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xca)
bind$ax25(r0, &(0x7f0000000280)={{0x3, @default, 0x5}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @bcast, @null]}, 0x48)
connect$ax25(r0, &(0x7f0000000180)={{0x3, @bcast, 0x5}, [@bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)

1.949490405s ago: executing program 3 (id=1183):
syz_mount_image$nilfs2(&(0x7f0000000480), &(0x7f0000000f00)='./file1\x00', 0x208800, &(0x7f0000003100)=ANY=[], 0x1, 0xeec, &(0x7f0000001e40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgoh4Rl96D8odGMWnU0ANRIKYHRCVEkSJOFQcqLpRKKVKRQJWqqKe2p1a99YR6oVKVSkE9tJESV1m/We8+e7rrsT1r7/5+0rdv37zZ+b7xRs7MePZtAIZWrfl4+PBsFsJ7n1859trJ7NM7yx5prbGv+ZjFXiOEUG/rZ8n2vogLbt24dGKtNgsHm495Pzx/vfXayRDCYtgXroVG+Hh+4auP3n9u/ydvTtz3zsWzr2/R7rek+wEAAIPo6p8W/vbEP/741MzNq3uPhvHW8pXj9WWT8bj/QFyQL6+Fzn7WFu3GkvVGYtSS9UaS9UaTPKMF+erJduoF6411yTfStmyt/QQAAICdKD+vbYSsNtfRr9Xm5pbP++/4Ynosmzt3ZuH0hT4VCgAAAJT278vNm26FEEIIIYQQQggxwLE03e8rEAAAAMCwSecLW2Vxc2fqam2t0Vv+68/W1n49bIKq//3Lv7Pyf/iG3zgAAJQ3qEeT+X7lx9H5PAbpPIIjyevWe/xfS7Yzus46i+YV7Fiebd+3qaj+9Oe6XRXVv973sV+K6k/nw9yuiupP5+ncrorqH6+4jrKK6p+ouI6yiurfVXEdZRXVv7viOsoqqn+y4jrKKqp/quI6yiqq/66K6yirqP49FddRVlH9O+W22qL6GxXXUVZR/TMV11FWUf13V1xHWUX131NxHWUV1X9vxXX0y8OxzX8Oe5Px9vPn9Jxup5zjAQAAwLD7r/n/hBBCiFXRvA9iG9QhxGBHtg1qEEKI4YnL/b4AAQAAAPRd/rmA/APoS1E+PtJlfLR9fGJlhXy83uX1Y13Gx7uMAwAAACH89q3TD7ybrXzOf6Pz4eXzRu0Kn94OJeYxSie6W2/+jc57ttH865i3zPQJAAAAVCb73rXbTx774JWZm1f3Hm07+70dz3fzeUBH4wnrZ7Gf3xcwlfSz/Bz6aGeeWsF66fWBu4q298IGdxQAAACGWH7+3ghZba7tvLsRarW5uZXz8dlQz06fWTh1IPbz72f5w3R9/M7yZyquGwAAAOjdyvn+2uf/+ff4zoaxbO7cmYXTF5b7U63l9Vr7dYHpleVZ+3WBRrL8YMHyQ7Gff3/nD6Z3NZfPnfjhwsnN3nkAAAAYEhdevXj2xYWFUz/yxBNPPGk96fdvJgAAYLN9+eWV+o8PTf1u+fP/K/Pf5Z//3xf7jTi335/jCvl9AvnnAFZ9Xv94Z57povXOd67XSNYbiTGe1D3Rtp3QnG+w83UzRfkandsZK8g3meSbSvKl8xSMJuvn+fYky9P5CfP1ppPl6eSAo0mOLMn/aAAAAIBi86+8fH7+wqsXnz7z8osvnXrp1LlDB49898iRA89855n55n398+139wMAAAA70cpNv/2uBAAAAAAAAAAAAAAAAAAAAIZXFV8n1u99BAAAgGH3r8shhEUhhCgdS+P9r0GILjG2DWoQQgghhFiO5ne7V5+31u/rDwAAAMDwuXXj0on2dpXFbFPztbbWWG5ux7x5O/X0X2fuRL7a9WdHOl6/e1OrYdhV/e9f/p2V/8M3Njf/RP6k599/ySXjo+XyPj7/y9n2/A+O9pg/3f8XyuXfn+R/PPSWf+mDJP/xcvmfSPLv7jH/qv0/Xy7/kzH/bOzvf6zX/J3v/3hs8/3Y1WP+byf7fzL0mj/Z/0aPCRNPxfwAMIwG9QaA/CghP46ejP18f+PhZhhJXrfe4/9asp3RDVfeud38OOj+2M+Pl6aSvLn11j+ZbO+uknWm0rq2q6L6N+t93GpF9dcrrqOsovrHKq6jrKL6xyuuo6yi+icqrqOsovp7PQ/tt6L6d8p15aL6Jyuuo6yi+qcqrqOsovrX+/94vxTVv6fiOsoqqn+64jrKKqq/5GW1yhXVP1NxHWUV1X93xXWUVVT/PRXXUVZR/fdWXEe/PBTbovPh/PxzOo7l/UbSH1/jZzmo1xYAAABgp/mn+f+EEEIIIUpF836ZbVBHf6Ltbrm+1yI2I/6ztKzfdQghti6Wlvp48YG+29pPMwOwXfn9P9y8/8PN+z/cvP/8P/k9/FnSz410GR/tMl7vMj6WjKf/Xse7jN+TbHcpv64Z3dtl/Gtdxvd0Gb+/y/hsl/EHuow/2GX8oS7jAAAADIf7Yuv8EAAAAAbXa7/67O3fPH78xszNq3uPhrFV884fiP3x+Lf1t2I/nfc+V49/8/9J7P8itr+P7d+T9d1/AgAAAFsv/54Yf/8HAACAwZV/T6nzfwAAABhcM7F1/g8AAACD6+7YOv8HAACAAZZNrL04tvl1gUdj2+u8fgDA9vf12D4c272xfSS234htfhzwWGy/WVF9AMDm+fn3f3rk3Wxlvv9DyfituDxvV1lcvlKQ1Tpn8t8V292x/VaP9aTfB9Br/tyeHvNsVf7pDeYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZHrfl4+PBsFsJ7n1859rOxt/9yZ9kjrTX2NR+z2GuEEOqt1+WjK/1fxxVv3bh0or29HdssHAxZyFrLw/PXW5kmQwiLYV+4Fhrh4/mFrz56/7n9n7w5cd87F8++voU/go79AwAAgEH0vwAAAP//cFQjcg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$NILFS_IOCTL_GET_BDESCS(r0, 0xc0186e87, &(0x7f0000000100)={&(0x7f0000000140)=[{0x1, 0x9, 0x7b8, 0x3, 0x1}, {0x1, 0x100000000, 0xc9, 0x7eb5, 0x80000001}], 0x2, 0x28, 0x69, 0x7})

1.890520678s ago: executing program 6 (id=1184):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$alg(0x26, 0x5, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x4, r2, 0x1, 0x7}, 0x14)

1.720015966s ago: executing program 5 (id=1185):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
close(0x3)
openat$fb0(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000001f80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8001}, 0x3c)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, &(0x7f0000000380)={0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000900)={0x38, r6, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0xffffffff}]}]}]}, 0x38}}, 0xc000)

1.662863869s ago: executing program 6 (id=1186):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000001c0)={0x9, 0xfffffffe, 0xffff, 0xc, 0x1, "203c5e0000ff765e006690ffdfff61fffffff2", 0x80000000})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xff)

1.467958588s ago: executing program 6 (id=1187):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x11)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000005c0)=0x3)

1.392890642s ago: executing program 6 (id=1188):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x640, 0x1, 0x2805, 0xd59f83, 0x19f2, 0x42, 0x19ef, 0x3, 0x3, 0x2800, 0x2800, 0x2, 0xba3, 0x9, 0x0, {0x8, 0xffffffff}, 0xd0, 0x9}})

679.119067ms ago: executing program 2 (id=1189):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_MEMORY_ENCRYPT_UNREG_REGION(r1, 0x8010aebc, 0x0)

583.831652ms ago: executing program 3 (id=1190):
socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$KEYCTL_MOVE(0x18, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_procfs(0x0, &(0x7f0000000200)='net/ip6_tables_matches\x00')
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
syz_open_dev$rtc(&(0x7f0000000080), 0x4, 0x8000)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
close_range(r2, 0xffffffffffffffff, 0x0)

583.607532ms ago: executing program 6 (id=1191):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_MSCBIT(r0, 0x4004556a, 0x25)

568.390853ms ago: executing program 5 (id=1192):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x5c, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x1}, {0x5, 0x40}}}]}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x58, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xb, 0x4}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x28, 0x2, [@TCA_BASIC_EMATCHES={0x24, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0xceb, 0x7, 0x2}, {{0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x5dc}], 0x1}, 0x4)

553.738353ms ago: executing program 6 (id=1193):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e7cc6120c4108a81ad7d0102030109021b00010000c00509042300010300000009058503"], 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000840)={0x1c, &(0x7f00000007c0)=ANY=[@ANYBLOB="20183000"], 0x0, 0x0})

527.747865ms ago: executing program 2 (id=1194):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x2208046, &(0x7f0000000440)=ANY=[@ANYRES8=0x0, @ANYRESDEC, @ANYRESDEC=0x0, @ANYRES8, @ANYRESOCT, @ANYBLOB="43800a56e0e3e76932bc3507cf2a30885267b179cb2a33ec7f658402cc60513481d801dc6532f3f3fcc1cf07ffe36589c2f43e11f80aed9a02f796c507d4df01d6aaa92d0bffc896bd4335df374498f3c679aa298a656d4593e9c3e639b11429767551173bdaff5efd786127d2ca7e2726c957c406564caa02a20d19f640a9ee5fa8d1bd", @ANYRESHEX, @ANYRESDEC=0x0], 0x1, 0x2ab, &(0x7f0000000740)="$eJzs3U9rY1UUAPDz8q8ZXaSIG0XwgS5clalbN40ygtiVEkFdaHBmQJIwMIWAFUy76idw6ffwI7hx4zcQ3Aru2kXlycvL60vaxJYaU5j+fqsz995z73nvDukqJ1+/MRo8fpbE8env0W4nUduLvThLYjtqUTqKRgAAL46zLIu/sttkPqitvxoAYBOKv/+Fu64FANiMTz//4uPu/v6jT9K0Ha91Tsa9JCJGJ+NeMd99Gt/GMJ7Ew+jEeUR2oYib+aJGmtuOt0eTcS/PHH3162z/7p8R0/zd6MT21fwPP9p/tJsWLvJfKqtLo/u0Wf6jE68uz3/3cn6MJtFrxTtvzdW/E5347Zt4FsN4HHlulf/Dbpp+kP14+v2X+TF5flKL3tZ0XSWrb+ZGAAAAAAAAAAAAAAAAAAAAAAC4D3bSNCna90z79+RD0/454179fDq/k5bm+/tMyv5ASblR0R8oi1mLnkkWP5X9dR6maZrNFlb5jXi94YcFAAAAAAAAAAAAAAAAAAAAIHfw3eGgPxw+eb6WoOwGUH6t/7b77M2NvBmHg3599YZbNz+rcVQ9eF7rvy6ORiPW9FquCx7k9ax9563qcj+LIigvZq1nvfJ+senhoJ/OpsqXPOgn153VLi/u5/mpVvzXwrLpf4nzbPFO2xelLma11vQ2Wi8vnfo7y7Kb7fPeH8UdzUaSaYuNm53enAVLHzAP2lfv4pfVG678yKiv55MHAAAAAAAAAAAAAAAAAAC4rPrS75LJ4xVJxXjtfy0MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADao+v3/MmhHxOLIYtCskleuqYJWPD+4y+cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgfvgnAAD///PnTH8=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

169.865603ms ago: executing program 2 (id=1195):
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000940), 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd(0x80801)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pipe2$watch_queue(&(0x7f0000001180), 0x80)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r1 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000180)={0x1, 0x0, &(0x7f00000000c0), &(0x7f0000000480)=[0xf], &(0x7f0000000200), &(0x7f00000001c0), 0x0, 0x1})

864.83µs ago: executing program 5 (id=1196):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000000200)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r0 = open(&(0x7f0000000d40)='./file1\x00', 0x0, 0x0)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, 0x0, &(0x7f0000000380)={0x10001, 0x2, 0x0, 0x6})

0s ago: executing program 2 (id=1197):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x101e01, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
writev(r0, &(0x7f0000000880)=[{0x0}, {&(0x7f0000000380)='F0', 0x2}], 0x2)

kernel console output (not intermixed with test programs):

13.369425][   T23] Bluetooth: hci4: command 0x040f tx timeout
[  114.457669][ T4637] chnl_net:caif_netlink_parms(): no params data found
[  114.811919][ T4698] loop2: detected capacity change from 0 to 512
[  114.860997][ T4699] loop0: detected capacity change from 0 to 512
[  115.378638][ T4730] loop3: detected capacity change from 0 to 2048
[  115.445608][   T23] Bluetooth: hci4: command 0x0419 tx timeout
[  115.538986][ T4637] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.546278][ T4637] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.554308][ T4637] device bridge_slave_0 entered promiscuous mode
[  115.562609][ T4637] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.569831][ T4637] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.577872][ T4637] device bridge_slave_1 entered promiscuous mode
[  115.612137][ T4722] device syzkaller0 entered promiscuous mode
[  116.050503][ T4730] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  116.244951][ T4730] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.596652][ T4637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  118.216741][ T1209] device hsr_slave_0 left promiscuous mode
[  118.230465][ T1209] device hsr_slave_1 left promiscuous mode
[  118.253521][ T1209] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.281182][ T1209] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.302512][ T1209] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.342831][ T1209] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.365832][ T4758] loop2: detected capacity change from 0 to 1024
[  118.374017][ T1209] device bridge_slave_1 left promiscuous mode
[  118.389850][ T1209] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.453188][ T1209] device bridge_slave_0 left promiscuous mode
[  118.484715][ T4758] hfsplus: b-tree write err: -5, ino 3
[  118.498276][ T1209] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.534047][ T4545] hfsplus: b-tree write err: -5, ino 3
[  118.603500][ T1209] device veth1_macvtap left promiscuous mode
[  118.622305][ T1209] device veth0_macvtap left promiscuous mode
[  118.630930][ T1209] device veth1_vlan left promiscuous mode
[  118.641826][ T1209] device veth0_vlan left promiscuous mode
[  118.891008][ T1209] team0 (unregistering): Port device team_slave_1 removed
[  118.905208][ T1209] team0 (unregistering): Port device team_slave_0 removed
[  118.919695][ T1209] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.935730][ T1209] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.005118][ T1209] bond0 (unregistering): Released all slaves
[  119.085285][ T4750] device bridge1 entered promiscuous mode
[  119.103193][ T4637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  119.152665][ T4637] team0: Port device team_slave_0 added
[  119.162048][ T4637] team0: Port device team_slave_1 added
[  119.248070][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  119.270962][ T4637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  119.295127][ T4637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.352528][ T4637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  119.406983][ T4637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  119.443718][ T4637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.446266][ T4773] loop0: detected capacity change from 0 to 1024
[  119.469800][    C1] vkms_vblank_simulate: vblank timer overrun
[  119.511850][ T4775] loop3: detected capacity change from 0 to 4096
[  119.527284][ T4637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  119.618681][ T4637] device hsr_slave_0 entered promiscuous mode
[  119.656329][ T4637] device hsr_slave_1 entered promiscuous mode
[  119.693989][ T4777] loop4: detected capacity change from 0 to 512
[  119.703527][ T4637] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  119.711179][ T4637] Cannot create hsr debugfs directory
[  119.737444][ T4775] EXT4-fs (loop3): Test dummy encryption mode enabled
[  119.974385][ T4775] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,grpquota,,errors=continue. Quota mode: writeback.
[  120.610365][   T26] audit: type=1800 audit(1774330067.652:2): pid=4788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.108" name="file1" dev="loop0" ino=2 res=0 errno=0
[  121.103797][   T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  121.955508][ T4802] device syzkaller0 entered promiscuous mode
[  122.311339][ T4637] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  122.321316][   T23] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  122.356541][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.370678][   T23] usb 3-1: Product: syz
[  122.376102][   T23] usb 3-1: Manufacturer: syz
[  122.380797][   T23] usb 3-1: SerialNumber: syz
[  122.393399][   T23] usb 3-1: config 0 descriptor??
[  122.491295][ T4637] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  123.787859][ T4227] usb 3-1: USB disconnect, device number 2
[  124.290623][ T4825] befs: (nbd3): No write support. Marking filesystem read-only
[  124.299630][  T150] block nbd3: Attempted send on invalid socket
[  124.307432][  T150] blk_update_request: I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  125.008715][ T4637] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  125.075423][ T4637] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  125.216368][ T4834] hub 8-0:1.0: USB hub found
[  125.222956][ T4834] hub 8-0:1.0: 1 port detected
[  126.600714][ T4637] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.695018][ T4853] loop0: detected capacity change from 0 to 128
[  126.736060][ T1265] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  126.755774][ T1265] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  127.064301][ T4853] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  127.366890][ T4853] ext4 filesystem being mounted at /28/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  127.517597][ T4637] 8021q: adding VLAN 0 to HW filter on device team0
[  127.566022][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  127.575641][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  127.584103][ T4266] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.591212][ T4266] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.608222][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  127.619705][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  127.628982][ T4266] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.636161][ T4266] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.643957][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  127.654095][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  127.663337][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  127.672477][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  127.685505][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  127.694278][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  127.703734][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  127.712345][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  127.720991][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  127.729580][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  128.596376][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  128.604463][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  130.237457][ T4885] loop0: detected capacity change from 0 to 512
[  130.621679][ T4893] befs: (nbd4): No write support. Marking filesystem read-only
[  130.630813][ T1091] block nbd4: Attempted send on invalid socket
[  130.637372][ T1091] blk_update_request: I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.384946][ T1265] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  131.512515][ T1265] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  131.571471][ T4637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  131.883997][ T4902] device syzkaller0 entered promiscuous mode
[  132.015953][ T4919] sctp: [Deprecated]: syz.2.133 (pid 4919) Use of struct sctp_assoc_value in delayed_ack socket option.
[  132.015953][ T4919] Use struct sctp_sack_info instead
[  132.670447][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  133.099578][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  133.123366][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  133.206929][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  133.220097][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  133.968047][ T4637] device veth0_vlan entered promiscuous mode
[  133.983391][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  133.992811][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  134.000381][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  134.034695][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  134.049189][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  134.069842][ T4637] device veth1_vlan entered promiscuous mode
[  134.098112][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  134.107756][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  134.119724][ T4637] device veth0_macvtap entered promiscuous mode
[  134.129991][ T4957] loop4: detected capacity change from 0 to 1024
[  134.182527][ T4637] device veth1_macvtap entered promiscuous mode
[  134.470079][ T4637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.480673][ T4637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.490646][ T4637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.501107][ T4637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.567821][ T4970] befs: (nbd0): No write support. Marking filesystem read-only
[  134.576763][  T150] block nbd0: Attempted send on invalid socket
[  134.583018][  T150] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  134.973515][   T26] audit: type=1800 audit(1774330082.192:3): pid=4971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.141" name="file1" dev="loop4" ino=2 res=0 errno=0
[  135.028958][ T4637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.029019][ T4637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.029032][ T4637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.029046][ T4637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.030648][ T4637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  135.033165][ T4637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.033184][ T4637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.033194][ T4637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.033208][ T4637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.033218][ T4637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.033231][ T4637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.033240][ T4637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  135.033253][ T4637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.034352][ T4637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  135.037248][ T4637] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  135.037324][ T4637] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  135.037354][ T4637] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.037382][ T4637] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.231097][ T4973] loop3: detected capacity change from 0 to 512
[  135.275229][ T4964] loop2: detected capacity change from 0 to 2048
[  135.436907][ T4977] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  135.859558][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  135.890107][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  135.899047][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  135.908228][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  135.918572][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  135.927615][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  136.995627][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.003503][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.173908][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  137.272404][ T4264] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.391046][ T4264] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.642199][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  138.199243][ T5018] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  138.208751][ T5018] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  138.216252][ T5018] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  138.238272][ T5018] device bridge1 left promiscuous mode
[  138.323837][ T5016] device syzkaller0 entered promiscuous mode
[  138.982706][ T5029] loop2: detected capacity change from 0 to 1024
[  139.385054][   T26] audit: type=1800 audit(1774330086.602:4): pid=5038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.155" name="file1" dev="loop2" ino=2 res=0 errno=0
[  139.482683][ T5037] loop4: detected capacity change from 0 to 2048
[  140.664236][ T5040] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  141.300824][ T4194] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  141.352091][ T5045] loop2: detected capacity change from 0 to 512
[  142.456430][ T5059] loop0: detected capacity change from 0 to 512
[  142.505969][ T5059] EXT4-fs (loop0): Ignoring removed nobh option
[  142.512344][ T5059] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  142.617129][ T5059] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  142.631241][ T5059] EXT4-fs (loop0): 1 truncate cleaned up
[  142.637502][ T5059] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nobh,debug_want_extra_isize=0x0000000000000068,mb_optimize_scan=0x0000000000000001,max_batch_time=0x0000000000000007,dioread_lock,. Quota mode: none.
[  142.658170][ T4194] Remounting filesystem read-only
[  142.664831][ T4194] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[  143.963871][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  143.973588][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  143.981819][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  144.206563][ T4545] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.235946][ T5098] loop5: detected capacity change from 0 to 1024
[  144.248638][ T5042] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  144.292666][ T4545] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.675755][   T26] audit: type=1800 audit(1774330091.892:5): pid=5105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.168" name="file1" dev="loop5" ino=2 res=0 errno=0
[  145.239505][ T4545] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.297000][ T5116] loop0: detected capacity change from 0 to 4096
[  146.431638][ T4545] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.526866][ T5116] EXT4-fs (loop0): mounted filesystem without journal. Opts: nolazytime,barrier=0x0000000000000000,,errors=continue. Quota mode: writeback.
[  146.842050][ T5127] tipc: Started in network mode
[  147.918350][    T7] Bluetooth: hci4: command 0x0406 tx timeout
[  148.204618][ T5127] tipc: Node identity 7aed26e18ea, cluster identity 4711
[  148.266392][ T5127] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  148.330235][ T5135] device syzkaller0 entered promiscuous mode
[  148.485015][ T5136] tipc: Resetting bearer <eth:syzkaller0>
[  148.552674][ T5124] tipc: Resetting bearer <eth:syzkaller0>
[  148.586541][ T5124] tipc: Disabling bearer <eth:syzkaller0>
[  148.692091][ T5140] device syzkaller0 entered promiscuous mode
[  148.794982][ T5148] loop2: detected capacity change from 0 to 512
[  148.837399][ T5148] =======================================================
[  148.837399][ T5148] WARNING: The mand mount option has been deprecated and
[  148.837399][ T5148]          and is ignored by this kernel. Remove the mand
[  148.837399][ T5148]          option from the mount to silence this warning.
[  148.837399][ T5148] =======================================================
[  148.872295][    C0] vkms_vblank_simulate: vblank timer overrun
[  149.421315][ T5154] loop3: detected capacity change from 0 to 1024
[  149.512499][ T5148] EXT4-fs (loop2): Ignoring removed nobh option
[  149.663183][ T5148] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  149.869829][ T5148] EXT4-fs (loop2): mounted filesystem without journal. Opts: nouid32,nobh,user_xattr,nodiscard,mblk_io_submit,,errors=continue. Quota mode: writeback.
[  149.956549][   T26] audit: type=1800 audit(1774330097.172:6): pid=5162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.182" name="file1" dev="loop3" ino=2 res=0 errno=0
[  150.399005][ T5148] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.448698][    T7] Bluetooth: hci3: command 0x0409 tx timeout
[  151.672558][ T5182] loop5: detected capacity change from 0 to 2048
[  151.972048][ T5141] chnl_net:caif_netlink_parms(): no params data found
[  152.547685][ T5196] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  152.890933][ T5141] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.917092][ T5141] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.957101][ T5141] device bridge_slave_0 entered promiscuous mode
[  153.090696][ T5141] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.107778][ T5141] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.172503][ T5141] device bridge_slave_1 entered promiscuous mode
[  153.439713][ T5141] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.507595][ T5141] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.525862][   T21] Bluetooth: hci3: command 0x041b tx timeout
[  153.680602][ T5141] team0: Port device team_slave_0 added
[  153.737762][ T5141] team0: Port device team_slave_1 added
[  153.751559][ T4545] device hsr_slave_0 left promiscuous mode
[  153.778549][ T4545] device hsr_slave_1 left promiscuous mode
[  153.797654][ T4545] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  153.818086][ T4545] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.845514][ T4545] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  153.865510][ T4545] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.927661][ T5210] loop0: detected capacity change from 0 to 256
[  153.942628][ T4545] device bridge_slave_1 left promiscuous mode
[  153.951168][ T4545] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.975277][ T5210] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  153.988813][ T4545] device bridge_slave_0 left promiscuous mode
[  153.997210][ T4545] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.019748][ T4545] rdma_rxe: ignoring netdev event = 10 for bond_slave_1
[  154.027001][ T5210] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  154.075958][ T5210] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  154.114946][ T4545] device veth1_macvtap left promiscuous mode
[  154.131699][ T4545] device veth0_macvtap left promiscuous mode
[  154.180030][ T4545] device veth1_vlan left promiscuous mode
[  154.201891][ T4545] device veth0_vlan left promiscuous mode
[  154.507726][ T4545] infiniband syz1: set down
[  155.605622][ T4229] Bluetooth: hci3: command 0x040f tx timeout
[  155.645865][ T4545] team0 (unregistering): Port device team_slave_1 removed
[  155.990149][ T4545] team0 (unregistering): Port device team_slave_0 removed
[  156.256664][ T4545] rdma_rxe: ignoring netdev event = 27 for bond_slave_1
[  156.279924][ T4545] rdma_rxe: ignoring netdev event = 26 for bond_slave_1
[  156.359405][ T4545] rdma_rxe: ignoring netdev event = 21 for bond_slave_1
[  156.366670][ T4545] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.376575][ T4545] rdma_rxe: ignoring netdev event = 9 for bond_slave_1
[  156.383583][ T4545] rdma_rxe: ignoring netdev event = 8 for bond_slave_1
[  156.393510][ T4264] smc: removing ib device syz1
[  156.401244][ T4545] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.495142][ T4545] bond0 (unregistering): (slave team0): Releasing backup interface
[  156.519325][ T4545] bond0 (unregistering): Released all slaves
[  156.604112][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  156.614285][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  156.622258][ T5223] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  156.732624][ T5141] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.770729][ T5141] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.802693][ T5141] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.817958][ T5141] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.824960][ T5141] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.855355][ T5141] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.947584][ T5141] device hsr_slave_0 entered promiscuous mode
[  156.954566][ T5141] device hsr_slave_1 entered promiscuous mode
[  156.968262][ T5141] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  156.985103][ T5141] Cannot create hsr debugfs directory
[  157.244744][ T5141] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  157.278008][ T5141] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  157.302905][ T5141] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  157.326102][ T5141] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  157.433148][ T5141] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.470201][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  157.490155][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  157.509128][ T5141] 8021q: adding VLAN 0 to HW filter on device team0
[  157.530944][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  157.547855][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  157.562960][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.570118][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.602965][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  157.617340][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  157.637133][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  157.653105][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.660230][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.676054][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  157.686016][   T21] Bluetooth: hci3: command 0x0419 tx timeout
[  157.705779][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  157.742739][ T5141] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  157.753272][ T5141] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  157.786278][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  157.798461][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  157.807907][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  157.817245][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  157.826065][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  157.846524][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  157.855470][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  157.863996][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  157.897728][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  157.924133][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  158.116359][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  158.123816][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  158.138077][ T5141] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.462026][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  158.471334][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  158.506252][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  158.514872][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  158.531645][ T5141] device veth0_vlan entered promiscuous mode
[  158.539950][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  158.553329][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  158.568598][ T5141] device veth1_vlan entered promiscuous mode
[  158.590392][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  158.600791][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  158.625977][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  158.645593][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  158.658628][ T5141] device veth0_macvtap entered promiscuous mode
[  158.672740][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  158.703538][ T5141] device veth1_macvtap entered promiscuous mode
[  158.772388][ T5141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.789397][ T5141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.800791][ T5141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.818161][ T5141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.833758][ T5141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.851086][ T5141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.861170][ T5141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.876990][ T5141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.893251][ T5141] batman_adv: batadv0: Interface activated: batadv_slave_0
[  158.908912][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  158.918736][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  158.941247][ T5141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.956386][ T5141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.967527][ T5141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.978351][ T5141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.988481][ T5141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.999485][ T5141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.009779][ T5141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.020496][ T5141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.034156][ T5141] batman_adv: batadv0: Interface activated: batadv_slave_1
[  159.044675][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  159.056196][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  159.069765][ T5141] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.079650][ T5141] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.093421][ T5141] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  159.104106][ T5141] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  159.204531][ T4264] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.224111][ T4264] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.244796][ T4266] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  159.277243][ T4266] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.291753][ T4266] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.312745][ T4264] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  160.088625][ T5300] sctp: [Deprecated]: syz.5.205 (pid 5300) Use of struct sctp_assoc_value in delayed_ack socket option.
[  160.088625][ T5300] Use struct sctp_sack_info instead
[  161.943878][ T5339] loop0: detected capacity change from 0 to 40427
[  162.298264][ T5339] F2FS-fs (loop0): invalid crc value
[  162.421705][ T5339] F2FS-fs (loop0): Found nat_bits in checkpoint
[  162.509688][ T5339] F2FS-fs (loop0): Start checkpoint disabled!
[  162.848841][ T5349] loop6: detected capacity change from 0 to 1024
[  162.861285][ T5339] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  163.441894][   T26] audit: type=1800 audit(1774330110.662:7): pid=5358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.194" name="file1" dev="loop6" ino=2 res=0 errno=0
[  164.001850][   T26] audit: type=1800 audit(1774330111.222:8): pid=5364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.209" name="bus" dev="loop0" ino=10 res=0 errno=0
[  164.921454][ T4545] attempt to access beyond end of device
[  164.921454][ T4545] loop0: rw=2049, want=40976, limit=40427
[  165.227602][ T5381] tipc: Started in network mode
[  165.232623][ T5381] tipc: Node identity e6f2b12bcfc6, cluster identity 4711
[  165.285243][ T5381] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  165.295553][ T5384] device syzkaller0 entered promiscuous mode
[  165.364093][ T5381] tipc: Resetting bearer <eth:syzkaller0>
[  165.410157][ T5380] tipc: Resetting bearer <eth:syzkaller0>
[  165.457560][ T5380] tipc: Disabling bearer <eth:syzkaller0>
[  165.634893][ T5388] device syzkaller0 entered promiscuous mode
[  165.658002][ T5392] device syzkaller0 entered promiscuous mode
[  166.038968][ T5405] device syzkaller0 entered promiscuous mode
[  166.157619][ T5410] loop5: detected capacity change from 0 to 512
[  166.209595][ T5410] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  166.246513][ T5410] EXT4-fs error (device loop5): ext4_init_orphan_info:621: comm syz.5.215: orphan file block 0: bad magic
[  166.263194][ T5410] EXT4-fs (loop5): mount failed
[  166.339587][ T5407] loop6: detected capacity change from 0 to 8192
[  166.437773][ T5413] device syzkaller0 entered promiscuous mode
[  167.040962][ T5426] process 'syz.6.214' launched './file2' with NULL argv: empty string added
[  167.134517][ T5426] attempt to access beyond end of device
[  167.134517][ T5426] loop6: rw=0, want=57848, limit=8192
[  167.170418][ T5426] Buffer I/O error on dev loop6, logical block 57847, async page read
[  167.356911][ T5426] attempt to access beyond end of device
[  167.356911][ T5426] loop6: rw=0, want=57848, limit=8192
[  167.384489][ T5426] Buffer I/O error on dev loop6, logical block 57847, async page read
[  168.125747][   T26] audit: type=1800 audit(1774330115.332:9): pid=5426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.214" name="file2" dev="loop6" ino=1048600 res=0 errno=0
[  168.254656][ T5440] loop3: detected capacity change from 0 to 128
[  168.436061][ T5440] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  168.452045][ T5440] ext4 filesystem being mounted at /45/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  168.483943][    C0] vkms_vblank_simulate: vblank timer overrun
[  169.494144][ T5461] loop6: detected capacity change from 0 to 512
[  169.662805][ T5459] device syzkaller0 entered promiscuous mode
[  170.292832][ T5461] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.225: invalid indirect mapped block 256 (level 2)
[  170.428132][ T5461] EXT4-fs (loop6): 2 truncates cleaned up
[  170.447670][ T5461] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpid,auto_da_alloc,lazytime,journal_dev=0x0000000000000006,,errors=continue. Quota mode: writeback.
[  172.117617][ T5481] loop3: detected capacity change from 0 to 32768
[  172.351886][ T5481] XFS (loop3): Mounting V5 Filesystem
[  173.934468][ T5506] device syzkaller0 entered promiscuous mode
[  173.949038][ T5481] XFS (loop3): Ending clean mount
[  173.967919][ T5481] XFS (loop3): Quotacheck needed: Please wait.
[  173.996591][ T5506] tc action pedit offset must be on 32 bit boundaries
[  174.197682][ T5481] XFS (loop3): Quotacheck: Done.
[  174.380401][ T5513] loop6: detected capacity change from 0 to 16
[  174.985911][ T5513] erofs: (device loop6): mounted with root inode @ nid 36.
[  174.988688][ T4192] XFS (loop3): Unmounting Filesystem
[  175.010212][ T5511] attempt to access beyond end of device
[  175.010212][ T5511] loop6: rw=524288, want=1072, limit=16
[  175.027684][ T4196] erofs: (device loop6): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[9000]
[  175.058842][ T5511] erofs: (device loop6): z_erofs_readahead: readahead error at page 4 @ nid 89
[  175.069066][ T5511] attempt to access beyond end of device
[  175.069066][ T5511] loop6: rw=524288, want=56, limit=16
[  175.080390][ T5511] erofs: (device loop6): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  175.101715][   T26] audit: type=1800 audit(1774330122.322:10): pid=5511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.233" name="file2" dev="loop6" ino=89 res=0 errno=0
[  175.122508][ T5511] erofs: (device loop6): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  175.144319][ T5511] erofs: (device loop6): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  175.627433][ T5526] loop2: detected capacity change from 0 to 128
[  176.733311][ T5526] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  176.760138][ T5526] ext4 filesystem being mounted at /51/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  176.792153][    C0] vkms_vblank_simulate: vblank timer overrun
[  177.116772][ T5543] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  177.165805][ T5547] loop3: detected capacity change from 0 to 1024
[  177.190970][ T5549] loop0: detected capacity change from 0 to 512
[  177.210347][ T5543] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  177.497521][ T5549] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  177.551407][ T5543] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  177.766679][ T5549] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  177.829320][ T5549] EXT4-fs (loop0): 1 truncate cleaned up
[  177.835014][ T5549] EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,stripe=0x00000000000000dc,nomblk_io_submit,noload,abort,auto_da_alloc,,errors=continue. Quota mode: none.
[  177.907780][   T26] audit: type=1800 audit(1774330125.122:11): pid=5554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.234" name="file1" dev="loop3" ino=2 res=0 errno=0
[  178.891488][ T5559] tipc: Started in network mode
[  178.967157][ T5559] tipc: Node identity 56e298495c35, cluster identity 4711
[  178.977444][ T5562] loop5: detected capacity change from 0 to 256
[  178.984067][ T5559] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  178.991304][ T5560] device syzkaller0 entered promiscuous mode
[  179.031860][ T5564] loop2: detected capacity change from 0 to 2048
[  179.079803][ T5559] tipc: Resetting bearer <eth:syzkaller0>
[  179.147965][ T5557] tipc: Resetting bearer <eth:syzkaller0>
[  179.177651][ T5557] tipc: Disabling bearer <eth:syzkaller0>
[  179.192030][ T5564] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  180.351728][ T5575] loop0: detected capacity change from 0 to 8192
[  180.768970][ T5591] attempt to access beyond end of device
[  180.768970][ T5591] loop0: rw=0, want=57848, limit=8192
[  180.780108][ T5591] Buffer I/O error on dev loop0, logical block 57847, async page read
[  181.874026][ T5600] loop2: detected capacity change from 0 to 40427
[  182.071190][ T5600] F2FS-fs (loop2): invalid crc value
[  182.507112][ T5600] F2FS-fs (loop2): Found nat_bits in checkpoint
[  182.556609][ T5600] F2FS-fs (loop2): Start checkpoint disabled!
[  182.935257][ T5600] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  183.771023][ T5619] netlink: 'syz.0.252': attribute type 4 has an invalid length.
[  183.875957][   T26] audit: type=1800 audit(1774330131.102:12): pid=5623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.250" name="bus" dev="loop2" ino=10 res=0 errno=0
[  184.088974][ T5622] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  184.441591][ T5635] loop0: detected capacity change from 0 to 256
[  184.476660][ T5634] loop6: detected capacity change from 0 to 2048
[  184.624220][  T144] attempt to access beyond end of device
[  184.624220][  T144] loop2: rw=2049, want=40976, limit=40427
[  185.580892][ T5634] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  185.647974][ T5634] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.024650][ T5654] device bridge1 entered promiscuous mode
[  186.035809][   T21] Bluetooth: hci0: command 0x0406 tx timeout
[  186.043144][   T21] Bluetooth: hci2: command 0x0406 tx timeout
[  186.075855][   T21] Bluetooth: hci1: command 0x0406 tx timeout
[  186.406146][ T5666] 8021q: VLANs not supported on ip6gre0
[  188.385063][ T5693] Unknown metaid 0 dlen 28
[  188.817445][ T5703] loop5: detected capacity change from 0 to 40427
[  189.048354][ T5709] sctp: [Deprecated]: syz.0.269 (pid 5709) Use of struct sctp_assoc_value in delayed_ack socket option.
[  189.048354][ T5709] Use struct sctp_sack_info instead
[  189.157072][ T5703] F2FS-fs (loop5): invalid crc value
[  189.192737][ T5703] F2FS-fs (loop5): Found nat_bits in checkpoint
[  189.235755][ T5703] F2FS-fs (loop5): Start checkpoint disabled!
[  189.260547][ T5703] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  189.507821][   T26] audit: type=1800 audit(1774330136.732:13): pid=5718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.268" name="bus" dev="loop5" ino=10 res=0 errno=0
[  190.387928][ T4545] attempt to access beyond end of device
[  190.387928][ T4545] loop5: rw=2049, want=40976, limit=40427
[  190.882815][ T5743] 8021q: VLANs not supported on ip6gre0
[  191.008713][ T5746] loop3: detected capacity change from 0 to 1024
[  191.089332][ T5746] hfsplus: b-tree write err: -5, ino 3
[  191.358577][ T4617] hfsplus: b-tree write err: -5, ino 3
[  194.102684][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  194.957631][ T5785] sctp: [Deprecated]: syz.0.284 (pid 5785) Use of struct sctp_assoc_value in delayed_ack socket option.
[  194.957631][ T5785] Use struct sctp_sack_info instead
[  195.734339][ T5777] loop2: detected capacity change from 0 to 2048
[  196.048435][ T5790] loop0: detected capacity change from 0 to 32768
[  196.138248][ T5790] ea_get: extended attribute size too large: 2617245744 > INT_MAX
[  196.156339][ T5790] ea_get: extended attribute size too large: 2617245744 > INT_MAX
[  196.448679][ T5777] EXT4-fs: error -4 creating inode table initialization thread
[  196.647857][ T5777] EXT4-fs (loop2): mount failed
[  197.104013][ T5806] overlayfs: missing 'workdir'
[  197.376903][ T5807] 8021q: VLANs not supported on ip6tnl0
[  197.700973][ T5818] loop2: detected capacity change from 0 to 512
[  197.761806][ T5818] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  197.804283][ T5818] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  197.915988][ T5818] EXT4-fs (loop2): 1 truncate cleaned up
[  197.921667][ T5818] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,stripe=0x00000000000000dc,nomblk_io_submit,noload,abort,auto_da_alloc,,errors=continue. Quota mode: none.
[  200.048416][ T5845] loop5: detected capacity change from 0 to 256
[  201.068729][ T5858] device syzkaller0 entered promiscuous mode
[  201.308998][ T5864] device syzkaller0 entered promiscuous mode
[  201.532278][ T5868] 8021q: VLANs not supported on ip6gre0
[  201.627692][ T5870] loop2: detected capacity change from 0 to 1024
[  201.849881][ T5881] loop3: detected capacity change from 0 to 16
[  202.644735][ T4605] hfsplus: b-tree write err: -5, ino 25
[  202.652630][ T4605] hfsplus: b-tree write err: -5, ino 4
[  202.671446][ T5881] erofs: (device loop3): mounted with root inode @ nid 36.
[  202.702994][ T5879] attempt to access beyond end of device
[  202.702994][ T5879] loop3: rw=524288, want=1072, limit=16
[  202.716777][ T4200] erofs: (device loop3): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[9000]
[  202.740644][ T5879] erofs: (device loop3): z_erofs_readahead: readahead error at page 4 @ nid 89
[  202.749736][ T5879] attempt to access beyond end of device
[  202.749736][ T5879] loop3: rw=524288, want=56, limit=16
[  202.753758][ T4605] hfsplus: b-tree write err: -5, ino 2
[  202.762475][ T5879] erofs: (device loop3): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  202.787562][   T26] audit: type=1800 audit(1774330150.012:14): pid=5879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.302" name="file2" dev="loop3" ino=89 res=0 errno=0
[  202.823101][ T5879] erofs: (device loop3): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  202.846005][ T5879] erofs: (device loop3): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  202.890133][ T4605] hfsplus: b-tree write err: -5, ino 26
[  203.172031][ T5892] vivid-001: disconnect
[  203.822583][ T5885] vivid-001: reconnect
[  203.948539][ T5899] loop5: detected capacity change from 0 to 2048
[  204.142562][ T5900] loop3: detected capacity change from 0 to 2048
[  204.177936][ T5899] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  204.212638][ T5904] sctp: [Deprecated]: syz.2.304 (pid 5904) Use of struct sctp_assoc_value in delayed_ack socket option.
[  204.212638][ T5904] Use struct sctp_sack_info instead
[  205.092577][ T5912] mmap: syz.5.307 (5912) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  205.452871][ T5900] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  205.470313][ T5910] loop0: detected capacity change from 0 to 512
[  205.515301][ T5900] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.559869][ T5910] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  205.700831][ T5919] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  205.716165][ T5919] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  205.724269][ T5919] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  205.782708][ T5919] device bridge1 left promiscuous mode
[  205.854083][ T5910] EXT4-fs (loop0): 1 truncate cleaned up
[  205.888567][ T5910] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none.
[  206.174618][ T5898] device bridge2 entered promiscuous mode
[  206.496735][ T5915] loop2: detected capacity change from 0 to 4096
[  206.776054][ T5915] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  208.166790][ T4190] ntfs3: loop2: ntfs_sync_fs r=1a failed, -22.
[  208.187174][ T4190] ntfs3: loop2: ntfs_evict_inode r=1a failed, -22.
[  208.352162][ T4190] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  208.531812][ T5939] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  209.291412][ T5945] 8021q: VLANs not supported on ip6gre0
[  209.588124][ T5954] qnx4: no qnx4 filesystem (no root dir).
[  210.920207][ T5974] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  210.928618][ T5974] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  210.937196][ T5974] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  213.956781][ T6005] batman_adv: batadv0: Adding interface: vxlan0
[  213.963270][ T6005] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.989499][ T6005] batman_adv: batadv0: Not using interface vxlan0 (retrying later): interface not active
[  215.194193][ T6015] loop3: detected capacity change from 0 to 4096
[  215.944096][ T6016] loop2: detected capacity change from 0 to 8192
[  215.959354][ T6015] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  216.425730][ T6035] attempt to access beyond end of device
[  216.425730][ T6035] loop2: rw=0, want=57848, limit=8192
[  216.436742][ T6035] Buffer I/O error on dev loop2, logical block 57847, async page read
[  217.420630][ T4192] ntfs3: loop3: ntfs_sync_fs r=1a failed, -22.
[  217.463983][ T6035] attempt to access beyond end of device
[  217.463983][ T6035] loop2: rw=0, want=57848, limit=8192
[  217.487855][ T4192] ntfs3: loop3: ntfs_evict_inode r=1a failed, -22.
[  217.549593][ T6035] Buffer I/O error on dev loop2, logical block 57847, async page read
[  217.558637][   T26] audit: type=1800 audit(1774330164.782:15): pid=6035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.325" name="file2" dev="loop2" ino=1048620 res=0 errno=0
[  217.660508][ T4192] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  218.185718][ T6047] loop3: detected capacity change from 0 to 1024
[  218.442062][ T6045] loop0: detected capacity change from 0 to 8192
[  218.602513][   T26] audit: type=1800 audit(1774330165.822:16): pid=6054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.329" name="file1" dev="loop3" ino=2 res=0 errno=0
[  219.644821][ T6063] FAT-fs (loop0): error, clusters badly computed (2 != 1)
[  219.652494][ T6063] FAT-fs (loop0): Filesystem has been set read-only
[  219.707781][ T6062] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  219.744911][ T6062] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  219.754698][ T6062] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  222.710297][ T6093] 8021q: VLANs not supported on ip6gre0
[  223.336225][ T6099] device syzkaller0 entered promiscuous mode
[  223.429963][ T6098] loop3: detected capacity change from 0 to 2048
[  223.470447][ T6103] IPVS: length: 153 != 24
[  223.580519][ T6098] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  225.315120][ T6122] loop6: detected capacity change from 0 to 32768
[  226.049727][ T6122] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 scanned by syz.6.348 (6122)
[  226.128219][ T6122] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  226.137415][ T6122] BTRFS info (device loop6): setting nodatacow, compression disabled
[  226.145677][ T6122] BTRFS info (device loop6): force clearing of disk cache
[  226.152866][ T6122] BTRFS info (device loop6): turning on sync discard
[  226.159673][ T6122] BTRFS info (device loop6): turning off barriers
[  226.166181][ T6122] BTRFS info (device loop6): use no compression
[  226.172489][ T6122] BTRFS info (device loop6): disabling free space tree
[  226.179414][ T6122] BTRFS info (device loop6): enabling ssd optimizations
[  226.186515][ T6122] BTRFS info (device loop6): using spread ssd allocation scheme
[  226.194205][ T6122] BTRFS info (device loop6): not using ssd optimizations
[  226.201298][ T6122] BTRFS info (device loop6): not using spread ssd allocation scheme
[  226.209778][ T6122] BTRFS info (device loop6): has skinny extents
[  226.399850][ T6139] loop3: detected capacity change from 0 to 2048
[  227.800987][ T6139] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  227.821352][ T6162] 8021q: VLANs not supported on ip6gre0
[  229.029938][ T6122] BTRFS error (device loop6): open_ctree failed: -12
[  231.337113][ T6200] loop2: detected capacity change from 0 to 512
[  231.507436][ T6200] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  231.707307][ T6204] sctp: [Deprecated]: syz.3.361 (pid 6204) Use of struct sctp_assoc_value in delayed_ack socket option.
[  231.707307][ T6204] Use struct sctp_sack_info instead
[  232.222237][ T6200] EXT4-fs (loop2): 1 truncate cleaned up
[  232.262866][ T6200] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none.
[  235.431290][ T6242] 8021q: VLANs not supported on ip6gre0
[  235.597211][ T6246] loop5: detected capacity change from 0 to 4096
[  235.822353][ T6246] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  236.043273][ T6246] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  236.229789][ T6246] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  236.344186][ T6246] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  236.475186][ T6246] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  236.511363][ T6246] ntfs: volume version 3.1.
[  236.518091][ T6246] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  236.536269][ T6246] ntfs: (device loop5): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  236.599256][ T6246] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  236.610747][ T6246] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  236.632569][ T6246] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  237.849495][ T6258] loop6: detected capacity change from 0 to 512
[  238.667576][ T6258] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  238.700166][ T6258] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c028, mo2=0002]
[  238.709038][ T6258] System zones: 1-12
[  238.715777][ T6258] EXT4-fs (loop6): 1 truncate cleaned up
[  238.721452][ T6258] EXT4-fs (loop6): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug,block_validity,errors=remount-ro,debug,. Quota mode: none.
[  239.861430][ T6272] loop0: detected capacity change from 0 to 2048
[  240.265246][ T6290] sctp: [Deprecated]: syz.5.381 (pid 6290) Use of struct sctp_assoc_value in delayed_ack socket option.
[  240.265246][ T6290] Use struct sctp_sack_info instead
[  240.624921][ T6285] loop3: detected capacity change from 0 to 1024
[  240.667178][ T6272] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  240.729140][ T6283] loop2: detected capacity change from 0 to 2048
[  240.753536][ T6272] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.058193][ T6283] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  242.184454][ T4617] hfsplus: b-tree write err: -5, ino 25
[  242.190360][ T4617] hfsplus: b-tree write err: -5, ino 4
[  242.232851][ T6283] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.261488][ T4617] hfsplus: b-tree write err: -5, ino 2
[  242.328871][ T4617] hfsplus: b-tree write err: -5, ino 26
[  242.700255][ T6312] device bridge1 entered promiscuous mode
[  243.518785][ T6302] loop6: detected capacity change from 0 to 8192
[  244.805309][ T6330] FAT-fs (loop6): error, clusters badly computed (2 != 1)
[  244.812792][ T6330] FAT-fs (loop6): Filesystem has been set read-only
[  250.463226][ T6345] loop2: detected capacity change from 0 to 64
[  250.557694][ T6348] binder: 6347:6348 ioctl 4018620d 0 returned -22
[  251.230455][ T6359] sctp: [Deprecated]: syz.3.393 (pid 6359) Use of struct sctp_assoc_value in delayed_ack socket option.
[  251.230455][ T6359] Use struct sctp_sack_info instead
[  252.153367][ T6375] Malformed UNC in devname
[  252.153367][ T6375] 
[  252.160542][ T6375] CIFS: VFS: Malformed UNC in devname
[  252.948116][ T6379] netlink: 8 bytes leftover after parsing attributes in process `syz.2.397'.
[  254.545814][ T6407] loop2: detected capacity change from 0 to 1024
[  255.702836][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  256.537101][ T6412] loop5: detected capacity change from 0 to 8192
[  257.305608][ T6427] FAT-fs (loop5): error, clusters badly computed (2 != 1)
[  257.312846][ T6427] FAT-fs (loop5): Filesystem has been set read-only
[  257.705996][ T6431] loop3: detected capacity change from 0 to 512
[  257.883229][ T6432] loop6: detected capacity change from 0 to 32768
[  257.917885][ T6431] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  257.978789][ T6431] EXT4-fs (loop3): 1 truncate cleaned up
[  258.019975][ T6432] XFS (loop6): Mounting V5 Filesystem
[  258.025282][ T6431] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none.
[  258.047840][    C0] vkms_vblank_simulate: vblank timer overrun
[  258.057084][ T6445] binder: 6444:6445 ioctl 4018620d 0 returned -22
[  258.383957][ T6432] XFS (loop6): Ending clean mount
[  258.397694][ T6432] XFS (loop6): Quotacheck needed: Please wait.
[  259.078563][ T6432] XFS (loop6): Quotacheck: Done.
[  259.959089][ T5141] XFS (loop6): Unmounting Filesystem
[  260.309377][ T6472] loop0: detected capacity change from 0 to 64
[  260.969677][ T6475] loop5: detected capacity change from 0 to 1024
[  261.728607][ T6475] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  261.808574][ T6487] loop3: detected capacity change from 0 to 128
[  264.971970][ T6511] binder: 6510:6511 ioctl 4018620d 0 returned -22
[  266.538159][ T6520] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  267.477827][ T6528] loop5: detected capacity change from 0 to 512
[  267.598296][ T6525] syz.0.433 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  267.952354][ T6528] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  268.023823][ T6528] EXT4-fs (loop5): 1 truncate cleaned up
[  268.173168][ T6528] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none.
[  269.612145][ T6542] orangefs_mount: mount request failed with -4
[  272.320486][ T6576] loop3: detected capacity change from 0 to 1024
[  272.889140][ T6589] loop5: detected capacity change from 0 to 512
[  273.138456][ T1326] Bluetooth: hci3: command 0x0406 tx timeout
[  273.274622][ T6589] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  273.435145][ T6589] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  274.061855][ T6589] EXT4-fs (loop5): 1 truncate cleaned up
[  274.091594][ T6589] EXT4-fs (loop5): mounted filesystem without journal. Opts: noload,stripe=0x00000000000000dc,nomblk_io_submit,noload,abort,auto_da_alloc,,errors=continue. Quota mode: none.
[  276.515728][ T6619] loop2: detected capacity change from 0 to 512
[  276.663898][ T6619] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  277.953386][ T6619] EXT4-fs (loop2): 1 truncate cleaned up
[  277.974132][ T6619] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none.
[  282.777148][ T6679] loop6: detected capacity change from 0 to 1024
[  285.573359][ T6699] loop2: detected capacity change from 0 to 2048
[  285.685638][ T4256] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  285.874083][ T6699] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  285.941259][ T6699] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.207050][ T4256] usb 7-1: Using ep0 maxpacket: 8
[  287.234271][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.3.453'.
[  287.385306][ T4256] usb 7-1: config 0 has an invalid interface number: 122 but max is 0
[  287.447319][ T4256] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  288.682451][ T4256] usb 7-1: config 0 has no interface number 0
[  288.690416][ T4256] usb 7-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  288.702877][ T4256] usb 7-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  288.713229][ T4256] usb 7-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  288.723436][ T4256] usb 7-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  288.733765][ T4256] usb 7-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  288.925252][ T4256] usb 7-1: string descriptor 0 read error: -71
[  288.933444][ T4256] usb 7-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  288.985608][ T4256] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.029923][ T4256] usb 7-1: config 0 descriptor??
[  289.225760][ T4256] usb 7-1: can't set config #0, error -71
[  290.206025][ T4256] usb 7-1: USB disconnect, device number 2
[  291.905323][ T4270] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  292.443009][ T6765] device syzkaller0 entered promiscuous mode
[  293.375928][ T6765] 0: reclassify loop, rule prio 0, protocol 800
[  294.250089][ T6788] syz.6.476 uses obsolete (PF_INET,SOCK_PACKET)
[  294.677359][ T6801] 8021q: VLANs not supported on ip6gre0
[  298.175918][ T6840] 9pnet_virtio: no channels available for device 
[  300.165543][ T6854] binfmt_misc: Unknown parameter 'trans'
[  301.169600][ T6836] syz.2.484 (6836) used greatest stack depth: 16752 bytes left
[  302.432086][ T6876] tipc: Enabled bearer <eth:vlan0>, priority 10
[  307.869328][ T6919] loop3: detected capacity change from 0 to 256
[  308.368705][ T6919] FAT-fs (loop3): Directory bread(block 64) failed
[  308.406525][ T6926] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  308.442113][ T6919] FAT-fs (loop3): Directory bread(block 65) failed
[  308.508426][ T6919] FAT-fs (loop3): Directory bread(block 66) failed
[  308.523584][ T6930] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  308.542093][ T6919] FAT-fs (loop3): Directory bread(block 67) failed
[  308.558965][ T6926] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  308.571873][ T6919] FAT-fs (loop3): Directory bread(block 68) failed
[  308.748182][ T6919] FAT-fs (loop3): Directory bread(block 69) failed
[  308.765408][ T6919] FAT-fs (loop3): Directory bread(block 70) failed
[  308.786099][ T6919] FAT-fs (loop3): Directory bread(block 71) failed
[  308.976893][ T6937] 9pnet_virtio: no channels available for device 127.0.0.1
[  309.716752][ T6919] FAT-fs (loop3): Directory bread(block 72) failed
[  309.753674][ T6919] FAT-fs (loop3): Directory bread(block 73) failed
[  311.246128][ T6952] loop5: detected capacity change from 0 to 2048
[  311.277744][ T6958] loop2: detected capacity change from 0 to 2048
[  312.710153][ T6965] loop3: detected capacity change from 0 to 1024
[  312.750074][ T6952] EXT4-fs: error -4 creating inode table initialization thread
[  313.046018][ T6952] EXT4-fs (loop5): mount failed
[  313.183748][ T6958] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  313.250924][ T6958] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  316.500649][ T7011] netlink: 16 bytes leftover after parsing attributes in process `syz.3.522'.
[  316.520439][ T7011] netlink: 'syz.3.522': attribute type 11 has an invalid length.
[  316.713753][ T7011] loop3: detected capacity change from 0 to 128
[  316.979222][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  317.395335][ T7011] VFS: Found a Xenix FS (block size = 512) on device loop3
[  317.617979][ T7022] sysv_free_block: trying to free block not in datazone
[  317.975166][ T4256] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  318.255137][ T4256] usb 3-1: Using ep0 maxpacket: 8
[  318.404693][ T4192] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  318.425188][ T4256] usb 3-1: config 0 has an invalid interface number: 122 but max is 0
[  318.433770][ T4256] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  320.441958][ T4256] usb 3-1: config 0 has no interface number 0
[  321.471866][ T4256] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  321.483368][ T4256] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  321.493675][ T4256] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  321.504038][ T4256] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  321.514445][ T4256] usb 3-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  321.667046][ T4256] usb 3-1: string descriptor 0 read error: -71
[  321.673436][ T4256] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  321.757575][ T7038] loop2: detected capacity change from 0 to 2048
[  321.977346][ T7038] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  322.143596][ T7038] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.353874][ T7044] loop6: detected capacity change from 0 to 1024
[  322.649449][ T4256] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.660552][ T4256] usb 3-1: config 0 descriptor??
[  322.674629][ T7032] netlink: 4 bytes leftover after parsing attributes in process `syz.5.527'.
[  322.717525][ T4256] usb 3-1: can't set config #0, error -71
[  322.725690][ T4256] usb 3-1: USB disconnect, device number 3
[  326.964484][ T7083] binfmt_misc: Unknown parameter 'trans'
[  327.482584][ T7081] syz.2.537 sent an empty control message without MSG_MORE.
[  330.076537][ T7110] Illegal XDP return value 4294967274, expect packet loss!
[  332.223423][ T7128] loop5: detected capacity change from 0 to 1024
[  336.769586][ T7142] loop2: detected capacity change from 0 to 512
[  338.344024][ T7142] EXT4-fs (loop2): Ignoring removed nobh option
[  338.523195][ T7142] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  338.829588][   T26] kauditd_printk_skb: 6 callbacks suppressed
[  338.829858][   T26] audit: type=1326 audit(1774330541.990:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.385193][   T26] audit: type=1326 audit(1774330541.990:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.407519][   T26] audit: type=1326 audit(1774330541.990:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.435180][ T7142] EXT4-fs (loop2): mounted filesystem without journal. Opts: nouid32,nobh,user_xattr,nodiscard,mblk_io_submit,,errors=continue. Quota mode: writeback.
[  339.440752][   T26] audit: type=1326 audit(1774330541.990:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.476549][   T26] audit: type=1326 audit(1774330541.990:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.498943][   T26] audit: type=1326 audit(1774330542.000:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.521408][   T26] audit: type=1326 audit(1774330542.000:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.544394][   T26] audit: type=1326 audit(1774330542.000:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.575070][   T26] audit: type=1326 audit(1774330542.000:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  339.618185][   T26] audit: type=1326 audit(1774330542.000:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7145 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9651f66799 code=0x7ffc0000
[  340.061776][ T7142] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  341.079393][ T4256] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  341.335216][ T4256] usb 4-1: Using ep0 maxpacket: 8
[  341.456079][ T4256] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  341.480670][ T4256] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.463538][ T7187] device syzkaller0 entered promiscuous mode
[  342.598231][ T4256] pvrusb2: Hardware description: Terratec Grabster AV400
[  342.608761][ T4256] pvrusb2: **********
[  342.612794][ T4256] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  342.623446][ T4256] pvrusb2: Important functionality might not be entirely working.
[  343.358510][ T4256] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  343.375443][ T4256] pvrusb2: **********
[  345.166118][ T2427] pvrusb2: Invalid write control endpoint
[  345.174124][ T4256] usb 4-1: USB disconnect, device number 2
[  345.409333][ T2427] pvrusb2: Invalid write control endpoint
[  345.437272][ T2427] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  345.502919][ T7207] virtio-fs: tag </dev/md0> not found
[  346.112296][ T7206] IPVS: rr: FWM 3 0x00000003 - no destination available
[  346.597035][ T2427] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  347.665402][ T2427] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  347.742364][ T2427] pvrusb2: Device being rendered inoperable
[  347.751683][ T2427] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  347.759732][ T2427] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  347.777880][ T2427] pvrusb2: Attached sub-driver cx25840
[  347.855966][ T7228] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  347.865922][ T7228] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  347.873413][ T7228] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  347.895512][ T7228] device bridge1 left promiscuous mode
[  348.145228][ T2427] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  348.245341][ T2427] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  348.426589][ T7233] device syzkaller0 entered promiscuous mode
[  348.680839][ T7236] loop6: detected capacity change from 0 to 2048
[  348.778217][ T7240] loop2: detected capacity change from 0 to 1024
[  348.827131][ T7236] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  348.845180][ T7236] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.856820][ T7243] 9pnet: Insufficient options for proto=fd
[  348.875552][ T7240] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[  348.885252][ T7240] EXT4-fs (loop2): Ignoring removed nobh option
[  348.893930][ T7240] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[  348.958031][ T7240] EXT4-fs error (device loop2): ext4_get_journal_inode:5185: inode #8: comm syz.2.575: inode has both inline data and extents flags
[  348.979401][ T7240] EXT4-fs (loop2): no journal found
[  351.763234][ T7251] loop5: detected capacity change from 0 to 1024
[  351.886168][ T7251] EXT4-fs (loop5): Unrecognized mount option "smackfsdef=ext2" or missing value
[  351.954482][ T4186] block device autoloading is deprecated and will be removed.
[  351.998901][ T7251] loop5: detected capacity change from 0 to 512
[  352.009969][ T7251] EXT4-fs (loop5): Mount option "nouser_xattr" will be removed by 3.5
[  352.009969][ T7251] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  352.009969][ T7251] 
[  352.015916][ T4302] block device autoloading is deprecated and will be removed.
[  352.028653][ T7251] EXT4-fs (loop5): Unrecognized mount option "euid=00000000000000000000" or missing value
[  352.375128][ T7271] "syz.2.580" (7271) uses obsolete ecb(arc4) skcipher
[  353.816535][ T7280] device syzkaller0 entered promiscuous mode
[  354.219309][ T7276] loop2: detected capacity change from 0 to 32768
[  354.682444][ T7276] JBD2: Ignoring recovery information on journal
[  354.963836][ T7288] loop5: detected capacity change from 0 to 512
[  355.166315][ T7288] EXT4-fs (loop5): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  355.937987][ T7288] ext4 filesystem being mounted at /94/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  356.084732][ T7276] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  356.106542][ T7300] loop6: detected capacity change from 0 to 2048
[  357.832918][ T7300] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  357.898337][ T4190] ocfs2: Unmounting device (7,2) on (node local)
[  357.947056][ T7300] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  358.655270][ T4256] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  359.425695][ T4256] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  359.561198][ T4256] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.698576][ T4256] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  360.949324][ T4256] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.968067][ T4256] usb 6-1: config 0 descriptor??
[  360.995170][ T4256] usb 6-1: can't set config #0, error -71
[  361.015282][ T4256] usb 6-1: USB disconnect, device number 3
[  361.037126][ T4262] udevd[4262]: setting mode of /dev/bus/usb/006/003 to 020664 failed: No such file or directory
[  361.117808][ T4262] udevd[4262]: setting owner of /dev/bus/usb/006/003 to uid=0, gid=0 failed: No such file or directory
[  361.140512][ T7326] device syzkaller0 entered promiscuous mode
[  361.588995][ T7336] loop5: detected capacity change from 0 to 128
[  368.827015][ T7382] loop2: detected capacity change from 0 to 2048
[  368.946492][ T7382] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  368.958556][ T7382] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  369.033631][ T7382] fuse: Unknown parameter 'fd00000000000000000000'
[  370.652038][ T7396] loop6: detected capacity change from 0 to 128
[  371.268009][ T7403] sctp: [Deprecated]: syz.2.614 (pid 7403) Use of struct sctp_assoc_value in delayed_ack socket option.
[  371.268009][ T7403] Use struct sctp_sack_info instead
[  372.681874][ T7396] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  372.699058][ T7396] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  373.825640][ T7406] loop2: detected capacity change from 0 to 32768
[  373.951441][ T7406] read_mapping_page failed!
[  373.956661][ T7406] ERROR: (device loop2): txCommit: 
[  373.956661][ T7406] 
[  375.502836][ T4190] ERROR: (device loop2): diFree: numfree > numinos
[  375.502836][ T4190] 
[  378.409889][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  378.661288][ T7435] binder: 7433:7435 ioctl c0306201 0 returned -14
[  379.110414][ T7440] loop5: detected capacity change from 0 to 8
[  379.262151][ T7440] SQUASHFS error: xz decompression failed, data probably corrupt
[  379.271162][ T7440] SQUASHFS error: Failed to read block 0x108: -5
[  379.277976][ T7440] SQUASHFS error: Unable to read metadata cache entry [106]
[  379.285401][ T7440] SQUASHFS error: Unable to read inode 0x11f
[  381.062599][ T7453] loop6: detected capacity change from 0 to 2048
[  381.263695][ T7453] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  381.633954][ T7461] loop5: detected capacity change from 0 to 1024
[  382.259223][ T7461] EXT4-fs (loop5): Ignoring removed orlov option
[  382.266761][ T7461] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  382.762714][ T7461] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,orlov,noauto_da_alloc,noauto_da_alloc,data_err=ignore,norecovery,dioread_nolock,grpquota,discard,user_xattr,mb_optimize_scan=0x0000000000000001,errors=remount-ro,lazytime,. Quota mode: writeback.
[  382.823265][ T7461] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3885: comm syz.5.632: Allocating blocks 497-513 which overlap fs metadata
[  382.842791][ T7461] EXT4-fs (loop5): Remounting filesystem read-only
[  382.849924][ T7461] EXT4-fs (loop5): pa ffff888074b8ee00: logic 131328, phys. 449, len 4
[  382.858827][ T7461] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4902: group 0, free 0, pa_free 1
[  382.874832][ T7461] EXT4-fs (loop5): Remounting filesystem read-only
[  382.904882][ T7474] netlink: 12 bytes leftover after parsing attributes in process `syz.0.634'.
[  382.914629][ T7474] netlink: 8 bytes leftover after parsing attributes in process `syz.0.634'.
[  386.465636][ T7490] loop6: detected capacity change from 0 to 1024
[  387.858943][ T7500] binder: 7499:7500 ioctl c0306201 0 returned -14
[  387.993675][ T7502] loop0: detected capacity change from 0 to 2048
[  389.000480][ T7502] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  389.011500][ T7502] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  389.230795][ T7516] loop3: detected capacity change from 0 to 512
[  391.098116][ T7516] EXT4-fs (loop3): Ignoring removed oldalloc option
[  391.133770][ T7516] EXT4-fs (loop3): journaled quota format not specified
[  391.255261][ T7528] netlink: 12 bytes leftover after parsing attributes in process `syz.6.647'.
[  391.264256][ T7528] netlink: 8 bytes leftover after parsing attributes in process `syz.6.647'.
[  392.449991][ T7527] loop0: detected capacity change from 0 to 2048
[  394.027134][ T7527] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  394.253916][ T7527] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  395.877965][ T7553] loop3: detected capacity change from 0 to 256
[  397.211508][ T7562] binder: 7560:7562 ioctl c0306201 0 returned -14
[  397.220808][ T7566] loop2: detected capacity change from 0 to 8
[  399.463503][ T7581] loop0: detected capacity change from 0 to 256
[  399.499246][ T4229] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  399.590718][ T7581] FAT-fs (loop0): Directory bread(block 64) failed
[  399.597598][ T7581] FAT-fs (loop0): Directory bread(block 65) failed
[  399.604590][ T7581] FAT-fs (loop0): Directory bread(block 66) failed
[  399.611890][ T7581] FAT-fs (loop0): Directory bread(block 67) failed
[  399.619143][ T7581] FAT-fs (loop0): Directory bread(block 68) failed
[  399.626078][ T7581] FAT-fs (loop0): Directory bread(block 69) failed
[  399.633120][ T7581] FAT-fs (loop0): Directory bread(block 70) failed
[  399.640147][ T7581] FAT-fs (loop0): Directory bread(block 71) failed
[  399.647321][ T7581] FAT-fs (loop0): Directory bread(block 72) failed
[  399.654073][ T7581] FAT-fs (loop0): Directory bread(block 73) failed
[  401.123042][ T7591] netlink: 12 bytes leftover after parsing attributes in process `syz.3.661'.
[  401.132181][ T7591] netlink: 8 bytes leftover after parsing attributes in process `syz.3.661'.
[  402.015411][ T7598] 9pnet: Insufficient options for proto=fd
[  402.053594][ T7598] loop3: detected capacity change from 0 to 4096
[  402.147148][ T7593] loop6: detected capacity change from 0 to 2048
[  402.161089][ T7598] ntfs3: loop3: ino=3, Correct links count -> 2.
[  404.888630][ T7593] EXT4-fs: error -4 creating inode table initialization thread
[  405.111470][ T7593] EXT4-fs (loop6): mount failed
[  405.986656][ T7626] loop5: detected capacity change from 0 to 2048
[  406.175146][ T7626] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  406.186475][ T7626] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  406.229970][ T7626] fuse: Unknown parameter 'fd00000000000000000000'
[  406.634374][   T26] kauditd_printk_skb: 11 callbacks suppressed
[  406.634390][   T26] audit: type=1326 audit(1774330865.848:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  407.067223][   T26] audit: type=1326 audit(1774330866.198:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  407.147892][   T26] audit: type=1326 audit(1774330866.198:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  407.195150][   T26] audit: type=1326 audit(1774330866.198:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  409.827877][   T26] audit: type=1326 audit(1774330866.198:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  409.864848][   T26] audit: type=1326 audit(1774330866.198:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  409.896127][ T7660] loop3: detected capacity change from 0 to 1024
[  409.954673][   T26] audit: type=1326 audit(1774330866.198:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  410.024138][   T26] audit: type=1326 audit(1774330866.198:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  410.092976][   T26] audit: type=1326 audit(1774330866.198:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  411.696421][   T26] audit: type=1326 audit(1774330866.198:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  411.732816][ T7660] EXT4-fs (loop3): Unrecognized mount option "smackfsdef=ext2" or missing value
[  411.819086][   T26] audit: type=1326 audit(1774330866.198:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  411.859429][   T26] audit: type=1326 audit(1774330866.198:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  411.962202][ T7678] loop5: detected capacity change from 0 to 512
[  412.092960][   T26] audit: type=1326 audit(1774330866.198:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  412.125378][   T26] audit: type=1326 audit(1774330866.198:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f410696bfce code=0x7ffc0000
[  412.148587][ T7678] EXT4-fs (loop5): Ignoring removed nobh option
[  412.155346][ T7678] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  412.180062][ T7681] loop6: detected capacity change from 0 to 1024
[  412.352653][ T7685] loop2: detected capacity change from 0 to 1024
[  412.360408][ T7678] EXT4-fs (loop5): 1 truncate cleaned up
[  412.366348][ T7678] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nobh,debug_want_extra_isize=0x0000000000000068,mb_optimize_scan=0x0000000000000001,max_batch_time=0x0000000000000007,dioread_lock,. Quota mode: none.
[  412.424490][ T7681] EXT4-fs (loop6): Unrecognized mount option "smackfsdef=hE�?��B��#9Fk���Ou�Ǵ�(３1@eT��)բV����" or missing value
[  413.168734][   T26] audit: type=1326 audit(1774330866.198:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  413.770606][ T7685] EXT4-fs (loop2): Ignoring removed orlov option
[  414.506509][ T7685] EXT4-fs (loop2): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  414.568550][ T7684] loop3: detected capacity change from 0 to 2048
[  414.692170][   T26] audit: type=1326 audit(1774330866.198:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  414.905760][   T26] audit: type=1326 audit(1774330866.198:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  414.913552][ T7684] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  414.942942][ T7684] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  415.790906][ T7708] binder: BINDER_SET_CONTEXT_MGR already set
[  415.811759][ T7708] binder: 7707:7708 ioctl 4018620d 2000000002c0 returned -16
[  415.837223][   T26] audit: type=1326 audit(1774330866.208:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  415.937082][ T7705] loop5: detected capacity change from 0 to 1024
[  416.016990][   T26] audit: type=1326 audit(1774330866.208:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7633 comm="syz.6.671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41069ab799 code=0x7ffc0000
[  416.042806][ T7717] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.051876][ T7717] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.162086][ T7705] EXT4-fs (loop5): test_dummy_encryption requires encrypt feature
[  419.224129][ T7744] loop5: detected capacity change from 0 to 2048
[  419.350840][ T7744] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  419.372244][ T7744] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.450706][ T7758] loop6: detected capacity change from 0 to 2048
[  421.546050][ T7758] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  421.572494][ T7758] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  422.654251][ T7768] fuse: Unknown parameter 'fd00000000000000000000'
[  423.117900][ T7772] loop6: detected capacity change from 0 to 2048
[  423.808998][ T7782] loop3: detected capacity change from 0 to 8
[  424.165219][ T7772] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  424.184722][ T7786] loop2: detected capacity change from 0 to 1024
[  424.200660][ T7783] loop5: detected capacity change from 0 to 512
[  424.207763][ T7772] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  424.277625][ T7782] SQUASHFS error: xz decompression failed, data probably corrupt
[  424.285620][ T7782] SQUASHFS error: Failed to read block 0x108: -5
[  424.292036][ T7782] SQUASHFS error: Unable to read metadata cache entry [106]
[  424.299444][ T7782] SQUASHFS error: Unable to read inode 0x11f
[  424.324030][ T7788] binder: 7787:7788 ioctl c0306201 200000000240 returned -11
[  424.441126][ T7783] EXT4-fs (loop5): Ignoring removed oldalloc option
[  424.449343][ T7783] EXT4-fs (loop5): journaled quota format not specified
[  424.458442][ T7786] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  426.854459][ T7807] CUSE: unknown device info ""
[  426.859467][ T7807] CUSE: zero length info key specified
[  427.868536][ T7809] loop6: detected capacity change from 0 to 256
[  434.095477][ T7853] loop2: detected capacity change from 0 to 2048
[  434.108364][ T7855] loop6: detected capacity change from 0 to 512
[  434.134072][ T7855] EXT4-fs (loop6): Ignoring removed oldalloc option
[  434.257285][ T7855] EXT4-fs (loop6): journaled quota format not specified
[  434.282994][ T7853] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  434.305588][ T7860] loop3: detected capacity change from 0 to 1024
[  434.370051][ T7860] EXT4-fs (loop3): Ignoring removed orlov option
[  434.430890][ T7853] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  434.461109][ T7860] EXT4-fs (loop3): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  434.898918][    C1] vxcan0: j1939_tp_rxtimer: 0xffff8880233c0800: rx timeout, send abort
[  434.910681][    C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff8880233c0800: 0x0f000: (3) A timeout occurred and this is the connection abort to close the session.
[  439.849176][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  440.440264][ T7887] netlink: 'syz.0.725': attribute type 9 has an invalid length.
[  440.644611][ T7887] netlink: 'syz.0.725': attribute type 6 has an invalid length.
[  450.061091][ T7960] xt_CT: You must specify a L4 protocol and not use inversions on it
[  453.357949][ T7989] loop5: detected capacity change from 0 to 164
[  453.476474][ T7989] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  453.855993][ T7998] loop3: detected capacity change from 0 to 4096
[  455.303486][ T8005] ntfs3: loop3: ino=5, "/" directory corrupted
[  455.311341][ T8005] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  459.223431][ T8038] Bluetooth: hci0: invalid len left 7, exp >= 50
[  461.857516][ T8050] loop5: detected capacity change from 0 to 2048
[  461.898585][ T8059] loop3: detected capacity change from 0 to 256
[  462.945883][ T8050] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  463.330727][ T8073] comedi comedi0: comedi_parport: I/O port conflict (0x3,3)
[  463.742110][ T8050] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  463.944191][ T8084] Bluetooth: hci0: unsupported parameter 255
[  463.965990][ T8084] Bluetooth: hci0: unsupported parameter 255
[  468.725561][ T8122] sctp: [Deprecated]: syz.3.793 (pid 8122) Use of struct sctp_assoc_value in delayed_ack socket option.
[  468.725561][ T8122] Use struct sctp_sack_info instead
[  468.812152][ T8123] loop2: detected capacity change from 0 to 512
[  468.919858][ T8123] EXT4-fs (loop2): Ignoring removed oldalloc option
[  468.971717][ T8123] EXT4-fs (loop2): journaled quota format not specified
[  471.227139][ T8133] fuse: Bad value for 'user_id'
[  471.717130][ T8131] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.960097][ T8131] device bridge_slave_0 left promiscuous mode
[  471.966453][ T8131] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.238905][ T8138] loop2: detected capacity change from 0 to 2048
[  472.368904][ T8139] device syzkaller0 entered promiscuous mode
[  472.488786][ T8146] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  472.498822][ T8146] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  472.506451][ T8146] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  472.563835][ T8138] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  472.594005][ T8138] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  474.946492][ T8169] loop5: detected capacity change from 0 to 256
[  476.042879][ T8177] loop2: detected capacity change from 0 to 256
[  476.107328][ T8181] comedi comedi0: comedi_parport: I/O port conflict (0x3,3)
[  476.786211][ T8177] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ab87c, utbl_chksum : 0xe619d30d)
[  477.350463][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  477.368051][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  477.376602][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  477.466556][ T8189] device bridge2 left promiscuous mode
[  477.560942][ T8191] capability: warning: `syz.5.803' uses deprecated v2 capabilities in a way that may be insecure
[  477.589572][ T8192] netlink: 'syz.2.801': attribute type 9 has an invalid length.
[  477.676355][ T8177] fuse: Unknown parameter 'user00000000000000000000'
[  477.695665][ T8192] netlink: 'syz.2.801': attribute type 6 has an invalid length.
[  478.539457][ T8199] loop5: detected capacity change from 0 to 2048
[  478.673347][ T8199] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  478.741640][ T8199] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  479.275706][ T8210] device syzkaller0 entered promiscuous mode
[  480.759065][ T8224] loop5: detected capacity change from 0 to 2048
[  481.826214][ T8237] loop2: detected capacity change from 0 to 64
[  483.882881][ T8224] EXT4-fs: error -4 creating inode table initialization thread
[  483.904440][ T8224] EXT4-fs (loop5): mount failed
[  484.949626][ T8259] sctp: [Deprecated]: syz.2.815 (pid 8259) Use of struct sctp_assoc_value in delayed_ack socket option.
[  484.949626][ T8259] Use struct sctp_sack_info instead
[  485.680459][ T8266] loop5: detected capacity change from 0 to 2048
[  485.774729][ T8268] netlink: 20 bytes leftover after parsing attributes in process `syz.6.823'.
[  485.784207][ T8268] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  485.878886][ T8266] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  485.889811][ T8266] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  487.660781][ T8288] ax25_connect(): syz.0.825 uses autobind, please contact jreuter@yaina.de
[  487.921373][ T8290] xt_CT: You must specify a L4 protocol and not use inversions on it
[  488.212202][ T8298] rdma_op ffff88807bf679f0 conn xmit_rdma 0000000000000000
[  489.275455][ T8305] loop3: detected capacity change from 0 to 2048
[  489.546905][ T8305] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  489.724723][ T8305] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  492.490928][ T8339] ufs: You didn't specify the type of your ufs filesystem
[  492.490928][ T8339] 
[  492.490928][ T8339] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  492.490928][ T8339] 
[  492.490928][ T8339] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  492.522612][ T8339] ufs: ufstype=old is supported read-only
[  493.445926][ T8339] blk_update_request: I/O error, dev loop11, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  495.016830][ T8364] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.408114][ T8364] device bridge_slave_0 left promiscuous mode
[  496.414351][ T8364] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.836979][ T8386] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  496.877819][ T8386] loop2: detected capacity change from 0 to 64
[  499.589211][ T8402] netlink: 12 bytes leftover after parsing attributes in process `syz.6.851'.
[  499.842950][ T8405] hub 8-0:1.0: USB hub found
[  499.849123][ T8405] hub 8-0:1.0: 1 port detected
[  499.897143][ T8405] netlink: 12 bytes leftover after parsing attributes in process `syz.3.852'.
[  499.934253][ T8405] loop3: detected capacity change from 0 to 256
[  501.325981][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  501.655397][ T8411] device syzkaller0 entered promiscuous mode
[  502.110054][ T8418] trusted_key: encrypted_key: insufficient parameters specified
[  502.145683][ T8418] netlink: 24 bytes leftover after parsing attributes in process `syz.2.856'.
[  502.934623][ T8424] loop2: detected capacity change from 0 to 2048
[  503.125150][ T4256] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  503.172392][ T8424] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  503.336463][ T8424] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  503.627613][ T4256] usb 6-1: New USB device found, idVendor=057b, idProduct=0000, bcdDevice= 0.00
[  503.644222][ T4256] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.302867][ T4256] usb-storage 6-1:32.0: USB Mass Storage device detected
[  504.507071][ T4256] usb-storage 6-1:32.0: Quirks match for vid 057b pid 0000: 1
[  504.792912][ T4256] usb 6-1: USB disconnect, device number 4
[  508.084452][ T8456] device syzkaller0 entered promiscuous mode
[  508.462720][ T8468] loop5: detected capacity change from 0 to 64
[  508.905086][ T8467] loop2: detected capacity change from 0 to 2048
[  509.285558][ T8473] veth1_virt_wifi: default FDB implementation only supports local addresses
[  509.575820][ T8467] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  509.815222][ T8467] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  510.860827][ T8490] Cannot find add_set index 65532 as target
[  511.788365][ T8475] netlink: 8 bytes leftover after parsing attributes in process `syz.3.872'.
[  511.797530][ T8475] netlink: 12 bytes leftover after parsing attributes in process `syz.3.872'.
[  513.318106][ T8510] loop2: detected capacity change from 0 to 1024
[  514.438008][  T154] hfsplus: b-tree write err: -5, ino 25
[  514.443879][  T154] hfsplus: b-tree write err: -5, ino 4
[  514.515688][  T154] hfsplus: b-tree write err: -5, ino 2
[  515.063178][ T8531] 9pnet: Insufficient options for proto=fd
[  515.127687][ T8529] loop5: detected capacity change from 0 to 2048
[  515.259732][ T8529] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  515.307698][ T8529] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  516.068636][ T8544] loop2: detected capacity change from 0 to 128
[  517.340355][ T8549] device syzkaller0 entered promiscuous mode
[  519.387020][ T8579] loop5: detected capacity change from 0 to 512
[  519.469874][ T8575] loop2: detected capacity change from 0 to 2048
[  519.691775][ T8579] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  519.768499][ T8575] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  519.809766][ T8579] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  520.029662][ T8575] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  521.195696][ T8579] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  521.205020][ T8579] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  521.275355][ T8579] EXT4-fs (loop5): failed to initialize system zone (-117)
[  521.282863][ T8579] EXT4-fs (loop5): mount failed
[  524.685049][ T4256] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  526.862849][ T8654] loop5: detected capacity change from 0 to 2048
[  527.176075][ T8645] netlink: 12 bytes leftover after parsing attributes in process `syz.2.920'.
[  527.273187][ T8654] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  527.324178][ T8654] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.235314][ T8677] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  528.313618][ T8681] loop2: detected capacity change from 0 to 256
[  528.507191][ T8669] loop3: detected capacity change from 0 to 32768
[  528.628161][ T8681] FAT-fs (loop2): Directory bread(block 64) failed
[  528.879626][ T8681] FAT-fs (loop2): Directory bread(block 65) failed
[  529.105847][ T8681] FAT-fs (loop2): Directory bread(block 66) failed
[  529.358658][ T8681] FAT-fs (loop2): Directory bread(block 67) failed
[  529.415515][ T8681] FAT-fs (loop2): Directory bread(block 68) failed
[  529.474973][ T8681] FAT-fs (loop2): Directory bread(block 69) failed
[  529.498083][ T8681] FAT-fs (loop2): Directory bread(block 70) failed
[  529.505139][ T8681] FAT-fs (loop2): Directory bread(block 71) failed
[  529.512108][ T8681] FAT-fs (loop2): Directory bread(block 72) failed
[  529.519808][ T8681] FAT-fs (loop2): Directory bread(block 73) failed
[  529.735006][ T4256] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  529.943606][ T8696] loop3: detected capacity change from 0 to 128
[  529.975135][ T4256] usb 6-1: Using ep0 maxpacket: 32
[  530.095164][ T4256] usb 6-1: config 0 has an invalid interface number: 83 but max is 0
[  530.127201][ T4256] usb 6-1: config 0 has no interface number 0
[  530.151165][ T4256] usb 6-1: config 0 interface 83 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 777
[  530.203036][ T4230] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  530.335127][ T4256] usb 6-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=d8.11
[  530.344642][ T4256] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.353255][ T4256] usb 6-1: Product: syz
[  530.357773][ T4256] usb 6-1: Manufacturer: syz
[  530.362394][ T4256] usb 6-1: SerialNumber: syz
[  530.372682][ T4256] usb 6-1: config 0 descriptor??
[  530.395374][ T8689] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  530.419022][ T4256] redrat3 6-1:0.83: Couldn't find all endpoints
[  530.495289][ T4230] usb 3-1: Using ep0 maxpacket: 32
[  530.628237][ T4256] usb 6-1: USB disconnect, device number 6
[  530.635237][ T4230] usb 3-1: config 0 has an invalid interface number: 119 but max is 0
[  530.653506][ T4230] usb 3-1: config 0 has no interface number 0
[  530.660202][ T4230] usb 3-1: config 0 interface 119 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  530.672672][ T4230] usb 3-1: config 0 interface 119 altsetting 0 has an invalid endpoint with address 0xE3, skipping
[  530.683885][ T4230] usb 3-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  530.886172][ T4230] usb 3-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[  530.895561][ T4230] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.903876][ T4230] usb 3-1: Product: syz
[  530.908623][ T4230] usb 3-1: Manufacturer: syz
[  530.913324][ T4230] usb 3-1: SerialNumber: syz
[  530.920915][ T4230] usb 3-1: config 0 descriptor??
[  530.995164][ T4230] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.119/input/input8
[  531.211319][ T4332] usb 3-1: USB disconnect, device number 5
[  531.438242][ T8708] loop3: detected capacity change from 0 to 256
[  532.537265][ T8708] FAT-fs (loop3): "posix" option is obsolete, not supported now
[  533.359009][ T8719] loop2: detected capacity change from 0 to 64
[  533.819475][ T8719] attempt to access beyond end of device
[  533.819475][ T8719] loop2: rw=0, want=268435470, limit=64
[  533.998399][ T8719] Buffer I/O error on dev loop2, logical block 134217734, async page read
[  534.015659][ T8724] overlayfs: './file0' not a directory
[  534.082892][ T8719] attempt to access beyond end of device
[  534.082892][ T8719] loop2: rw=0, want=268435470, limit=64
[  534.097692][ T8719] Buffer I/O error on dev loop2, logical block 134217734, async page read
[  535.731021][ T8740] loop3: detected capacity change from 0 to 2048
[  535.801383][ T8740] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  535.847640][ T8740] UDF-fs: error (device loop3): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376)
[  535.884983][ T8740] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1376) has entry past directory size at pos 232
[  535.921116][ T8731] loop2: detected capacity change from 0 to 32768
[  535.928381][ T8729] loop5: detected capacity change from 0 to 32768
[  535.969793][ T8731] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.952 (8731)
[  535.998327][ T8729] 
[  535.998327][ T8729]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  535.998327][ T8729] 
[  536.107800][ T8731] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  536.146419][ T8729] ERROR: (device loop5): diWrite: ixpxd invalid
[  536.146419][ T8729] 
[  536.158128][ T8731] BTRFS info (device loop2): using free space tree
[  536.164711][ T8731] BTRFS info (device loop2): has skinny extents
[  536.192213][ T8729] ERROR: (device loop5): txCommit: 
[  536.192213][ T8729] 
[  536.276285][ T4637] 
[  536.276285][ T4637]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  536.276285][ T4637] 
[  536.309917][ T4637] 
[  536.309917][ T4637]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  536.309917][ T4637] 
[  536.397723][ T8756] loop3: detected capacity change from 0 to 164
[  536.574577][ T8756] Unsupported NM flag settings (240)
[  536.619354][ T8731] BTRFS info (device loop2): enabling ssd optimizations
[  537.297057][ T8793] xt_connbytes: Forcing CT accounting to be enabled
[  537.325651][ T8793] xt_CT: You must specify a L4 protocol and not use inversions on it
[  537.436126][ T8796] loop5: detected capacity change from 0 to 16
[  537.468272][ T8796] erofs: (device loop5): mounted with root inode @ nid 36.
[  537.977516][ T8804] loop2: detected capacity change from 0 to 2048
[  538.187666][ T8811] loop5: detected capacity change from 0 to 2048
[  538.196255][ T8804] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  538.227734][ T8804] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  538.343181][ T8811] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  538.384195][ T8811] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  539.658421][ T8829] loop2: detected capacity change from 0 to 2048
[  539.720129][ T8835] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  539.745399][ T8835] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  539.899706][ T8829] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  539.938886][ T8829] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  542.773389][ T8857] loop5: detected capacity change from 0 to 256
[  542.981395][ T8857] FAT-fs (loop5): Directory bread(block 64) failed
[  543.014957][ T8857] FAT-fs (loop5): Directory bread(block 65) failed
[  543.057636][ T8857] FAT-fs (loop5): Directory bread(block 66) failed
[  543.142003][ T8857] FAT-fs (loop5): Directory bread(block 67) failed
[  543.184969][ T8857] FAT-fs (loop5): Directory bread(block 68) failed
[  543.191807][ T8857] FAT-fs (loop5): Directory bread(block 69) failed
[  543.213480][ T8857] FAT-fs (loop5): Directory bread(block 70) failed
[  543.232253][ T8857] FAT-fs (loop5): Directory bread(block 71) failed
[  543.244393][ T8863] loop2: detected capacity change from 0 to 2048
[  543.263812][ T8857] FAT-fs (loop5): Directory bread(block 72) failed
[  543.280317][ T8857] FAT-fs (loop5): Directory bread(block 73) failed
[  543.327152][ T8863] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  543.366166][ T8863] ext4 filesystem being mounted at /198/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  544.302858][ T8879] loop3: detected capacity change from 0 to 256
[  544.313703][ T8878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.999'.
[  544.801761][ T8868] loop5: detected capacity change from 0 to 32768
[  545.008815][ T8879] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  546.306466][ T8899] loop2: detected capacity change from 0 to 512
[  546.357143][ T8800] Bluetooth: hci0: command 0x0c20 tx timeout
[  546.382307][ T8899] EXT4-fs (loop2): Test dummy encryption mode enabled
[  546.475211][ T8899] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  546.589782][ T8899] EXT4-fs error (device loop2): xattr_find_entry:297: inode #15: comm syz.2.1005: corrupted xattr entries
[  546.618775][ T8899] EXT4-fs (loop2): Remounting filesystem read-only
[  546.634510][ T8899] EXT4-fs (loop2): 1 orphan inode deleted
[  546.641966][ T8899] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,errors=remount-ro,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,test_dummy_encryption,. Quota mode: none.
[  548.076372][ T8917] sctp: [Deprecated]: syz.6.1006 (pid 8917) Use of struct sctp_assoc_value in delayed_ack socket option.
[  548.076372][ T8917] Use struct sctp_sack_info instead
[  548.236690][ T8922] loop2: detected capacity change from 0 to 2048
[  548.253308][ T8924] loop5: detected capacity change from 0 to 1764
[  548.314513][ T8924] iso9660: Corrupted directory entry in block 2 of inode 1920
[  548.377567][ T8922] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  548.400659][ T8930] loop3: detected capacity change from 0 to 64
[  548.413544][ T8922] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  548.881077][ T8945] loop3: detected capacity change from 0 to 64
[  548.899646][ T8941] loop5: detected capacity change from 0 to 4096
[  548.922537][ T8941] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512)
[  549.919312][ T8952] binder: 8951:8952 ioctl c0306201 200000000680 returned -14
[  550.120013][ T4637] ntfs3: loop5: ntfs_sync_fs r=1a failed, -22.
[  550.138195][ T4637] ntfs3: loop5: ntfs_evict_inode r=1a failed, -22.
[  550.179492][ T4637] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  550.281826][ T8957] loop3: detected capacity change from 0 to 1024
[  550.414227][ T8957] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  550.524567][ T8968] loop5: detected capacity change from 0 to 4096
[  550.552517][ T8957] EXT4-fs error (device loop3): ext4_empty_dir:3166: inode #11: block 623: comm syz.3.1026: Attempting to read directory block (623) that is past i_size (638464)
[  550.613856][ T8971] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  550.631081][ T8968] attempt to access beyond end of device
[  550.631081][ T8968] loop5: rw=0, want=26388279066824, limit=4096
[  550.658074][ T8975] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1031'.
[  550.658995][ T8968] NILFS (loop5): I/O error reading meta-data file (ino=6, block-offset=1)
[  551.242803][ T8994] binder: 8993:8994 ioctl c0306201 0 returned -14
[  551.285514][ T8996] loop5: detected capacity change from 0 to 256
[  551.320125][ T8950] loop2: detected capacity change from 0 to 32768
[  552.544321][ T9006] loop2: detected capacity change from 0 to 512
[  553.975419][ T9006] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  553.996637][ T9033] loop3: detected capacity change from 0 to 64
[  554.161907][ T9039] binder: BINDER_SET_CONTEXT_MGR already set
[  554.187204][ T9039] binder: 9036:9039 ioctl 4018620d 200000000100 returned -16
[  554.202152][ T9039] binder: BINDER_SET_CONTEXT_MGR already set
[  554.214771][ T9033] attempt to access beyond end of device
[  554.214771][ T9033] loop3: rw=0, want=268435470, limit=64
[  554.232622][ T9039] binder: 9036:9039 ioctl 4018620d 2000000002c0 returned -16
[  554.334128][ T9033] Buffer I/O error on dev loop3, logical block 134217734, async page read
[  554.382515][ T9033] attempt to access beyond end of device
[  554.382515][ T9033] loop3: rw=0, want=268435470, limit=64
[  554.428814][ T9039] binder: 9036:9039 ioctl c0306201 0 returned -14
[  554.459525][ T9033] Buffer I/O error on dev loop3, logical block 134217734, async page read
[  555.655089][   T23] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  556.095688][   T23] usb 3-1: config index 0 descriptor too short (expected 65298, got 18)
[  556.166436][   T23] usb 3-1: config 0 has too many interfaces: 230, using maximum allowed: 32
[  556.261275][ T9069] netlink: set zone limit has 8 unknown bytes
[  556.334800][   T23] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 230
[  556.546208][ T9074] loop3: detected capacity change from 0 to 256
[  556.605184][   T23] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  556.627464][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.697289][   T23] usb 3-1: Product: syz
[  556.701778][   T23] usb 3-1: Manufacturer: syz
[  556.727014][   T23] usb 3-1: SerialNumber: syz
[  556.809288][   T23] usb 3-1: config 0 descriptor??
[  557.125897][   T23] usb 3-1: ignoring: probably an ADSL modem
[  557.390073][ T9059] loop5: detected capacity change from 0 to 32768
[  557.581833][ T9059] XFS (loop5): Mounting V5 Filesystem
[  557.605830][   T23] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19!
[  557.636315][   T23] usb 3-1: USB disconnect, device number 6
[  557.866646][ T9059] XFS (loop5): Ending clean mount
[  558.191523][ T4637] XFS (loop5): Unmounting Filesystem
[  558.731737][ T9116] loop3: detected capacity change from 0 to 2048
[  558.855917][ T9116] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  558.874966][ T9116] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  560.100686][ T9166] binder: BINDER_SET_CONTEXT_MGR already set
[  560.135758][ T9166] binder: 9161:9166 ioctl 4018620d 200000000100 returned -16
[  561.003801][ T9202] loop2: detected capacity change from 0 to 2048
[  561.035006][   T23] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  561.125143][ T9202] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  561.165133][ T9202] ext4 filesystem being mounted at /211/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  561.643716][ T9220] binder: BINDER_SET_CONTEXT_MGR already set
[  561.668855][ T9220] binder: 9217:9220 ioctl 4018620d 200000000100 returned -16
[  561.716195][ T9221] binder: BINDER_SET_CONTEXT_MGR already set
[  561.741426][ T9221] binder: 9217:9221 ioctl 4018620d 2000000002c0 returned -16
[  561.766917][ T9220] binder: 9217:9220 ioctl c0306201 0 returned -14
[  562.025239][   T23] usb 6-1: config index 0 descriptor too short (expected 8292, got 100)
[  562.048551][   T23] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  562.094881][   T23] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  562.104102][   T23] usb 6-1: config 1 has no interface number 0
[  562.144249][   T23] usb 6-1: too many endpoints for config 1 interface 1 altsetting 0: 222, using maximum allowed: 30
[  562.165861][   T23] usb 6-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 222
[  563.052723][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  563.129170][ T9246] netlink: 'syz.2.1117': attribute type 1 has an invalid length.
[  563.145782][ T9246] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1117'.
[  563.265085][   T23] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=17.40
[  563.284523][   T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.303295][   T23] usb 6-1: Product: syz
[  563.307742][   T23] usb 6-1: Manufacturer: syz
[  563.313049][   T23] usb 6-1: SerialNumber: syz
[  563.376503][   T23] usb 6-1: selecting invalid altsetting 1
[  563.407880][ T9259] netlink: 'syz.2.1121': attribute type 1 has an invalid length.
[  563.796395][   T23] cdc_ncm 6-1:1.1: failed GET_NTB_PARAMETERS
[  563.803278][   T23] cdc_ncm 6-1:1.1: bind() failure
[  563.841286][ T9248] loop3: detected capacity change from 0 to 32768
[  563.848209][   T23] usb 6-1: USB disconnect, device number 7
[  563.927649][ T9248] 
[  563.927649][ T9248]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  563.927649][ T9248] 
[  563.961724][ T9248] ERROR: (device loop3): dtSearch: stack overrun!
[  563.961724][ T9248] 
[  563.998617][ T9248] btstack dump:
[  564.028772][ T9248] bn = 0, index = 0
[  564.044945][ T9248] bn = 0, index = 0
[  564.057787][ T9248] bn = 0, index = 0
[  564.064670][ T9248] bn = 0, index = 0
[  564.141808][ T9261] loop2: detected capacity change from 0 to 32768
[  564.200291][ T9248] bn = 0, index = 0
[  564.220157][ T9248] bn = 0, index = 0
[  564.234242][ T9248] bn = 0, index = 0
[  564.254498][ T9248] bn = 0, index = 0
[  564.279404][ T9248] jfs_lookup: dtSearch returned -5
[  564.295345][ T9261] XFS (loop2): Mounting V5 Filesystem
[  564.372497][ T9276] sctp: [Deprecated]: syz.6.1125 (pid 9276) Use of struct sctp_assoc_value in delayed_ack socket option.
[  564.372497][ T9276] Use struct sctp_sack_info instead
[  564.987507][ T9261] XFS (loop2): Ending clean mount
[  565.101905][ T4192] 
[  565.101905][ T4192]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.101905][ T4192] 
[  565.136794][ T4190] XFS (loop2): Unmounting Filesystem
[  565.175289][ T4192] 
[  565.175289][ T4192]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  565.175289][ T4192] 
[  565.333778][ T9286] binder: BINDER_SET_CONTEXT_MGR already set
[  565.346995][ T9286] binder: 9283:9286 ioctl 4018620d 200000000100 returned -16
[  565.393266][ T9288] binder: BINDER_SET_CONTEXT_MGR already set
[  565.421933][ T9288] binder: 9283:9288 ioctl 4018620d 2000000002c0 returned -16
[  565.661018][ T9293] loop5: detected capacity change from 0 to 512
[  565.784605][ T9293] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  565.792832][ T9293] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  565.805198][ T9293] System zones: 0-1, 15-15, 18-18, 34-34
[  565.812178][ T9293] EXT4-fs (loop5): orphan cleanup on readonly fs
[  565.876401][ T9293] __quota_error: 24 callbacks suppressed
[  565.876591][ T9293] Quota error (device loop5): v2_read_header: Failed header read: expected=8 got=0
[  565.955053][ T9293] EXT4-fs warning (device loop5): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  566.217188][ T9293] EXT4-fs (loop5): Cannot turn on quotas: error -22
[  566.232399][ T9293] EXT4-fs (loop5): 1 truncate cleaned up
[  566.274658][ T9293] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  566.745986][   T23] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  567.165611][   T23] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  567.187301][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  567.381260][   T23] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  567.397444][   T23] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  567.414588][   T23] usb 3-1: Manufacturer: syz
[  567.446032][   T23] usb 3-1: config 0 descriptor??
[  567.695402][ T9322] sctp: [Deprecated]: syz.0.1140 (pid 9322) Use of struct sctp_assoc_value in delayed_ack socket option.
[  567.695402][ T9322] Use struct sctp_sack_info instead
[  568.514951][   T23] rc_core: IR keymap rc-hauppauge not found
[  568.525537][   T23] Registered IR keymap rc-empty
[  568.593526][   T23] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  568.846983][ T9336] loop5: detected capacity change from 0 to 2048
[  568.917261][   T23] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input9
[  569.046621][ T9336] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  569.065869][ T9336] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  569.406669][   T23] usb 3-1: USB disconnect, device number 7
[  571.559195][ T9370] loop2: detected capacity change from 0 to 64
[  573.171543][ T9383] loop3: detected capacity change from 0 to 4096
[  573.660960][ T9383] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  574.114868][ T2241] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  574.685214][ T2241] usb 6-1: Using ep0 maxpacket: 8
[  574.847948][ T2241] usb 6-1: config 135 has an invalid interface number: 230 but max is 0
[  574.857758][ T2241] usb 6-1: config 135 has an invalid descriptor of length 97, skipping remainder of the config
[  574.962233][ T2241] usb 6-1: config 135 has no interface number 0
[  574.969379][ T2241] usb 6-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[  574.981516][ T2241] usb 6-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[  574.995960][ T2241] usb 6-1: config 135 interface 230 has no altsetting 0
[  575.175394][ T2241] usb 6-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  575.205453][ T2241] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.213644][ T2241] usb 6-1: Product: syz
[  575.269269][ T2241] usb 6-1: Manufacturer: syz
[  575.280693][ T9425] loop2: detected capacity change from 0 to 2048
[  575.290268][ T2241] usb 6-1: SerialNumber: syz
[  575.327968][ T9429] sp0: Synchronizing with TNC
[  575.397679][ T9425] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  575.447961][ T9425] ext4 filesystem being mounted at /224/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  575.615271][ T2241] usb 6-1: Found UVC 0.00 device syz (18ec:3288)
[  575.623191][ T2241] usb 6-1: No valid video chain found.
[  575.693566][ T2241] usb 6-1: USB disconnect, device number 8
[  576.320560][ T9449] loop5: detected capacity change from 0 to 2048
[  576.384079][ T4226] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  576.404107][ T9453] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1184'.
[  576.435637][ T9449] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  576.483537][ T9449] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  576.611317][ T9451] loop3: detected capacity change from 0 to 4096
[  576.793924][ T9464] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  576.885366][ T4226] usb 1-1: Using ep0 maxpacket: 16
[  576.891538][ T9451] NILFS (loop3): bad btree node (ino=3, blocknr=0): level = 0, flags = 0x0, nchildren = 0
[  577.488791][ T9451] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=3)
[  577.534381][ T9451] Remounting filesystem read-only
[  577.804137][ T9482] loop2: detected capacity change from 0 to 256
[  577.979091][ T9482] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 198)
[  578.012083][ T4226] usb 1-1: unable to get BOS descriptor or descriptor too short
[  578.021454][ T9482] FAT-fs (loop2): Filesystem has been set read-only
[  578.028728][ T9482] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 198)
[  578.040553][ T9482] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 198)
[  578.105186][ T4226] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  578.295965][ T9505] INFO: trying to register non-static key.
[  578.301848][ T9505] The code is fine but needs lockdep annotation, or maybe
[  578.308984][ T9505] you didn't initialize this object before use?
[  578.315244][ T9505] turning off the locking correctness validator.
[  578.321601][ T9505] CPU: 1 PID: 9505 Comm: syz.2.1197 Not tainted syzkaller #0
[  578.329003][ T9505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  578.339094][ T9505] Call Trace:
[  578.342401][ T9505]  <TASK>
[  578.345355][ T9505]  dump_stack_lvl+0x188/0x250
[  578.350069][ T9505]  ? show_regs_print_info+0x20/0x20
[  578.355304][ T9505]  ? load_image+0x400/0x400
[  578.359845][ T9505]  ? cpumask_next+0xb3/0xd0
[  578.364388][ T9505]  ? __is_module_percpu_address+0x2a7/0x410
[  578.370323][ T9505]  ? is_kernel_percpu_address+0x143/0x160
[  578.376086][ T9505]  assign_lock_key+0x1ec/0x200
[  578.380888][ T9505]  ? SOFTIRQ_verbose+0x10/0x10
[  578.385688][ T9505]  ? verify_lock_unused+0x140/0x140
[  578.390952][ T9505]  ? mark_lock+0x94/0x320
[  578.395327][ T9505]  register_lock_class+0x21d/0x890
[  578.400474][ T9505]  ? __lock_acquire+0x13bc/0x7d10
[  578.405550][ T9505]  ? is_dynamic_key+0x1f0/0x1f0
[  578.410437][ T9505]  __lock_acquire+0x16f/0x7d10
[  578.413031][ T9507] loop5: detected capacity change from 0 to 512
[  578.415237][ T9505]  ? mark_lock+0x94/0x320
[  578.415262][ T9505]  ? __lock_acquire+0x12e8/0x7d10
[  578.415286][ T9505]  ? verify_lock_unused+0x140/0x140
[  578.436127][ T9505]  ? verify_lock_unused+0x140/0x140
[  578.441376][ T9505]  ? __might_sleep+0xf0/0xf0
[  578.446001][ T9505]  lock_acquire+0x19e/0x400
[  578.450549][ T9505]  ? gsmld_write+0x57/0x120
[  578.455078][ T9505]  ? read_lock_is_recursive+0x10/0x10
[  578.460479][ T9505]  ? _copy_from_iter+0x5de/0x1170
[  578.465524][ T9505]  ? _raw_spin_lock_irqsave+0x8b/0x100
[  578.471008][ T9505]  ? lockdep_hardirqs_off+0x70/0x100
[  578.476319][ T9505]  _raw_spin_lock_irqsave+0xb0/0x100
[  578.481734][ T9505]  ? gsmld_write+0x57/0x120
[  578.486259][ T9505]  ? _raw_spin_lock+0x40/0x40
[  578.490958][ T9505]  ? __virt_addr_valid+0x3c6/0x470
[  578.496134][ T9505]  gsmld_write+0x57/0x120
[  578.500480][ T9505]  file_tty_write+0x557/0x910
[  578.505213][ T9505]  ? gsmld_read+0x10/0x10
[  578.509565][ T9505]  do_iter_readv_writev+0x47e/0x5f0
[  578.514786][ T9505]  ? aa_path_link+0x880/0x880
[  578.519491][ T9505]  ? generic_file_rw_checks+0x280/0x280
[  578.525054][ T9505]  ? common_file_perm+0x171/0x1c0
[  578.530106][ T9505]  ? fsnotify_perm+0x5d/0x560
[  578.534797][ T9505]  ? security_file_permission+0x75/0xa0
[  578.540361][ T9505]  do_iter_write+0x205/0x7b0
[  578.544969][ T9505]  ? import_iovec+0x6f/0xa0
[  578.549755][ T9505]  do_writev+0x281/0x480
[  578.554016][ T9505]  ? do_readv+0x460/0x460
[  578.558364][ T9505]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  578.564361][ T9505]  ? lock_chain_count+0x20/0x20
[  578.569227][ T9505]  ? vtime_user_exit+0x2c8/0x3e0
[  578.574183][ T9505]  ? lockdep_hardirqs_on+0x94/0x140
[  578.579400][ T9505]  do_syscall_64+0x4c/0xa0
[  578.583840][ T9505]  ? clear_bhb_loop+0x30/0x80
[  578.588535][ T9505]  ? clear_bhb_loop+0x30/0x80
[  578.593226][ T9505]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  578.599148][ T9505] RIP: 0033:0x7fbdd8295799
[  578.603579][ T9505] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  578.623229][ T9505] RSP: 002b:00007fbdd64ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  578.631665][ T9505] RAX: ffffffffffffffda RBX: 00007fbdd850efa0 RCX: 00007fbdd8295799
[  578.639656][ T9505] RDX: 0000000000000002 RSI: 0000200000000880 RDI: 0000000000000003
[  578.647654][ T9505] RBP: 00007fbdd832bc99 R08: 0000000000000000 R09: 0000000000000000
[  578.655763][ T9505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  578.663768][ T9505] R13: 00007fbdd850f038 R14: 00007fbdd850efa0 R15: 00007ffdd5b05438
[  578.671769][ T9505]  </TASK>
[  578.675002][    C1] vkms_vblank_simulate: vblank timer overrun
[  578.708141][ T4226] usb 1-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[  578.732621][ T4226] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.746363][ T9507] EXT4-fs (loop5): Ignoring removed bh option
[  578.783473][ T9507] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  578.865842][ T4226] usb 1-1: Product: syz
[  578.870099][ T4226] usb 1-1: Manufacturer: syz
[  578.882542][ T9507] ext4 filesystem being mounted at /200/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  578.894716][ T4226] usb 1-1: SerialNumber: syz
[  580.047129][ T4226] usb 1-1: Audio class v2/v3 interfaces need an interface association
[  580.055659][ T4226] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  580.092232][ T4226] usb 1-1: USB disconnect, device number 2
[  580.306135][ T4386] udevd[4386]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.1/sound/card3/controlC3/../uevent} for writing: No such file or directory