last executing test programs:

7m33.248483323s ago: executing program 2 (id=536):
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000680)={@fallback=r0, 0x11, 0x0, 0x4, &(0x7f0000000240)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)

7m32.86752296s ago: executing program 2 (id=537):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0207e80702"], 0x10}}, 0x40044)

7m31.107797037s ago: executing program 2 (id=545):
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c091}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0xf)
r5 = fcntl$dupfd(r4, 0x0, r3)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000140)=0x5)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYBLOB="00000000ffffff7f00"/20, @ANYRES32=0x0, @ANYRES32=r5, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000400)=ANY=[@ANYBLOB="18008000000000000000000000000000000000001f9aec7db757e0390ce750359ea470021e7977d3e70c03faed82a991fceeb30ae41eed95e17ef22d64844bb5f89638e6f0e24e56d6d591a59d499616e8464962163679c9ee804a630d41b83d99d8271e2b4503d5b6d7b396131cbbc56d1b31e076b6064c09521e7702f97d5c738e", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf09000000000000b609010000000000660000000000000218010000646c6c2500000000002020207b9af8ff000000005d9100000000000037010000f8ffffffb702000008000000b70300000000000015000000060000003f93000000000000b5030000000000008500000076000000b70000000000000095000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x0)
r9 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
splice(r8, 0x0, r9, 0x0, 0x10000000000016, 0x0)

7m29.983836976s ago: executing program 2 (id=550):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xb, 0x0, 0x0, 0x8003}, 0x50)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(0x0, 0x0)
open(&(0x7f0000000200)='./file0/file0\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a00", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800157fff000000050016"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0)

7m28.019876382s ago: executing program 2 (id=554):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1b, &(0x7f0000000880)=ANY=[@ANYBLOB="85100000fdffffff182a0000", @ANYRES32, @ANYBLOB="00000000fc1ccaf300000000b7080000ce0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000001185b0000010000000000000000000000186900000b0000000000000000000000000000000000000000184400000300"/125, @ANYRES32], &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, &(0x7f0000000500), 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xa, 0x1, 0x7c5e}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000600)=[0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xfd12}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x12003, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0), 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m26.730815958s ago: executing program 2 (id=562):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x4000250, 0x2, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000500)=ANY=[], 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x189040, 0x2)
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000080)='./file1\x00', 0x400000f030)
truncate(&(0x7f0000000100)='./file1\x00', 0xd8)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)

7m11.237690555s ago: executing program 32 (id=562):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x4000250, 0x2, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000500)=ANY=[], 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x189040, 0x2)
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000080)='./file1\x00', 0x400000f030)
truncate(&(0x7f0000000100)='./file1\x00', 0xd8)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)

4m59.785577539s ago: executing program 3 (id=1161):
syz_open_dev$evdev(&(0x7f00000000c0), 0x1ff, 0x6100)

4m59.255599363s ago: executing program 3 (id=1165):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mmap(&(0x7f000095f000/0x3000)=nil, 0x3000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
madvise(&(0x7f0000a30000/0x3000)=nil, 0x3000, 0x10)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)

4m59.07652797s ago: executing program 3 (id=1167):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000000c0), 0x2, 0x443, &(0x7f00000063c0)="$eJzs28tvG0UYAPBv10lK+iAByqMPIFAQEY+kSQv0wAUEUg8gIcGhHEOSVqVug5og0SqCgFA5okrcEUck/gJOcEHACYkr3FGlCuXSwslo7d3Ycew0SZ244N9P2nZmd635Ps+OPbsTB9CzRrJ/koi9EfF7RAzVqqtPGKn9d3N5cfrv5cXpJCqVt/5KqufdWF6cLk4tXrcnr4ymEelnSRxq0e78pcvnpsrl2Yt5fXzh/Pvj85cuP3f2/NSZ2TOzFyZPnDh+bOLFFyaf70ieWUw3Dn40d/jAyXeuvjF96uq7P3+bFPk35dEhI+sdfLJS6XBz3bWvoZz0dTEQNqUUEVl39VfH/1CUot55Q/Hap10NDthWlUqlsqf94aUK8D+WRLcjALqj+KLP7n+LbYemHneE6y/XboCyvG/mW+1IX6T5Of1N97edNBIRp5b++SrbYnueQwAArPJ9Nv95ttX8L40HGs67O18bGo6IeyLi3oi4LyL2R8T9EdVzH4yIhzbZfvMiydr5T3ptS4ltUDb/eylf28q2XVHPPzdcymv7qvn3J6fPlmeP5u/JaPTvyuoT67Txw6u/fdHuWOP8L9uyGIq5YB7Htb5dq18zM7UwdTs5N7r+ScTBvnr+9flvsrISkETEgYg4uMU2zj79zeF2x26d/zo6sM5U+TriqVr/L0VT/oVk/fXJ8buiPHt0vLgq1vrl1ytvtmt/Jf+TgxGbzb8Dsv7fHa37PzecNK7Xzm++jSt/fN7inqY2vrZ6/Q8kb1fLA/m+D6cWFi5ORAwkr9eCbtw/WX9tUS/Oz/IfPdIq/7T6GVe8E4ciIruIH46IRyLi0Tz2xyLi8Yg4sk7+P73yxHvtjt3W9d8BWf4zm+r/emEgmve0LpTO/fjdqkaH2+dfilb9f7xaGs33bOTzbyNxbe1qBgAAgP+eNCL2RpKOrZTTdGys9vfy+2N3Wp6bX3jm9NwHF2ZqvxEYjv60eNI11PA8dCK/rS/qk031Y/lz4y9Lg9X62PRceabbyUOP29Nm/Gf+LHU7OmDb+b0W9C7jH3qX8Q+9y/iH3tVi/A92Iw5g57X6/v+4C3EAO69p/Fv2gx7i/h96l/EPvcv4h540Pxi3/pG8gsKaQqR3RBgK21To9icTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//8DJ4Ow=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)

4m57.783347447s ago: executing program 1 (id=1174):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000040)='cpuset.memory_spread_page\x00', 0x2, 0x0)
r5 = openat$cgroup_procs(r3, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000001c0), 0x12)
write$cgroup_int(r4, &(0x7f00000002c0)=0x1, 0x12)

4m57.590808535s ago: executing program 3 (id=1175):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x500, 0x0, 0x0}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev={0xfe, 0x80, '\x00', 0x39}, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0xfffffffd, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
getsockopt$inet6_int(r0, 0x29, 0x18, 0x0, &(0x7f0000000040)=0xfffffffffffffc7f)
syz_mount_image$exfat(&(0x7f0000000680), &(0x7f00000000c0)='./file1\x00', 0x2000000, &(0x7f0000000800)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a37e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731200f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e548355376ec821c05008685c055a367ea51b653eff6581710e72f1e7e4d9d1607d004d9ed64f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6611628606afadb04e0158f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x1506, &(0x7f0000002ac0)="$eJzs3QnYj9XWMPC19t43D0n/JPNee938k2GTJBmSZEiSJEkyJSRJjiQkHjIlIQmZk8whmUIyz1PmJDmSJAkJSfZ3PXXOcc7b+d7e853zft73POt3Xfd173Xte+177//ifw/Xcz3PNx0HV61frVJdZoZ/Cv66SwWAFADoBwDXAEAEAKWylcqW1p9JY+o/dxLxr/XQtCs9A3ElSf3TN6l/+ib1T9+k/umb1D99k/qnb1L/9E3qL0R6tm167mtlS7/bP//+P+XXnbz//19Irv/pm9T/382ZTP/I0VL/fyeXQgj/WIbUP32T+qdvUv/0Teqfvkn90zepvxDp2ZV+/yzbld2u9L8/IYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBDpw/lwmQGAtH10pSclhBBCCCGEEEKIf6mQ8UrPQAghhBBCCCGEEP/9EBRoMBBBBsgIKZAJMsNVkAWuhqxwDSTgWsgG10F2uB5yQE7IBbkhD+SFfGCBwAFDDPmhACThBigIN0IhKAxFoCh4KAbF4SYoATdDSbgFSsGtUBpugzJQFspBebgdKsAdUBHuhEpwF1SGKlAVqsHdUB3ugRpwL9SE+6AW3A+14QGoAw9CXXgI6sHDUB8egQbwKDSERtAYmkDT/6f8F6ArvAjdoDukQg/oCS9BL+gNfaAv9IOXoT+8AgPgVRgIg2AwvAZD4HUYCm/AMBgOI+BNGAmjYDSMgbEwDsbDWzAB3oaJ8A5MgskwBabCNJgOM+BdmAmzYDa8B3PgfZgL82A+LICF8AEsgsWwBD6EpfARLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg49hO+yAnbALdsMe2AufwD74FPbDZ3AAPv8H88/9h/xOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwByYC3NhHsyD+TAfEhIyMubH/JjEJBbEglgIC2ERLIIePRbH4lgCb8aSWBJLYSksjaWxDJbFslgey2MFrIAVsSJWwkpYGStjVayKd+PdeA/WwBpYE2tiLayFtbE21sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsSk2w2bYHJtjS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBO2BH7IidsDN2xhfwBXwRX8TuWFn1wJ7YE3thL+yDfbEvvoz98RV8BV/FgTgIB+Nr+Bq+jkPxLA7D4TgCR2AFNQpH4xhkNQ7H43icgBNwIk7ESTgZJ+NUnIbTcQbOwJk4C2fhezgH38f3cR7OwwW4EBfiIlyMS3AJLsVzuAyX4wpciatwNa7CtbgO1+IG3IgbcDNuxq24FT/Gj3EH7sBduAv34B78BD/BT/FTHIgH8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7EU3gaT+EZPINn8Ryex/N4AS/gRbyIl/BS2n9+lcYoozKoDCpFpajMKrPKorKorCqrSqiEyqayqewqu8qhcqhcKpfKo/KofCqfIkWKVazyq/wqqZKqoCqoCqlCqogqorzyqrgqrkqoEqqkKqlKqVtVaXWbKqPKqha+vCqvKqiWvqK6U1VSlVRlVUVVVdVUNVVdVVc1VA1VU9VUtVQtVVs9oOqoHtgHH1JplamvBmEDNRgbqkaqsWqiXsfHVDM1FJurFqqlekINx2HYWjXzbdTTqq0aje3UH9QYfFZ1UOOwo3pedVKdVRf1guqqmvtuqruahD1UTzUVe6neqo/qq2ZiFZVWsarqVTVQDVKD1WtqAb6uhqo31DA1XI1Qb6qRapQarcaosWqcGq/eUhPU22qiekdNUpPVFDVVTVPT1Yy0r1Y1S81W76k56n01V81T89UCtVB9oBapxWqJ+lAtVR+pZWq5WqFWqlVqtVqj1qp1ar3aoDaqTRGoLWqr2qY+VtvVDrVT7VK71R61V32i9qlP1X71mTqgPlcH1R/VIfWFOqy+VEfUV+qo+lodU9+o4+pbdUJ9p06qU+q0+l6dUT+os+qcOq9+VBfUT+qi+lldUkGBRq201kZHOoPOqFN0Jp1ZX6Wz6Kt1Vn2NTuhrdTZ9nc6ur9c5dE6dS+fWeXRenU9bTdpp1rHOrwvopL5BF9Q36kK6sC6ii2qvi+ni+iZdQt+sS+pbdCl9qy6tb9NldFldTpfXt+sK+g5dUd+pK+m7dGVdRVfV1fTdurq+R9fQ9+qa+j5dS9+va+sHdB39oK6rH9L19MO6vn5EN9CP6oa6kW6sm+im+jHdTD+um+sWuqV+QrfST+rW+indRj+t2+pndDv9B91eP6s76Od0R/287qQ76y76Z31JB91Nd9epuofuqV/SvXRv3Uf31f30y7q/fkUP0K/qgXqQHqxf00P063qofkMP08P1CP2mHqlH6dF6jB6rx+nx+i09Qb+tJ+p39CQ9WU/RU/U0PV33+dNIs/8L+W//nfwBv5x9q96mP9bb9Q69U+/Su/UevVfv1fv0Pr1f79cH9AF9UB/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/QJfVKf0j/q7/UZ/YM+q8/pc/pHfUFf0Bf/9BmAQaOMNsZEJoPJaFJMJpPZXGWymKtNVnONSZhrTTZznclurjc5TE6Ty+Q2eUxek89YQ8YZNrHJbwqYpLnBFDQ3mkKmsCliihpvipni5qZ/Ov/35tfUNDXNTDPT3DQ3LU1L08q0Mq1Na9PGtDFtTVvTzrQz7U1708F0MB1NR9PJdDJdTBfT1XQ1AQBSTarpaV4yvUxv08f0Nf3My6a/6W8GmAFmoBloBpvBZogZYoaaoWaYGWZGmBFmpBlpRpvRZqwZa8ab8WaCmWAmmolmkplkppgpZpqZZmaYGWammWlmm9lmjplj5pq5Zr6ZbxaahWaRWWSWmCVmqVlqlpnlZrlZaVaa1Wa1WWvWmvVmvdloNprNZrNZZv78A5o7zU6z2+w2e81es8/sM/vNfnPAHDAHzUFzyBwyh81hc8QcMUfNUXPMHDPHzXFzwpwwJ81Jc9qcNmfMGXPWnDXnzXlzwVwwF81Fc8lcSrvti1SkIhOZKEOUIUqJUqLMUeYoS5QlyhpljRJRIsoWZYuyR9dHOaKcUa4od5Qnyhvli2xEkYs4iqP8UYEoGd0QFYxujApFhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv5Lxw/hbM7HfTfb3abaHranfcn2sr1tH9vX9rMv2/72FTvAvmoH2kF2sH3NDrGv26H2DTvMDrcj7Jt2pB1lR9sxdqwdZ8fbt+wE+7adaN+xk+xkO8VOtdPsdDvDvmtn2ll2tn3PzrHv27l2np1vF9iF9gO7yC62S+yHdqn9yC6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9Vusx/b7XaH3Wl32d12j91rP7H77Kd2v/3MHrCf24P2j/aQ/cIetl/aI/Yre9R+bY/Zb+xx+609Yb+zJ+0pe9p+b8/YH+xZe86etz/aC/Yne9H+bC/ZkHZzn3Z5J0OGMlAGSqEUykyZKQtloayUlRKUoGyUjbJTdspBOSgX5aI8lIfyUT5Kw8SUn/JTkpJUkApSISpERagIefJUnIpTCSpBJakklaJSVJpKUxkqQ+Uo7aJ5O91Bd9CddCfdRXdRFapC1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUgBpQQ2pIjakxNaWm1IyaUXNqTi2pJbWiVtSaWlMbakNtqS21o3bUntpTB+pAHakjdaJO1IW6UFfqSt2oG6VSKvWkntSLelEf6kP9qB/1p/40gAbQQBpIg2kwDaEhNJSG0jAaTiPoTRpJo2g0jaGxNI7G03iaQBNoIk2kSTSJptAUmkbTaAbNoJk0k2bTbJpDc2guzaX5NJ8W0kJaRItoCS2hpbSUltEyWkEraBWtojW0htbROtpAG2gTbaIttIW20TbaTttpJ+2k3bSb9tJe2kf7aD/tpwN0gA7SQTpEh+gwHaYjdISO0lE6RsfoOB2nE3SCTtJJPE2n6QydobN0ls7TebpAP9FF+pkuUaAUl8lldle5LO5ql9Vd41Jcpu4A8Jc4l8vt8ri8Lp+zLofL+TcxOecKucKuiCvqvCvmirubfhOX6VHWlXPl3e2ugrvDVXRl3N/G1d09roa719V097lq7u6/iWu5+11t94ir4x51dV0jV881cfXdI66Be9Q1dI1cY9fEtXJPutbuKdfGPe3aumd+Ey9yi906t95tcBvdPvepO+9+dMfcN+6C+8l1c91dP/ey6+9ecQPcq26gG/SbeIR70410o9xoN8aNdeN+E09xU900N93NcO+6mW7Wb+KF7gM3xy1xc908N98t+CVOm9MS96Fb6j5yy9xyt8KtdKvcarfGrf3LXFe6zW6L2+r2uk/cdrfD7XS73G6355c4bR373WfugPvcHXVfu0PuC3fYHXdH3Fe/xGnrO+6+dSfcd+6kO+VOu+/dGfeDO+vO/bL+tLV/7352l1xwwMiKNRuOOANn5BTOxJn5Ks7CV3NWvoYTfC1n4+s4O1/POTgn5+LcnIfzcj62TOyYOeb8XICTfAMX5Bu5EBfmIlyUPRfj4nwTl+CbuSTfwqX4Vi7Nt3EZLsvluDzfzhX4Dq7Id3IlvosrcxWuytX4bq7O93ANvpdr8n1ci+/n2vwA1+EHuS4/xPX4Ya7Pj3ADfpQbciNuzE24KT/Gzfhxbs4tuCU/wa34SW7NT3Ebfprb8jPcjv/A7flZ7sDPcUd+njtxZ+7CL3BXfpG7cXdO5R7ck1/iXtyb+3Bf7scvc39+hQfwqzyQB/Fgfo2H8Os8lN/gYTycR/CbPJJH8Wgew2N5HI/nt3gCv80T+R2exJN5Ck/laTydZ/C7PJNn8Wx+j+fw+zyX5/F8XsAL+QNexIt5CX/IS/kjXsbLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexh/zdt7BO3kX7+Y9vJc/4X38Ke/nz/gAf84H+Y98iL/gw/wlH+Gv+Ch/zcf4Gz7O3/IJ/o5P8ik+zd/zGf6Bz/I5Ps8/8gX+iS/yz3yJA0OMsYp1bOIozhBnjFPiTHHm+Ko4S3x1nDW+Jk7E18bZ4uvi7PH1cY44Z5wrzh3nifPG+WIbU+xijuM4f1wgTsY3xAXjG+NCceG4SFw09nGxuHh8U1wivjkuGd8Sl4pvjUvHt8Vl4rJxubh8fHtcIb4jrhjfGVeK74orx1XiqnG1+O64enxPXCO+N64Z3xeXjO+Pa8cPxHXiB+O68UNxvfjhuH78SNwgfjRuGDeKG8dN4qbxY3Gz+PG4edwibhk/EbeKn4xbx0/FbeKn47bxM7/bnxr3iHvGL8UvxSHcq+cnFyQXJj9ILkouTi5JfphcmvwouSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObkluTUZQrWM4NErr73xkc/gM/oUn8ln9lf5LP5qn9Vf4xP+Wp/NX+ez++t9Dp/T5/K5fR6f1+fz1pN3nn3s8/sCPulv8AX9jb6QL+yL+KLe+2K+uG/im/qmvpl/3Df3LXxL/4R/wj/pn/RP+af8076tf8a385Bo75/1Hfxz/jn/vO/kO/su/gXf1b/ou/nuPtWn+p6+p+/le/k+vo/v5/v5/r6/H+AH+IF+oB/sB/shfogf6of6YX6YH+FH+JF+pB/tR/uxfqwf78f7CX6Cn+gn+kl+kp/ip/hpfpqf4Wf4mX6mn+1n+zl+jp/r5/r5fr5f6Bf6RX6RX+KX+KV+qV/ml/kVfoVf5Vf5NX6NX+fX+Q1+g9/kN/ktfovf5rf57X673+l3+t1+t9/r9/p9fp/f7/f7A/6AP+gP+kP+kD/sv/RH/Ff+qP/aH/Pf+OP+W3/Cf+dP+lP+tP/en/E/+LP+nD/vf/QX/E/+ov/ZX/LBj0+8lZiQeDsxMfFOYlJicmJKYmpiWmJ6Ykbi3cTMxKzE7MR7iTmJ9xNzE/MS8xMLEgsTHyQWJRYnliQ+TCxNfJRYllieWJFYmViVWJ0IIe/2OOQPBUIy3BAKhhtDoVA4FAlFgw/FQvFwUygRbg4lwy2hVLg1lA63hTKhbCgXHg0NQ6PQODQJTcNjoVl4PDQPLULL8ERoFZ4MrcNToU14OrQNz4R24Q+hfXg2dAjPhY7h+dApdA5dwguha3gxdAvdQ2roEXqGl0Kv0Dv0CX1Dv/By6B9eCQPCq2FgGBQGh9fCkPB6GBreCMPC8DAivBlGhlFhdBgTxoZxYXx4K0wIb4eJ4Z0wKUwOU8LUMC1MDzPCu2FmmBVmh/fCnPB+mBvmhflhQVgYPgiLwuKwJHwYloaPwrKwPKwIK8OqsDqsCWvDurA+bAgbw6awOWwJW8O28HHYHnaEnWFX2B32hL3hk7AvfBr2h8/CgfB5OBj+GA6FL8Lh8GU4Er4KR8PX4Vj4JhwP34YT4btwMpwKp8P34Uz4IZwN58L58GO4EH4KF8PP4VII4Uq/SRdCCCGE+N9A/05/j/9LjvpTuycAXL0j95H/2L8px6/t3hnztEoAwNPdOz70561y5dTU1D8du0xDVGAeACQu52eAy/FyaAlPQhtoASX+0p/yV+fqrTpf4P9sfIAoeStA5r/KScv/c3x5/Jv/7vp7q1Fz/tPxNUTJeQCFClzOyQSX48vjl/y746eqnM1+Z/xMX4wHaP5XOVngcnx5/OLwODwDbf7mSCGEEEIIIYQQ4le9Vbn2v/d8m/Z8nsdczskIl+O/93wuhBBCCCGEEEKI/1me7dzlqcfatGnRXhr/HY0UAAjX/PpR/0+YjzSk8V9sXOlvJiGEEEIIIcS/2uWb/is9EyGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIv36//HrxP58rt/7W4NCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHEv6v/EwAA//8oYjL2")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x10, 0x0, 0x0, 0x0, 0x2}, 0x94)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r6, 0xc0383e04, 0x0)
ptrace$setregs(0xd, r4, 0x0, &(0x7f00000003c0))
ptrace$getregset(0x4205, r4, 0x1, &(0x7f0000000080)={&(0x7f00000000c0)=""/120, 0x78})

4m56.979600932s ago: executing program 1 (id=1177):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001a80)={0x3c, r1, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x40, 0x2, 0x7, 0x0, {0x9, 0x7, 0x0, 0x9, 0x0, 0x1, 0x0, 0x3, 0x1}, 0x300, 0x8, 0xfd}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48000}, 0x4000004)

4m56.872449966s ago: executing program 3 (id=1179):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000040000000400000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x21, 0x3, 0x580, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x4b0, 0xffffffff, 0xffffffff, 0x4b0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @private2, [], [], 'veth0\x00', 'syzkaller1\x00'}, 0x0, 0x220, 0x248, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'sit0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x5}}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv0\x00', 'veth1\x00'}, 0x0, 0x200, 0x268, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv6=@private1, [], @ipv4=@remote}, {@ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {@ipv4=@multicast2, [], @ipv6=@loopback}, {@ipv6=@rand_addr=' \x01\x00', [], @ipv4=@local}]}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0)

4m56.658545266s ago: executing program 1 (id=1182):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES64, @ANYRES16], 0x1, 0x374, &(0x7f0000000f80)="$eJzs3c9rI2UYwPEnbX5MWrbJQRQF6YNe9DK01bMaZBfEgEt3I+4Kwux2oiFjUmZCJCK2N6/izX9AcNnjgocF9R/oxdt68eLJXgRBFxFH5leapJMfjSmb7n4/0OZJ3veZed/84nkDeXP83pcfN+ueWbc6smKoZEREHoqUZUUSmegiLykO5eX1Px48f+3Gzbcr1erlXdUrleuv7Kjqxub3n3xWjLvdL8hR+YNjMX49evro2eN/r3/U8LThaavdUUtvtX/pWLccW/caXtNUverYlmdro+XZbtTejtrrTnt/v6dWa+/S2r5re55arZ427Z522tpxe2p9aDVaapqmXlpLG+5jzJgjp3Znd9eqzHnC23PmYdH+9n1/QrPrVqxVEbN4qqV251zHBQAAltJI/f91UiOUZaVfUGbitUA+jIeXAUH9n8Rh/R8sFk7q/7sv/NhZf/feRlz/38+n1f+v/hzlD9X/wdkXXv9/O3L9dEV04R2cpfP/qv+xHDaHX5G/nazYY0H9H7wa+iv63Pt3t8KA+h8AAAAAAAAAAAAAAAAAAAAAgIvgoe+XfN8vJZfJ38lXCOLrybVJXzTGhTPu8S/EOwr0nw94LF27cVOM8It72Q0R54turVuLLuP2pOOWlOSf8PkQizacOAwbNVCWH5yDbi0XJ6yG/ysiKo7Ysi0lKQ/lh/GVt6qXtzUS5YfnP+jWMtm1IL8ujTB/R0ryVHr+Tmp+Xl56cSDflJL8dFva4she/D6W5H++rfrmO9WR/GLYL83r5/uQAAAAAACwcKaqES+fy8Pr32j9bpqqae3BWl4G1+enPx/or6+3Utfn2dJz2Uc7dwAAAAAAnhRe/tOm5Ti26/XGBkWZ1qcQH22kKStTjhwE2Rn6DAUPwiA3qc/qwAxnPXI+/gWNWYfhej2ZecxJ8GdBUu/MZAvXoSYj/V6dMUjmP0Nn46wPgeutnH3ututtBuPRuaYzECQfG43rI1fnPfK4INk5d1rnZ7765q/5TpGJd+0dbHrtnjFlpmGQGbnlcMqT9nffD17UE8eTS3+3+G6eH5kBAAAAsCSSor/oJbe8MSVj/fwHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAADAE2ah26SNCR71HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBl8V8AAAD//1f39NU=")
r3 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r4 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
fallocate(r3, 0x0, 0x0, 0x1000f4)
io_submit(0x0, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f0000000000)="96", 0xfffffe10, 0x0, 0x0, 0x0, r4}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x3, 0x0, r3, 0x0, 0x0, 0xffffffffffffffff}])

4m54.136289396s ago: executing program 1 (id=1189):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x500, 0x0, 0x0}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev={0xfe, 0x80, '\x00', 0x39}, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0xfffffffd, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
getsockopt$inet6_int(r0, 0x29, 0x18, 0x0, &(0x7f0000000040)=0xfffffffffffffc7f)
syz_mount_image$exfat(&(0x7f0000000680), &(0x7f00000000c0)='./file1\x00', 0x2000000, &(0x7f0000000800)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a37e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731200f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e548355376ec821c05008685c055a367ea51b653eff6581710e72f1e7e4d9d1607d004d9ed64f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6611628606afadb04e0158f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x1506, &(0x7f0000002ac0)="$eJzs3QnYj9XWMPC19t43D0n/JPNee938k2GTJBmSZEiSJEkyJSRJjiQkHjIlIQmZk8whmUIyz1PmJDmSJAkJSfZ3PXXOcc7b+d7e853zft73POt3Xfd173Xte+177//ifw/Xcz3PNx0HV61frVJdZoZ/Cv66SwWAFADoBwDXAEAEAKWylcqW1p9JY+o/dxLxr/XQtCs9A3ElSf3TN6l/+ib1T9+k/umb1D99k/qnb1L/9E3qL0R6tm167mtlS7/bP//+P+XXnbz//19Irv/pm9T/382ZTP/I0VL/fyeXQgj/WIbUP32T+qdvUv/0Teqfvkn90zepvxDp2ZV+/yzbld2u9L8/IYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBDpw/lwmQGAtH10pSclhBBCCCGEEEKIf6mQ8UrPQAghhBBCCCGEEP/9EBRoMBBBBsgIKZAJMsNVkAWuhqxwDSTgWsgG10F2uB5yQE7IBbkhD+SFfGCBwAFDDPmhACThBigIN0IhKAxFoCh4KAbF4SYoATdDSbgFSsGtUBpugzJQFspBebgdKsAdUBHuhEpwF1SGKlAVqsHdUB3ugRpwL9SE+6AW3A+14QGoAw9CXXgI6sHDUB8egQbwKDSERtAYmkDT/6f8F6ArvAjdoDukQg/oCS9BL+gNfaAv9IOXoT+8AgPgVRgIg2AwvAZD4HUYCm/AMBgOI+BNGAmjYDSMgbEwDsbDWzAB3oaJ8A5MgskwBabCNJgOM+BdmAmzYDa8B3PgfZgL82A+LICF8AEsgsWwBD6EpfARLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg49hO+yAnbALdsMe2AufwD74FPbDZ3AAPv8H88/9h/xOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwByYC3NhHsyD+TAfEhIyMubH/JjEJBbEglgIC2ERLIIePRbH4lgCb8aSWBJLYSksjaWxDJbFslgey2MFrIAVsSJWwkpYGStjVayKd+PdeA/WwBpYE2tiLayFtbE21sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsSk2w2bYHJtjS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBO2BH7IidsDN2xhfwBXwRX8TuWFn1wJ7YE3thL+yDfbEvvoz98RV8BV/FgTgIB+Nr+Bq+jkPxLA7D4TgCR2AFNQpH4xhkNQ7H43icgBNwIk7ESTgZJ+NUnIbTcQbOwJk4C2fhezgH38f3cR7OwwW4EBfiIlyMS3AJLsVzuAyX4wpciatwNa7CtbgO1+IG3IgbcDNuxq24FT/Gj3EH7sBduAv34B78BD/BT/FTHIgH8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7EU3gaT+EZPINn8Ryex/N4AS/gRbyIl/BS2n9+lcYoozKoDCpFpajMKrPKorKorCqrSqiEyqayqewqu8qhcqhcKpfKo/KofCqfIkWKVazyq/wqqZKqoCqoCqlCqogqorzyqrgqrkqoEqqkKqlKqVtVaXWbKqPKqha+vCqvKqiWvqK6U1VSlVRlVUVVVdVUNVVdVVc1VA1VU9VUtVQtVVs9oOqoHtgHH1JplamvBmEDNRgbqkaqsWqiXsfHVDM1FJurFqqlekINx2HYWjXzbdTTqq0aje3UH9QYfFZ1UOOwo3pedVKdVRf1guqqmvtuqruahD1UTzUVe6neqo/qq2ZiFZVWsarqVTVQDVKD1WtqAb6uhqo31DA1XI1Qb6qRapQarcaosWqcGq/eUhPU22qiekdNUpPVFDVVTVPT1Yy0r1Y1S81W76k56n01V81T89UCtVB9oBapxWqJ+lAtVR+pZWq5WqFWqlVqtVqj1qp1ar3aoDaqTRGoLWqr2qY+VtvVDrVT7VK71R61V32i9qlP1X71mTqgPlcH1R/VIfWFOqy+VEfUV+qo+lodU9+o4+pbdUJ9p06qU+q0+l6dUT+os+qcOq9+VBfUT+qi+lldUkGBRq201kZHOoPOqFN0Jp1ZX6Wz6Kt1Vn2NTuhrdTZ9nc6ur9c5dE6dS+fWeXRenU9bTdpp1rHOrwvopL5BF9Q36kK6sC6ii2qvi+ni+iZdQt+sS+pbdCl9qy6tb9NldFldTpfXt+sK+g5dUd+pK+m7dGVdRVfV1fTdurq+R9fQ9+qa+j5dS9+va+sHdB39oK6rH9L19MO6vn5EN9CP6oa6kW6sm+im+jHdTD+um+sWuqV+QrfST+rW+indRj+t2+pndDv9B91eP6s76Od0R/287qQ76y76Z31JB91Nd9epuofuqV/SvXRv3Uf31f30y7q/fkUP0K/qgXqQHqxf00P063qofkMP08P1CP2mHqlH6dF6jB6rx+nx+i09Qb+tJ+p39CQ9WU/RU/U0PV33+dNIs/8L+W//nfwBv5x9q96mP9bb9Q69U+/Su/UevVfv1fv0Pr1f79cH9AF9UB/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/QJfVKf0j/q7/UZ/YM+q8/pc/pHfUFf0Bf/9BmAQaOMNsZEJoPJaFJMJpPZXGWymKtNVnONSZhrTTZznclurjc5TE6Ty+Q2eUxek89YQ8YZNrHJbwqYpLnBFDQ3mkKmsCliihpvipni5qZ/Ov/35tfUNDXNTDPT3DQ3LU1L08q0Mq1Na9PGtDFtTVvTzrQz7U1708F0MB1NR9PJdDJdTBfT1XQ1AQBSTarpaV4yvUxv08f0Nf3My6a/6W8GmAFmoBloBpvBZogZYoaaoWaYGWZGmBFmpBlpRpvRZqwZa8ab8WaCmWAmmolmkplkppgpZpqZZmaYGWammWlmm9lmjplj5pq5Zr6ZbxaahWaRWWSWmCVmqVlqlpnlZrlZaVaa1Wa1WWvWmvVmvdloNprNZrNZZv78A5o7zU6z2+w2e81es8/sM/vNfnPAHDAHzUFzyBwyh81hc8QcMUfNUXPMHDPHzXFzwpwwJ81Jc9qcNmfMGXPWnDXnzXlzwVwwF81Fc8lcSrvti1SkIhOZKEOUIUqJUqLMUeYoS5QlyhpljRJRIsoWZYuyR9dHOaKcUa4od5Qnyhvli2xEkYs4iqP8UYEoGd0QFYxujApFhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv5Lxw/hbM7HfTfb3abaHranfcn2sr1tH9vX9rMv2/72FTvAvmoH2kF2sH3NDrGv26H2DTvMDrcj7Jt2pB1lR9sxdqwdZ8fbt+wE+7adaN+xk+xkO8VOtdPsdDvDvmtn2ll2tn3PzrHv27l2np1vF9iF9gO7yC62S+yHdqn9yC6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9Vusx/b7XaH3Wl32d12j91rP7H77Kd2v/3MHrCf24P2j/aQ/cIetl/aI/Yre9R+bY/Zb+xx+609Yb+zJ+0pe9p+b8/YH+xZe86etz/aC/Yne9H+bC/ZkHZzn3Z5J0OGMlAGSqEUykyZKQtloayUlRKUoGyUjbJTdspBOSgX5aI8lIfyUT5Kw8SUn/JTkpJUkApSISpERagIefJUnIpTCSpBJakklaJSVJpKUxkqQ+Uo7aJ5O91Bd9CddCfdRXdRFapC1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUgBpQQ2pIjakxNaWm1IyaUXNqTi2pJbWiVtSaWlMbakNtqS21o3bUntpTB+pAHakjdaJO1IW6UFfqSt2oG6VSKvWkntSLelEf6kP9qB/1p/40gAbQQBpIg2kwDaEhNJSG0jAaTiPoTRpJo2g0jaGxNI7G03iaQBNoIk2kSTSJptAUmkbTaAbNoJk0k2bTbJpDc2guzaX5NJ8W0kJaRItoCS2hpbSUltEyWkEraBWtojW0htbROtpAG2gTbaIttIW20TbaTttpJ+2k3bSb9tJe2kf7aD/tpwN0gA7SQTpEh+gwHaYjdISO0lE6RsfoOB2nE3SCTtJJPE2n6QydobN0ls7TebpAP9FF+pkuUaAUl8lldle5LO5ql9Vd41Jcpu4A8Jc4l8vt8ri8Lp+zLofL+TcxOecKucKuiCvqvCvmirubfhOX6VHWlXPl3e2ugrvDVXRl3N/G1d09roa719V097lq7u6/iWu5+11t94ir4x51dV0jV881cfXdI66Be9Q1dI1cY9fEtXJPutbuKdfGPe3aumd+Ey9yi906t95tcBvdPvepO+9+dMfcN+6C+8l1c91dP/ey6+9ecQPcq26gG/SbeIR70410o9xoN8aNdeN+E09xU900N93NcO+6mW7Wb+KF7gM3xy1xc908N98t+CVOm9MS96Fb6j5yy9xyt8KtdKvcarfGrf3LXFe6zW6L2+r2uk/cdrfD7XS73G6355c4bR373WfugPvcHXVfu0PuC3fYHXdH3Fe/xGnrO+6+dSfcd+6kO+VOu+/dGfeDO+vO/bL+tLV/7352l1xwwMiKNRuOOANn5BTOxJn5Ks7CV3NWvoYTfC1n4+s4O1/POTgn5+LcnIfzcj62TOyYOeb8XICTfAMX5Bu5EBfmIlyUPRfj4nwTl+CbuSTfwqX4Vi7Nt3EZLsvluDzfzhX4Dq7Id3IlvosrcxWuytX4bq7O93ANvpdr8n1ci+/n2vwA1+EHuS4/xPX4Ya7Pj3ADfpQbciNuzE24KT/Gzfhxbs4tuCU/wa34SW7NT3Ebfprb8jPcjv/A7flZ7sDPcUd+njtxZ+7CL3BXfpG7cXdO5R7ck1/iXtyb+3Bf7scvc39+hQfwqzyQB/Fgfo2H8Os8lN/gYTycR/CbPJJH8Wgew2N5HI/nt3gCv80T+R2exJN5Ck/laTydZ/C7PJNn8Wx+j+fw+zyX5/F8XsAL+QNexIt5CX/IS/kjXsbLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexh/zdt7BO3kX7+Y9vJc/4X38Ke/nz/gAf84H+Y98iL/gw/wlH+Gv+Ch/zcf4Gz7O3/IJ/o5P8ik+zd/zGf6Bz/I5Ps8/8gX+iS/yz3yJA0OMsYp1bOIozhBnjFPiTHHm+Ko4S3x1nDW+Jk7E18bZ4uvi7PH1cY44Z5wrzh3nifPG+WIbU+xijuM4f1wgTsY3xAXjG+NCceG4SFw09nGxuHh8U1wivjkuGd8Sl4pvjUvHt8Vl4rJxubh8fHtcIb4jrhjfGVeK74orx1XiqnG1+O64enxPXCO+N64Z3xeXjO+Pa8cPxHXiB+O68UNxvfjhuH78SNwgfjRuGDeKG8dN4qbxY3Gz+PG4edwibhk/EbeKn4xbx0/FbeKn47bxM7/bnxr3iHvGL8UvxSHcq+cnFyQXJj9ILkouTi5JfphcmvwouSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObkluTUZQrWM4NErr73xkc/gM/oUn8ln9lf5LP5qn9Vf4xP+Wp/NX+ez++t9Dp/T5/K5fR6f1+fz1pN3nn3s8/sCPulv8AX9jb6QL+yL+KLe+2K+uG/im/qmvpl/3Df3LXxL/4R/wj/pn/RP+af8076tf8a385Bo75/1Hfxz/jn/vO/kO/su/gXf1b/ou/nuPtWn+p6+p+/le/k+vo/v5/v5/r6/H+AH+IF+oB/sB/shfogf6of6YX6YH+FH+JF+pB/tR/uxfqwf78f7CX6Cn+gn+kl+kp/ip/hpfpqf4Wf4mX6mn+1n+zl+jp/r5/r5fr5f6Bf6RX6RX+KX+KV+qV/ml/kVfoVf5Vf5NX6NX+fX+Q1+g9/kN/ktfovf5rf57X673+l3+t1+t9/r9/p9fp/f7/f7A/6AP+gP+kP+kD/sv/RH/Ff+qP/aH/Pf+OP+W3/Cf+dP+lP+tP/en/E/+LP+nD/vf/QX/E/+ov/ZX/LBj0+8lZiQeDsxMfFOYlJicmJKYmpiWmJ6Ykbi3cTMxKzE7MR7iTmJ9xNzE/MS8xMLEgsTHyQWJRYnliQ+TCxNfJRYllieWJFYmViVWJ0IIe/2OOQPBUIy3BAKhhtDoVA4FAlFgw/FQvFwUygRbg4lwy2hVLg1lA63hTKhbCgXHg0NQ6PQODQJTcNjoVl4PDQPLULL8ERoFZ4MrcNToU14OrQNz4R24Q+hfXg2dAjPhY7h+dApdA5dwguha3gxdAvdQ2roEXqGl0Kv0Dv0CX1Dv/By6B9eCQPCq2FgGBQGh9fCkPB6GBreCMPC8DAivBlGhlFhdBgTxoZxYXx4K0wIb4eJ4Z0wKUwOU8LUMC1MDzPCu2FmmBVmh/fCnPB+mBvmhflhQVgYPgiLwuKwJHwYloaPwrKwPKwIK8OqsDqsCWvDurA+bAgbw6awOWwJW8O28HHYHnaEnWFX2B32hL3hk7AvfBr2h8/CgfB5OBj+GA6FL8Lh8GU4Er4KR8PX4Vj4JhwP34YT4btwMpwKp8P34Uz4IZwN58L58GO4EH4KF8PP4VII4Uq/SRdCCCGE+N9A/05/j/9LjvpTuycAXL0j95H/2L8px6/t3hnztEoAwNPdOz70561y5dTU1D8du0xDVGAeACQu52eAy/FyaAlPQhtoASX+0p/yV+fqrTpf4P9sfIAoeStA5r/KScv/c3x5/Jv/7vp7q1Fz/tPxNUTJeQCFClzOyQSX48vjl/y746eqnM1+Z/xMX4wHaP5XOVngcnx5/OLwODwDbf7mSCGEEEIIIYQQ4le9Vbn2v/d8m/Z8nsdczskIl+O/93wuhBBCCCGEEEKI/1me7dzlqcfatGnRXhr/HY0UAAjX/PpR/0+YjzSk8V9sXOlvJiGEEEIIIcS/2uWb/is9EyGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIv36//HrxP58rt/7W4NCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHEv6v/EwAA//8oYjL2")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x10, 0x0, 0x0, 0x0, 0x2}, 0x94)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r6, 0xc0383e04, 0x0)
ptrace$setregs(0xd, r4, 0x0, &(0x7f00000003c0))
ptrace$getregset(0x4205, r4, 0x1, &(0x7f0000000080)={&(0x7f00000000c0)=""/120, 0x78})

4m53.899835637s ago: executing program 3 (id=1190):
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x14)

4m53.149315689s ago: executing program 33 (id=1190):
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x14)

4m53.099780261s ago: executing program 1 (id=1194):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000000200)={[{@nodiscard}, {@nodiscard}, {@lazytime}]}, 0x1, 0x573, &(0x7f0000003a00)="$eJzs3c+PG1cdAPDvzK53nR/tJtADVEACFAKKYmedNqp6abmAUFUJUXFAHNJl11ktseMQe0t3icTmL+AAEkic4E/ggMQBqScO3DgicQBEOSBVEIESJA5GM/ZuXK9NnKx/NOvPR5rMzHtv/H3PzvjNPHv9Aphb5yNiLyKWIuKtiFjppifdJV7rLFm5+/furD+4d2c9iXb7zX8keX6WFj3HZE51H7MYEV//SsS3k8Nxmzu7N9Zqtert7n65Vb9Vbu7sXtqqr21WN6s3K5Wrq1cvv3zlpUrvYT98jKal/Qnn6r98/8tbr3/jN7/+5Hu/3/vi97Nqne7m9bZjnDpNLxzEySxGxOuTCDYDC9310kilNyZaFx5fdpJ8JCI+k5//K7GQ/+8EAI6zdnsl2iu9+wDAcZfmY2BJWoqIdH/ErNQZw3suTqa1RrN18Xpj++ZGZ6zsTBTS61u16uWzy3/8bl64kGT7q3lenp/vV/r2r0TE2Yj48fKJfL+03qgZDQKA2TjV2/9HxL+X07RUGunQAZ/qAQBPjeKsKwAATJ3+HwDmj/4fAObPCP1/98P+vYnXBQCYDvf/ADB/9P8AMH/0/wAwV772xhvZ0n7Q/f3rjbd3tm803r60UW3eKNW310vrjdu3SpuNxmb+mz31Rz1erdG4tfpibL9TblWbrXJzZ/davbF9s3Ut/13va9XCVFoFAPw/Z8+9+4ckIvZeOZEv0TOXg74ajrdDk+QcoRTwdFk4ysEuEOCpZrYvmF8jdeH5RcLvJl4XYDaSOHE4sThw84N++hhBfM8IPlQufHz08f/R5ngGnhZG9mF+Pdn4/6tjrwcwfU88/v/n8dYDmL52O+mf83/pIAsAOJaO8BW+9g/GdRECzNSjJvMey+f/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMycjojvRJKW8rnA0+zftFSKeCYizkQhub5Vq16OiGfjXEQUlrP91VlXGgA4ovTvSXf+rwsrL5zuz11K/rOcryPiez978yfvrLVat1ez9H8epC/vTx9WeXjcEeYVBABG99dRCuX9d6W77rmRv3/vzvr+MsE6HvL+lw4mH11/cO9OvnRyFqPdbrcjivm1xMl/JbHYPaYYEc9HxMIY4u/djYiPDWp/ko+NnOnOfNobP7qxn5lq/PQD8dM8r7POnr6PjqEuMG/ezd5/Xht0/qVxPl8PPv+L+TvU0eXvf8WI/fe+Bz3xF7uRFgbEz87586PGePG3Xz2U2F7p5N2NeH5xUPzkIH4yJP4LI8b/0yc+9aNXh+S1fx5xIQbH741VbtVvlZs7u5e26mub1c3qzUrl6urVyy9fealSzseoy/sj1T32b0JfufjssLpl7T85JH7nlT/V1/6lg2M/N2L7f/Hft7716Ye7y/3xv/DZwa//c/l68POfNe3zI8ZfO/mrodN3Z/E3hrT/Ua//xRHjv/e33Y0RiwIAU9Dc2b2xVqtVbx9pI7sLHcfjHNrIqjha4f3LxQFZxeFZ/Rt/iXzj4dOSRBLjbldWnwFZhf6UwqSe1Um2It9YPLhWHG/Qb2aPOOWWpmNvxZNsxJnuxv1hZe5O4NQDjrOHJ/2sawIAAAAAAAAAAAAAAAwzjb9hmnUbAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOL7+FwAA///nDrzO")

4m52.957919168s ago: executing program 1 (id=1198):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000100)='./file0\x00', 0x80, &(0x7f00000000c0)=ANY=[], 0xff, 0x14e1, &(0x7f0000002a80)="$eJzs3Al0VkW2KODaVXUgxIi/EZlr1z7wiwGKiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBhpREREZJJJoN7C7r7cbvsu7uvXt3nvZX9r1UrtnLP3X5Wd5D/nrJX81HVYjcY1qzYgIvHPUH+dwJ8/JAshYoQQA4UQtwkhAiFE2fiy8deO51KQ/E+9CPsf0jD1Zq+A3Uzc/+yN+5+9cf+zN+5/9sb9z964/9kb9z974/4zlq2lFbidR/YdN3j+n/NG3z78/P//Zfz+n71x/7M37n/2xv3P3rj/2Rv3P3vj/mdv3P//j8kbn8L9Zyxb+7/gGTSPmzgYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLF/gwv+Oi2E+Ov8Zq+LMcYYY4wxxhhj/zo+581eAWOMMcYYY4wxxv7ngZBCCS0CkUPkFDEil4gVt4g4cavILW4TEXG7iBd3iDziTpFX5BP5RQFRUBQShYURKKwgEYoioqiIirtEMXG3SBDFRQlRUjhRSiSKe0Rpca8oI+4TZcX9opx4QJQXFURFUUk8KCqLh0QV8bCoKh4R1UR1UUPUFI+KWuIxUVs8LuqIJ0Rd8aSoJ54S9cXTooFoKBqJZ0Rj8axoIpqKZqK5aCFailb/VP5bood4W/QUvUSy6C36iHdEX9FP9BcDxEDxrhgk3hODxftiiBgqhokPxHDxoRghPhIjxSgxWnwsxoixYpwYLyaIiSJFfCImiU/FZPGZmCKmimliukgVM0Sa+FzMFLPEbPGFmCO+FHPFPDFfLBDpYqFYJBaLDPGVWCK+FpliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLHWKn2CV2iz1ir9gn9osD4huRJb7938w//3f53UCAAAkSNGjIATkgBmIgFmIhDuIgN+SGCEQgHuIhD+SBvJAX8kN+KAgFoTAUBgQEAoIiUASiEIViUAwSIAFKQAlw4CAREqE03AtloAyUhbJQDspBeagAFaASVILKUBmqQBWoClWhGlSDGlADHoVH4TGoDbWhDtSBulAX6kE9qA/1oQE0gEbQCBpDY2gCTaAZNIMW0AJaQStoDa2hDbSBdtAO2kN76AAdIAmSoCN0hE7QCTpDZ+gCXaArdIVu8Ca8CW/BW/A2vA29oJrsDX2gD/SFvtAfBsAAeBcGwXvwHrwPQ2AoDIMP4AP4EEbAORgJo2A0jIbKciyMg/FAciKkQApMgkkwGSbDFJgKU2E6pMIMSIM0mAmzYBZ8AXPgS/gS5sE8WADpkA6LYDFkQAYsgfOQCUthGSyHFbASVsBqWAOrYR2sh3WwETbCZtgMW2ErbIftsBN2wm7YDXthL+yH/TAEsiALDsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcAJOwik4DafgLJyFc3AeLsAFuASX4DJchqtw9doPv7xGSy1zyBwyRsbIWBkr42SczC1zy4iMyHgZL/PIPDKvzCvzy/yyoCwoC8vCEiVKkqEsIovIqIzKYrKYTJAJsoQsIZ10MlEmytKytCwjy8iy8n5ZTj4gy8sKsq2rJCvJyrKdqyIfllVlVVlNVpc1ZE1ZU9aStWRtWVvWkXVkXVlX1pNPyfqyN/SHhvJaZxrLodBEDoNmsrlsIVvKD+E52VqOgDayrWwnX5CjYCR0kK1dknxZdpTjoJN8VY6H12QXORG6yjdkN/mm7C7fkj1kG9dT9pJToLfsI6dDX9lP9pcD5EyoLq91rIZ8Xw6RQ+Uw+YFcAB/KEfIjOVKOkqPlx3KMHCvHyfFygpwoU+QncpL8VE6Wn8kpcqqcJqfLVDlDpsnP5Uw5S86WX8g58ks5V86T8+UCmS4XykVyscyQX8kl8muZKZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CK3ym1yu9whd8pdcrfcI/fKfXK/PCC/kVnyW3lQ/kkekt/Jw/J7eUT+II/KH+Ux+ZM8Ln+WJ+Qv8qQ8JU/LM/Ks/FWek+flBXlRXpK/ycvyirwqvRQKlFRKaRWoHCqnilG5VKy6RcWpW1VudZuKqNtVvLpD5VF3qrwqn8qvCqiCqpAqrIxCZRWpUBVRRVVU3aWKqbtVgiquSqiSyqlSKlHdo0qre1UZdZ8qq+5X5dQDqryqoCqqSupBVVk9pKqoh1VV9YiqpqqrGqqmelTVUo+p2upxVUc9oeqqJ1U99ZSqr55WDVRD1Ug9oxqrZ1UT1VQ1U81VC9VStVLPqdbqedVGtVXt1AuqvXpRdVAvqST1suqoXlGd1Kuqs3pNdVGvq67qDdVNvam6qyvqqvKqp+qlklVv1Ue9o/qqfqq/GqAGqnfVIPWeGqzeV0PUUDVMfaCGqw/VCPWRGqlGqdHqYzVGjVXj1Hg1QU1UKeoTNUl9qiarz9QUNVVNU9NVqpqh+v+l0uz/Rv6n/yB/8O+vvlltUVvVNrVd7VA71S61W+1Re9Q+tU8dUAdUlspSB9VBdUgdUofVYXVEHVFH1VF1TB1Tx9VxdUKdUCfVKXVRnVFn1a/qnDqvzquL6pK6pC7/5WsgNGipldY60Dl0Th2jc+lYfYuO07fq3Po2HdG363h9h86j79R5dT6dXxfQBXUhXVgbjdpq0qEuoovqqL5LF9N36wRdXJfQJbXTpXSivuf/OP9G62ulW+nWurVuo9vodrqdbq/b6w66g07SSbqj7qg76U66s+6su+guuqvuqrvpbrq77q576B66p+6pk3Wy7qPf0X11P91fD9AD9bt6kB6kB+vBeogeoofpYXq4Hq5H6BF6pB6pR+vReoweo8fpcXqCnqBTdIqepCfpyXqynqKn6Gl6mk7VqTpNp+mZeqaerWfrOXqOnqvn6vl6vk7X6XqRXqQzdIZeopfoTL1UL9XL9XK9Uq/Uq/VqvVav1ev1er1Rb9SZeoveorfpbXqH3qF36V16j96j9+l9+oA+oLN0lj6oD+pD+pA+rA/rI/qIPqqP6mP6mD6uj+sT+oQ+qU/q0/q0PqvP6nP6nL6gL+hL+pK+rC/rq/rqtcu+QAYy0IEOcgQ5gpggJogNYoO4IC7IHeQOIkEkiA/igzzBnUHeIF+QPygQFAwKBYUDE2BgAwrCoEhQNIgGdwXFgruDhKB4UCIoGbigVJAY3BOUDu4NygT3BWWD+4NywQNB+aBCUDGoFDwYVA4eCqoEDwdVg0eCakH1oEZQM3g0qBU8FtQOHg/qBE8EdYMng3rBU0H94OmgQdAwaBQ8EzQOng2aBE2DZkHzoEXQMmj1L63v/bl8z7ueppdJNr1NH/OO6Wv6mf5mgBlo3jWDzHtmsHnfDDFDzTDzgRluPjQjzEdmpBllRpuPzRgz1owz480EM9GkmE/MJPOpmWw+M1PMVDPNTDepZoZJM5+bmWaWmW2+MHPMl2aumWfmmwUm3Sw0i8xik2G+MkvM1ybTLDXLzHKzwqw0q8xqs8asNevMerPBbDSbzGazxWw128x2s8PsNLvMbrPH7DX7zH5zwHxjssy35qD5kzlkvjOHzffmiPnBHDU/mmPmJ3Pc/GxOmF/MSXPKnDZnzFnzqzlnzpsL5qK5ZH4zl80Vc9X4axf3197eUaPGHJgDYzAGYzEW4zAOc2NujGAE4zEe82AezIt5MT/mx4JYEAtjYbyGkLAIFsEoRrEYFsMETMASWAIdOkzERCyNpbEMlsGyWBbLYTksj+WxIlbEB/FBfAgfwofxYXwEH8HqWB1rYk2shbWwNtbGOlgH62JdrIf1sD7WxwbYABthI2yMjbEJNsFm2AxbYAtsha2wNbbGNtgG22E7bI/tsQN2wCRMwo7YETthJ+yMnbELdsGu2BW7YTfsjt2xB/bAntgTkzEZ+2Af7It9sT/2x4E4EAfhIByMg3EIDsFhOAyH43AcgSNwJI7C0fgxjsGxOA7H4wSciCmYgpNwEk7GyTgFp+A0nIapmIppmIYzcSbOxtk4B+fgXJyL83E+pmM6LsJFmIEZuASXYCZm4jJchitwBa7CVbgG1+A6XIcbcANuwk24BbfgNtyGO3AH7sJduAf34D7chwfwAGZhFh7Eg3gID+FhPIxH8AgexaN4DI/hcTyOJ/AEnsSTeBpP41k8i+fwHF7AC3gJf8PLeAWvoscYm8vG2ltsnL3V5ra32b+P89sCtqAtZAtbY/PafH8To7U2wRa3JWxJ62wpm2jv+UNc3lawFW0l+6CtbB+yVf4Q17KP2dr2cVvHPmFr2kf/Jq5rn7T17LO2vm1qG9jmtpFtaRvbZ20T29Q2s81tC9vStrcv2g72JZtkX7Yd7St/iBfZxXaNXWvX2fV2n91vL9iL9pj9yV6yv9metpcdaN+1g+x7drB93w6xQ/8Qj7Yf2zF2rB1nx9sJduIf4ml2uk21M2ya/dzOtLP+EKfbhXaOzbBz7Tw73y74Pb62pgz7lV1iv7aZdqldZpfbFXalXWVX/8dal9uNdpPdbPfYvXab3W532J12l939e3xtHwfsNzbLfmuP2h/tIfudPWyP2yP2h9/ja/s7bn+2J+wv9qQ9ZU/bM/as/dWes+d/3/+1vZ+xV+xV660gIEmKNAWUg3JSDOWiWLqF4uhWyk23UYRup3i6g/LQnZSX8lF+KkAFqRAVJkNIlohCKkJFKUp3UTG6mxKoOJWgkuSoFCXSPVSa7qUydB+VpfupHD1A5akCVaRK9CBVpoeoCj1MVekRqkbVqQbVpEepFj1GtelxqkNPUF16kurRU1SfnqYG1JAa0TPUmJ6lJtSUmlFzakEtqRU9R63peWpDbakdvUDt6UXqQC9REr1MHekV6kSvUmd6jbrQ69SV3qBu9CZ1p7eoB71NPakXJVNv6kPvUF/qR/1pAA2kd2kQvUeD6X0aQkNpGH1Aw+lDGkEf0UgaRaPpYxpDY2kcjacJNJFS6BOaRJ/SZPqMptBUmkbTKZVmUBp9TjNpFs2mL2gOfUlzaR7NpwWUTgtpES2mDPqKltDXlElLaRktpxW0klbRalpDa2kdracNtJE20WbaQltpG22nHbSTdtFu2kN7aR/tpwP0DWXRt3SQ/kSH6Ds6TN/TEfqBjtKPdIx+ouP0M52gX+gknaLTdIbO0q90js7TBbpIl+g3ukxX6Cp5EiGEMlShDoMwR5gzjAlzhbHhLWFceGuYO7wtjIS3h/HhHWGe8M4wb5gvzB8WCAuGhcLCoQkxtCGFYVgkLBpGw7vCYuHdYUJYPCwRlgxdWCpMDO8JS4f3hmXC+8Ky4f1hufCBsHxYIawYVgofDCuHD4VVwofDquEjYbWwelgjrBk+GtYKHwtrh4+HdcInwjLhk2G98Kmwfvh02CBsGDYKnwkbh8+GTcKmYbOwedgibBm2Cp8LW4fPh23CtmG78IWwffhi2CF8KUwKXw47hq/c8Hhy2DvsE74TvhN6/7iaH10QTY8ujC6KLo5mRL+KLol+Hc2MLo0uiy6ProiujK6Kro6uia6Nrouuj26Iboxuim6Oel8zp3DgpFNOu8DlcDldjMvlYt0tLs7d6nK721zE3e7i3R0uj7vT5XX5XH5XwBV0hVxhZxw668iFrogr6qLuLlfM3e0SXHFXwpV0zpVyia6la+VaudbuedfGtXXt3AvuBfeie9G95F5yL7uO7hXXyb3qOrvXXBf3unvdveG6uTddd/eW6+Hedj1dL5fskl0f18f1dX1df9ffDXQD3SA3yA12g90QN8QNc8PccDfcjXAj3Eg30o12o90YN8aNc+PcBDfBpbgUN8lNcpPdZDfFTXHT3DSX6lJdmktzM91MN9vNdnPcHDfXzXXz3XyX7tLdIrfIZbgMt8QtcZku0y1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73B63x+1z+9wBd8BluSx30B10h9whd9h97464H9xR96M75n5yx93P7oT7xZ10p9xpd8addb+6c+68u+AuukvuN3fZXXFXnXcpkU8ikyKfRiZHPotMiUyNTItMj6RGZkTSIp9HZkZmRWZHvojMiXwZmRuZF5kfWRBJjyyMLIosjmREvoosiXwdyYwsjSyLLI+siKyMeF9oW+iL+KI+6u/yxfzdPsEX9yV8Se98KZ/o7/Gl/b2+jL/Pl/X3+3L+AV/eV/AVfVPfzDf3LXxL38o/51v7530b39a38y/49v5F38G/5JP8y76jf8V38q/6zv4138W/7rv6N3w3/6bv7t/yPfzbvqfv5ZN9b9/Hv+P7+n6+vx/gB/p3/SD/nh/s3/dD/FA/zH/gh/sP/Qj/kR/pR/nR/mM/xo/14/x4P8FP9Cn+Ez/Jf+on+8/8FD/VT/PTfaqf4dP8536mn+Vn+y/8HP+ln+vn+fl+gU/3C/0iv9hn+K/8Ev+1z/RL/TK/3K/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/b7/F7/T6/3x/w3/gs/60/6P/kD/nv/GH/vT/if/BH/Y/+mP/JH/c/+xP+F3/Sn/Kn/Rl/1v/qz/nz/oK/6C/53/xlf8Vf5b9ZY4wxxhj7b1E3ON77H3xO/mVc00cIcev2Akf+vuaGvH+e95P7OkaEEC/36trwr6Nhw+Tk5L+cm6lEUHSeECJyPT+HuB4vFe3EiyJJtBWl/+H6+smKQDeoH71fiNj/lBMj/hzH/E39e/+L+k0X3rD+PCESil7PySWux9frl/kv6u9uf4P6ub5LEaLNf8qJE9fj6/UTxfPiFZH0N2cyxhhjjDHGGGN/1k9e6naj+9tr9+cF9fWcnOJ6fKP7c8YYY4wxxhhjjN18r73Z/aXnkpLaduYJT3jCk/+Y3OzfTIwxxhhjjLF/tesX/Td7JYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPb17/h3Yjd7j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtjN9r8CAAD//3myaBA=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x100010, 0xffffffffffffffff, 0xea855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)

4m51.801378338s ago: executing program 34 (id=1198):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000100)='./file0\x00', 0x80, &(0x7f00000000c0)=ANY=[], 0xff, 0x14e1, &(0x7f0000002a80)="$eJzs3Al0VkW2KODaVXUgxIi/EZlr1z7wiwGKiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBhpREREZJJJoN7C7r7cbvsu7uvXt3nvZX9r1UrtnLP3X5Wd5D/nrJX81HVYjcY1qzYgIvHPUH+dwJ8/JAshYoQQA4UQtwkhAiFE2fiy8deO51KQ/E+9CPsf0jD1Zq+A3Uzc/+yN+5+9cf+zN+5/9sb9z964/9kb9z974/4zlq2lFbidR/YdN3j+n/NG3z78/P//Zfz+n71x/7M37n/2xv3P3rj/2Rv3P3vj/mdv3P//j8kbn8L9Zyxb+7/gGTSPmzgYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLF/gwv+Oi2E+Ov8Zq+LMcYYY4wxxhhj/zo+581eAWOMMcYYY4wxxv7ngZBCCS0CkUPkFDEil4gVt4g4cavILW4TEXG7iBd3iDziTpFX5BP5RQFRUBQShYURKKwgEYoioqiIirtEMXG3SBDFRQlRUjhRSiSKe0Rpca8oI+4TZcX9opx4QJQXFURFUUk8KCqLh0QV8bCoKh4R1UR1UUPUFI+KWuIxUVs8LuqIJ0Rd8aSoJ54S9cXTooFoKBqJZ0Rj8axoIpqKZqK5aCFailb/VP5bood4W/QUvUSy6C36iHdEX9FP9BcDxEDxrhgk3hODxftiiBgqhokPxHDxoRghPhIjxSgxWnwsxoixYpwYLyaIiSJFfCImiU/FZPGZmCKmimliukgVM0Sa+FzMFLPEbPGFmCO+FHPFPDFfLBDpYqFYJBaLDPGVWCK+FpliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLHWKn2CV2iz1ir9gn9osD4huRJb7938w//3f53UCAAAkSNGjIATkgBmIgFmIhDuIgN+SGCEQgHuIhD+SBvJAX8kN+KAgFoTAUBgQEAoIiUASiEIViUAwSIAFKQAlw4CAREqE03AtloAyUhbJQDspBeagAFaASVILKUBmqQBWoClWhGlSDGlADHoVH4TGoDbWhDtSBulAX6kE9qA/1oQE0gEbQCBpDY2gCTaAZNIMW0AJaQStoDa2hDbSBdtAO2kN76AAdIAmSoCN0hE7QCTpDZ+gCXaArdIVu8Ca8CW/BW/A2vA29oJrsDX2gD/SFvtAfBsAAeBcGwXvwHrwPQ2AoDIMP4AP4EEbAORgJo2A0jIbKciyMg/FAciKkQApMgkkwGSbDFJgKU2E6pMIMSIM0mAmzYBZ8AXPgS/gS5sE8WADpkA6LYDFkQAYsgfOQCUthGSyHFbASVsBqWAOrYR2sh3WwETbCZtgMW2ErbIftsBN2wm7YDXthL+yH/TAEsiALDsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcAJOwik4DafgLJyFc3AeLsAFuASX4DJchqtw9doPv7xGSy1zyBwyRsbIWBkr42SczC1zy4iMyHgZL/PIPDKvzCvzy/yyoCwoC8vCEiVKkqEsIovIqIzKYrKYTJAJsoQsIZ10MlEmytKytCwjy8iy8n5ZTj4gy8sKsq2rJCvJyrKdqyIfllVlVVlNVpc1ZE1ZU9aStWRtWVvWkXVkXVlX1pNPyfqyN/SHhvJaZxrLodBEDoNmsrlsIVvKD+E52VqOgDayrWwnX5CjYCR0kK1dknxZdpTjoJN8VY6H12QXORG6yjdkN/mm7C7fkj1kG9dT9pJToLfsI6dDX9lP9pcD5EyoLq91rIZ8Xw6RQ+Uw+YFcAB/KEfIjOVKOkqPlx3KMHCvHyfFygpwoU+QncpL8VE6Wn8kpcqqcJqfLVDlDpsnP5Uw5S86WX8g58ks5V86T8+UCmS4XykVyscyQX8kl8muZKZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CK3ym1yu9whd8pdcrfcI/fKfXK/PCC/kVnyW3lQ/kkekt/Jw/J7eUT+II/KH+Ux+ZM8Ln+WJ+Qv8qQ8JU/LM/Ks/FWek+flBXlRXpK/ycvyirwqvRQKlFRKaRWoHCqnilG5VKy6RcWpW1VudZuKqNtVvLpD5VF3qrwqn8qvCqiCqpAqrIxCZRWpUBVRRVVU3aWKqbtVgiquSqiSyqlSKlHdo0qre1UZdZ8qq+5X5dQDqryqoCqqSupBVVk9pKqoh1VV9YiqpqqrGqqmelTVUo+p2upxVUc9oeqqJ1U99ZSqr55WDVRD1Ug9oxqrZ1UT1VQ1U81VC9VStVLPqdbqedVGtVXt1AuqvXpRdVAvqST1suqoXlGd1Kuqs3pNdVGvq67qDdVNvam6qyvqqvKqp+qlklVv1Ue9o/qqfqq/GqAGqnfVIPWeGqzeV0PUUDVMfaCGqw/VCPWRGqlGqdHqYzVGjVXj1Hg1QU1UKeoTNUl9qiarz9QUNVVNU9NVqpqh+v+l0uz/Rv6n/yB/8O+vvlltUVvVNrVd7VA71S61W+1Re9Q+tU8dUAdUlspSB9VBdUgdUofVYXVEHVFH1VF1TB1Tx9VxdUKdUCfVKXVRnVFn1a/qnDqvzquL6pK6pC7/5WsgNGipldY60Dl0Th2jc+lYfYuO07fq3Po2HdG363h9h86j79R5dT6dXxfQBXUhXVgbjdpq0qEuoovqqL5LF9N36wRdXJfQJbXTpXSivuf/OP9G62ulW+nWurVuo9vodrqdbq/b6w66g07SSbqj7qg76U66s+6su+guuqvuqrvpbrq77q576B66p+6pk3Wy7qPf0X11P91fD9AD9bt6kB6kB+vBeogeoofpYXq4Hq5H6BF6pB6pR+vReoweo8fpcXqCnqBTdIqepCfpyXqynqKn6Gl6mk7VqTpNp+mZeqaerWfrOXqOnqvn6vl6vk7X6XqRXqQzdIZeopfoTL1UL9XL9XK9Uq/Uq/VqvVav1ev1er1Rb9SZeoveorfpbXqH3qF36V16j96j9+l9+oA+oLN0lj6oD+pD+pA+rA/rI/qIPqqP6mP6mD6uj+sT+oQ+qU/q0/q0PqvP6nP6nL6gL+hL+pK+rC/rq/rqtcu+QAYy0IEOcgQ5gpggJogNYoO4IC7IHeQOIkEkiA/igzzBnUHeIF+QPygQFAwKBYUDE2BgAwrCoEhQNIgGdwXFgruDhKB4UCIoGbigVJAY3BOUDu4NygT3BWWD+4NywQNB+aBCUDGoFDwYVA4eCqoEDwdVg0eCakH1oEZQM3g0qBU8FtQOHg/qBE8EdYMng3rBU0H94OmgQdAwaBQ8EzQOng2aBE2DZkHzoEXQMmj1L63v/bl8z7ueppdJNr1NH/OO6Wv6mf5mgBlo3jWDzHtmsHnfDDFDzTDzgRluPjQjzEdmpBllRpuPzRgz1owz480EM9GkmE/MJPOpmWw+M1PMVDPNTDepZoZJM5+bmWaWmW2+MHPMl2aumWfmmwUm3Sw0i8xik2G+MkvM1ybTLDXLzHKzwqw0q8xqs8asNevMerPBbDSbzGazxWw128x2s8PsNLvMbrPH7DX7zH5zwHxjssy35qD5kzlkvjOHzffmiPnBHDU/mmPmJ3Pc/GxOmF/MSXPKnDZnzFnzqzlnzpsL5qK5ZH4zl80Vc9X4axf3197eUaPGHJgDYzAGYzEW4zAOc2NujGAE4zEe82AezIt5MT/mx4JYEAtjYbyGkLAIFsEoRrEYFsMETMASWAIdOkzERCyNpbEMlsGyWBbLYTksj+WxIlbEB/FBfAgfwofxYXwEH8HqWB1rYk2shbWwNtbGOlgH62JdrIf1sD7WxwbYABthI2yMjbEJNsFm2AxbYAtsha2wNbbGNtgG22E7bI/tsQN2wCRMwo7YETthJ+yMnbELdsGu2BW7YTfsjt2xB/bAntgTkzEZ+2Af7It9sT/2x4E4EAfhIByMg3EIDsFhOAyH43AcgSNwJI7C0fgxjsGxOA7H4wSciCmYgpNwEk7GyTgFp+A0nIapmIppmIYzcSbOxtk4B+fgXJyL83E+pmM6LsJFmIEZuASXYCZm4jJchitwBa7CVbgG1+A6XIcbcANuwk24BbfgNtyGO3AH7sJduAf34D7chwfwAGZhFh7Eg3gID+FhPIxH8AgexaN4DI/hcTyOJ/AEnsSTeBpP41k8i+fwHF7AC3gJf8PLeAWvoscYm8vG2ltsnL3V5ra32b+P89sCtqAtZAtbY/PafH8To7U2wRa3JWxJ62wpm2jv+UNc3lawFW0l+6CtbB+yVf4Q17KP2dr2cVvHPmFr2kf/Jq5rn7T17LO2vm1qG9jmtpFtaRvbZ20T29Q2s81tC9vStrcv2g72JZtkX7Yd7St/iBfZxXaNXWvX2fV2n91vL9iL9pj9yV6yv9metpcdaN+1g+x7drB93w6xQ/8Qj7Yf2zF2rB1nx9sJduIf4ml2uk21M2ya/dzOtLP+EKfbhXaOzbBz7Tw73y74Pb62pgz7lV1iv7aZdqldZpfbFXalXWVX/8dal9uNdpPdbPfYvXab3W532J12l939e3xtHwfsNzbLfmuP2h/tIfudPWyP2yP2h9/ja/s7bn+2J+wv9qQ9ZU/bM/as/dWes+d/3/+1vZ+xV+xV660gIEmKNAWUg3JSDOWiWLqF4uhWyk23UYRup3i6g/LQnZSX8lF+KkAFqRAVJkNIlohCKkJFKUp3UTG6mxKoOJWgkuSoFCXSPVSa7qUydB+VpfupHD1A5akCVaRK9CBVpoeoCj1MVekRqkbVqQbVpEepFj1GtelxqkNPUF16kurRU1SfnqYG1JAa0TPUmJ6lJtSUmlFzakEtqRU9R63peWpDbakdvUDt6UXqQC9REr1MHekV6kSvUmd6jbrQ69SV3qBu9CZ1p7eoB71NPakXJVNv6kPvUF/qR/1pAA2kd2kQvUeD6X0aQkNpGH1Aw+lDGkEf0UgaRaPpYxpDY2kcjacJNJFS6BOaRJ/SZPqMptBUmkbTKZVmUBp9TjNpFs2mL2gOfUlzaR7NpwWUTgtpES2mDPqKltDXlElLaRktpxW0klbRalpDa2kdracNtJE20WbaQltpG22nHbSTdtFu2kN7aR/tpwP0DWXRt3SQ/kSH6Ds6TN/TEfqBjtKPdIx+ouP0M52gX+gknaLTdIbO0q90js7TBbpIl+g3ukxX6Cp5EiGEMlShDoMwR5gzjAlzhbHhLWFceGuYO7wtjIS3h/HhHWGe8M4wb5gvzB8WCAuGhcLCoQkxtCGFYVgkLBpGw7vCYuHdYUJYPCwRlgxdWCpMDO8JS4f3hmXC+8Ky4f1hufCBsHxYIawYVgofDCuHD4VVwofDquEjYbWwelgjrBk+GtYKHwtrh4+HdcInwjLhk2G98Kmwfvh02CBsGDYKnwkbh8+GTcKmYbOwedgibBm2Cp8LW4fPh23CtmG78IWwffhi2CF8KUwKXw47hq/c8Hhy2DvsE74TvhN6/7iaH10QTY8ujC6KLo5mRL+KLol+Hc2MLo0uiy6ProiujK6Kro6uia6Nrouuj26Iboxuim6Oel8zp3DgpFNOu8DlcDldjMvlYt0tLs7d6nK721zE3e7i3R0uj7vT5XX5XH5XwBV0hVxhZxw668iFrogr6qLuLlfM3e0SXHFXwpV0zpVyia6la+VaudbuedfGtXXt3AvuBfeie9G95F5yL7uO7hXXyb3qOrvXXBf3unvdveG6uTddd/eW6+Hedj1dL5fskl0f18f1dX1df9ffDXQD3SA3yA12g90QN8QNc8PccDfcjXAj3Eg30o12o90YN8aNc+PcBDfBpbgUN8lNcpPdZDfFTXHT3DSX6lJdmktzM91MN9vNdnPcHDfXzXXz3XyX7tLdIrfIZbgMt8QtcZku0y1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73B63x+1z+9wBd8BluSx30B10h9whd9h97464H9xR96M75n5yx93P7oT7xZ10p9xpd8addb+6c+68u+AuukvuN3fZXXFXnXcpkU8ikyKfRiZHPotMiUyNTItMj6RGZkTSIp9HZkZmRWZHvojMiXwZmRuZF5kfWRBJjyyMLIosjmREvoosiXwdyYwsjSyLLI+siKyMeF9oW+iL+KI+6u/yxfzdPsEX9yV8Se98KZ/o7/Gl/b2+jL/Pl/X3+3L+AV/eV/AVfVPfzDf3LXxL38o/51v7530b39a38y/49v5F38G/5JP8y76jf8V38q/6zv4138W/7rv6N3w3/6bv7t/yPfzbvqfv5ZN9b9/Hv+P7+n6+vx/gB/p3/SD/nh/s3/dD/FA/zH/gh/sP/Qj/kR/pR/nR/mM/xo/14/x4P8FP9Cn+Ez/Jf+on+8/8FD/VT/PTfaqf4dP8536mn+Vn+y/8HP+ln+vn+fl+gU/3C/0iv9hn+K/8Ev+1z/RL/TK/3K/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/b7/F7/T6/3x/w3/gs/60/6P/kD/nv/GH/vT/if/BH/Y/+mP/JH/c/+xP+F3/Sn/Kn/Rl/1v/qz/nz/oK/6C/53/xlf8Vf5b9ZY4wxxhj7b1E3ON77H3xO/mVc00cIcev2Akf+vuaGvH+e95P7OkaEEC/36trwr6Nhw+Tk5L+cm6lEUHSeECJyPT+HuB4vFe3EiyJJtBWl/+H6+smKQDeoH71fiNj/lBMj/hzH/E39e/+L+k0X3rD+PCESil7PySWux9frl/kv6u9uf4P6ub5LEaLNf8qJE9fj6/UTxfPiFZH0N2cyxhhjjDHGGGN/1k9e6naj+9tr9+cF9fWcnOJ6fKP7c8YYY4wxxhhjjN18r73Z/aXnkpLaduYJT3jCk/+Y3OzfTIwxxhhjjLF/tesX/Td7JYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPb17/h3Yjd7j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtjN9r8CAAD//3myaBA=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x100010, 0xffffffffffffffff, 0xea855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)

12.11812388s ago: executing program 0 (id=2700):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0d004000060000000400000001000000000000002abb"], 0x50)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x88000000, 0x0, 0x4, 0x7, 0x2000000000000000, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0xeeee8000, 0x200})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x80, 0x4004, 0x0, 0x6, 0xefffffffffffffff, 0x5, 0x0, 0x2000000, 0x3, 0xb3a6, 0x0, 0x9, 0xa, 0xd], 0x0, 0x141d01})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

11.687397009s ago: executing program 0 (id=2704):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x500, 0x0, 0x0}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev={0xfe, 0x80, '\x00', 0x39}, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0xfffffffd, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
getsockopt$inet6_int(r0, 0x29, 0x18, 0x0, &(0x7f0000000040)=0xfffffffffffffc7f)
syz_mount_image$exfat(&(0x7f0000000680), &(0x7f00000000c0)='./file1\x00', 0x2000000, &(0x7f0000000800)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a37e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731200f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e548355376ec821c05008685c055a367ea51b653eff6581710e72f1e7e4d9d1607d004d9ed64f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6611628606afadb04e0158f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x1506, &(0x7f0000002ac0)="$eJzs3QnYj9XWMPC19t43D0n/JPNee938k2GTJBmSZEiSJEkyJSRJjiQkHjIlIQmZk8whmUIyz1PmJDmSJAkJSfZ3PXXOcc7b+d7e853zft73POt3Xfd173Xte+177//ifw/Xcz3PNx0HV61frVJdZoZ/Cv66SwWAFADoBwDXAEAEAKWylcqW1p9JY+o/dxLxr/XQtCs9A3ElSf3TN6l/+ib1T9+k/umb1D99k/qnb1L/9E3qL0R6tm167mtlS7/bP//+P+XXnbz//19Irv/pm9T/382ZTP/I0VL/fyeXQgj/WIbUP32T+qdvUv/0Teqfvkn90zepvxDp2ZV+/yzbld2u9L8/IYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBDpw/lwmQGAtH10pSclhBBCCCGEEEKIf6mQ8UrPQAghhBBCCCGEEP/9EBRoMBBBBsgIKZAJMsNVkAWuhqxwDSTgWsgG10F2uB5yQE7IBbkhD+SFfGCBwAFDDPmhACThBigIN0IhKAxFoCh4KAbF4SYoATdDSbgFSsGtUBpugzJQFspBebgdKsAdUBHuhEpwF1SGKlAVqsHdUB3ugRpwL9SE+6AW3A+14QGoAw9CXXgI6sHDUB8egQbwKDSERtAYmkDT/6f8F6ArvAjdoDukQg/oCS9BL+gNfaAv9IOXoT+8AgPgVRgIg2AwvAZD4HUYCm/AMBgOI+BNGAmjYDSMgbEwDsbDWzAB3oaJ8A5MgskwBabCNJgOM+BdmAmzYDa8B3PgfZgL82A+LICF8AEsgsWwBD6EpfARLIPlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg49hO+yAnbALdsMe2AufwD74FPbDZ3AAPv8H88/9h/xOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwByYC3NhHsyD+TAfEhIyMubH/JjEJBbEglgIC2ERLIIePRbH4lgCb8aSWBJLYSksjaWxDJbFslgey2MFrIAVsSJWwkpYGStjVayKd+PdeA/WwBpYE2tiLayFtbE21sE6WBfrYj2sh/WxPjbABtgQG2JjbIxNsSk2w2bYHJtjS2yJrbAVtsbW2AbbYFtsi+2wHbbH9tgBO2BH7IidsDN2xhfwBXwRX8TuWFn1wJ7YE3thL+yDfbEvvoz98RV8BV/FgTgIB+Nr+Bq+jkPxLA7D4TgCR2AFNQpH4xhkNQ7H43icgBNwIk7ESTgZJ+NUnIbTcQbOwJk4C2fhezgH38f3cR7OwwW4EBfiIlyMS3AJLsVzuAyX4wpciatwNa7CtbgO1+IG3IgbcDNuxq24FT/Gj3EH7sBduAv34B78BD/BT/FTHIgH8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7EU3gaT+EZPINn8Ryex/N4AS/gRbyIl/BS2n9+lcYoozKoDCpFpajMKrPKorKorCqrSqiEyqayqewqu8qhcqhcKpfKo/KofCqfIkWKVazyq/wqqZKqoCqoCqlCqogqorzyqrgqrkqoEqqkKqlKqVtVaXWbKqPKqha+vCqvKqiWvqK6U1VSlVRlVUVVVdVUNVVdVVc1VA1VU9VUtVQtVVs9oOqoHtgHH1JplamvBmEDNRgbqkaqsWqiXsfHVDM1FJurFqqlekINx2HYWjXzbdTTqq0aje3UH9QYfFZ1UOOwo3pedVKdVRf1guqqmvtuqruahD1UTzUVe6neqo/qq2ZiFZVWsarqVTVQDVKD1WtqAb6uhqo31DA1XI1Qb6qRapQarcaosWqcGq/eUhPU22qiekdNUpPVFDVVTVPT1Yy0r1Y1S81W76k56n01V81T89UCtVB9oBapxWqJ+lAtVR+pZWq5WqFWqlVqtVqj1qp1ar3aoDaqTRGoLWqr2qY+VtvVDrVT7VK71R61V32i9qlP1X71mTqgPlcH1R/VIfWFOqy+VEfUV+qo+lodU9+o4+pbdUJ9p06qU+q0+l6dUT+os+qcOq9+VBfUT+qi+lldUkGBRq201kZHOoPOqFN0Jp1ZX6Wz6Kt1Vn2NTuhrdTZ9nc6ur9c5dE6dS+fWeXRenU9bTdpp1rHOrwvopL5BF9Q36kK6sC6ii2qvi+ni+iZdQt+sS+pbdCl9qy6tb9NldFldTpfXt+sK+g5dUd+pK+m7dGVdRVfV1fTdurq+R9fQ9+qa+j5dS9+va+sHdB39oK6rH9L19MO6vn5EN9CP6oa6kW6sm+im+jHdTD+um+sWuqV+QrfST+rW+indRj+t2+pndDv9B91eP6s76Od0R/287qQ76y76Z31JB91Nd9epuofuqV/SvXRv3Uf31f30y7q/fkUP0K/qgXqQHqxf00P063qofkMP08P1CP2mHqlH6dF6jB6rx+nx+i09Qb+tJ+p39CQ9WU/RU/U0PV33+dNIs/8L+W//nfwBv5x9q96mP9bb9Q69U+/Su/UevVfv1fv0Pr1f79cH9AF9UB/Uh/QhfVgf1kf0EX1UH9XH9DF9XB/XJ/QJfVKf0j/q7/UZ/YM+q8/pc/pHfUFf0Bf/9BmAQaOMNsZEJoPJaFJMJpPZXGWymKtNVnONSZhrTTZznclurjc5TE6Ty+Q2eUxek89YQ8YZNrHJbwqYpLnBFDQ3mkKmsCliihpvipni5qZ/Ov/35tfUNDXNTDPT3DQ3LU1L08q0Mq1Na9PGtDFtTVvTzrQz7U1708F0MB1NR9PJdDJdTBfT1XQ1AQBSTarpaV4yvUxv08f0Nf3My6a/6W8GmAFmoBloBpvBZogZYoaaoWaYGWZGmBFmpBlpRpvRZqwZa8ab8WaCmWAmmolmkplkppgpZpqZZmaYGWammWlmm9lmjplj5pq5Zr6ZbxaahWaRWWSWmCVmqVlqlpnlZrlZaVaa1Wa1WWvWmvVmvdloNprNZrNZZv78A5o7zU6z2+w2e81es8/sM/vNfnPAHDAHzUFzyBwyh81hc8QcMUfNUXPMHDPHzXFzwpwwJ81Jc9qcNmfMGXPWnDXnzXlzwVwwF81Fc8lcSrvti1SkIhOZKEOUIUqJUqLMUeYoS5QlyhpljRJRIsoWZYuyR9dHOaKcUa4od5Qnyhvli2xEkYs4iqP8UYEoGd0QFYxujApFhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv5Lxw/hbM7HfTfb3abaHranfcn2sr1tH9vX9rMv2/72FTvAvmoH2kF2sH3NDrGv26H2DTvMDrcj7Jt2pB1lR9sxdqwdZ8fbt+wE+7adaN+xk+xkO8VOtdPsdDvDvmtn2ll2tn3PzrHv27l2np1vF9iF9gO7yC62S+yHdqn9yC6zy+0Ku9KusqvtGrvWrrPr7Qa70W6ym+0Wu9Vusx/b7XaH3Wl32d12j91rP7H77Kd2v/3MHrCf24P2j/aQ/cIetl/aI/Yre9R+bY/Zb+xx+609Yb+zJ+0pe9p+b8/YH+xZe86etz/aC/Yne9H+bC/ZkHZzn3Z5J0OGMlAGSqEUykyZKQtloayUlRKUoGyUjbJTdspBOSgX5aI8lIfyUT5Kw8SUn/JTkpJUkApSISpERagIefJUnIpTCSpBJakklaJSVJpKUxkqQ+Uo7aJ5O91Bd9CddCfdRXdRFapC1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUgBpQQ2pIjakxNaWm1IyaUXNqTi2pJbWiVtSaWlMbakNtqS21o3bUntpTB+pAHakjdaJO1IW6UFfqSt2oG6VSKvWkntSLelEf6kP9qB/1p/40gAbQQBpIg2kwDaEhNJSG0jAaTiPoTRpJo2g0jaGxNI7G03iaQBNoIk2kSTSJptAUmkbTaAbNoJk0k2bTbJpDc2guzaX5NJ8W0kJaRItoCS2hpbSUltEyWkEraBWtojW0htbROtpAG2gTbaIttIW20TbaTttpJ+2k3bSb9tJe2kf7aD/tpwN0gA7SQTpEh+gwHaYjdISO0lE6RsfoOB2nE3SCTtJJPE2n6QydobN0ls7TebpAP9FF+pkuUaAUl8lldle5LO5ql9Vd41Jcpu4A8Jc4l8vt8ri8Lp+zLofL+TcxOecKucKuiCvqvCvmirubfhOX6VHWlXPl3e2ugrvDVXRl3N/G1d09roa719V097lq7u6/iWu5+11t94ir4x51dV0jV881cfXdI66Be9Q1dI1cY9fEtXJPutbuKdfGPe3aumd+Ey9yi906t95tcBvdPvepO+9+dMfcN+6C+8l1c91dP/ey6+9ecQPcq26gG/SbeIR70410o9xoN8aNdeN+E09xU900N93NcO+6mW7Wb+KF7gM3xy1xc908N98t+CVOm9MS96Fb6j5yy9xyt8KtdKvcarfGrf3LXFe6zW6L2+r2uk/cdrfD7XS73G6355c4bR373WfugPvcHXVfu0PuC3fYHXdH3Fe/xGnrO+6+dSfcd+6kO+VOu+/dGfeDO+vO/bL+tLV/7352l1xwwMiKNRuOOANn5BTOxJn5Ks7CV3NWvoYTfC1n4+s4O1/POTgn5+LcnIfzcj62TOyYOeb8XICTfAMX5Bu5EBfmIlyUPRfj4nwTl+CbuSTfwqX4Vi7Nt3EZLsvluDzfzhX4Dq7Id3IlvosrcxWuytX4bq7O93ANvpdr8n1ci+/n2vwA1+EHuS4/xPX4Ya7Pj3ADfpQbciNuzE24KT/Gzfhxbs4tuCU/wa34SW7NT3Ebfprb8jPcjv/A7flZ7sDPcUd+njtxZ+7CL3BXfpG7cXdO5R7ck1/iXtyb+3Bf7scvc39+hQfwqzyQB/Fgfo2H8Os8lN/gYTycR/CbPJJH8Wgew2N5HI/nt3gCv80T+R2exJN5Ck/laTydZ/C7PJNn8Wx+j+fw+zyX5/F8XsAL+QNexIt5CX/IS/kjXsbLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexh/zdt7BO3kX7+Y9vJc/4X38Ke/nz/gAf84H+Y98iL/gw/wlH+Gv+Ch/zcf4Gz7O3/IJ/o5P8ik+zd/zGf6Bz/I5Ps8/8gX+iS/yz3yJA0OMsYp1bOIozhBnjFPiTHHm+Ko4S3x1nDW+Jk7E18bZ4uvi7PH1cY44Z5wrzh3nifPG+WIbU+xijuM4f1wgTsY3xAXjG+NCceG4SFw09nGxuHh8U1wivjkuGd8Sl4pvjUvHt8Vl4rJxubh8fHtcIb4jrhjfGVeK74orx1XiqnG1+O64enxPXCO+N64Z3xeXjO+Pa8cPxHXiB+O68UNxvfjhuH78SNwgfjRuGDeKG8dN4qbxY3Gz+PG4edwibhk/EbeKn4xbx0/FbeKn47bxM7/bnxr3iHvGL8UvxSHcq+cnFyQXJj9ILkouTi5JfphcmvwouSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObkluTUZQrWM4NErr73xkc/gM/oUn8ln9lf5LP5qn9Vf4xP+Wp/NX+ez++t9Dp/T5/K5fR6f1+fz1pN3nn3s8/sCPulv8AX9jb6QL+yL+KLe+2K+uG/im/qmvpl/3Df3LXxL/4R/wj/pn/RP+af8076tf8a385Bo75/1Hfxz/jn/vO/kO/su/gXf1b/ou/nuPtWn+p6+p+/le/k+vo/v5/v5/r6/H+AH+IF+oB/sB/shfogf6of6YX6YH+FH+JF+pB/tR/uxfqwf78f7CX6Cn+gn+kl+kp/ip/hpfpqf4Wf4mX6mn+1n+zl+jp/r5/r5fr5f6Bf6RX6RX+KX+KV+qV/ml/kVfoVf5Vf5NX6NX+fX+Q1+g9/kN/ktfovf5rf57X673+l3+t1+t9/r9/p9fp/f7/f7A/6AP+gP+kP+kD/sv/RH/Ff+qP/aH/Pf+OP+W3/Cf+dP+lP+tP/en/E/+LP+nD/vf/QX/E/+ov/ZX/LBj0+8lZiQeDsxMfFOYlJicmJKYmpiWmJ6Ykbi3cTMxKzE7MR7iTmJ9xNzE/MS8xMLEgsTHyQWJRYnliQ+TCxNfJRYllieWJFYmViVWJ0IIe/2OOQPBUIy3BAKhhtDoVA4FAlFgw/FQvFwUygRbg4lwy2hVLg1lA63hTKhbCgXHg0NQ6PQODQJTcNjoVl4PDQPLULL8ERoFZ4MrcNToU14OrQNz4R24Q+hfXg2dAjPhY7h+dApdA5dwguha3gxdAvdQ2roEXqGl0Kv0Dv0CX1Dv/By6B9eCQPCq2FgGBQGh9fCkPB6GBreCMPC8DAivBlGhlFhdBgTxoZxYXx4K0wIb4eJ4Z0wKUwOU8LUMC1MDzPCu2FmmBVmh/fCnPB+mBvmhflhQVgYPgiLwuKwJHwYloaPwrKwPKwIK8OqsDqsCWvDurA+bAgbw6awOWwJW8O28HHYHnaEnWFX2B32hL3hk7AvfBr2h8/CgfB5OBj+GA6FL8Lh8GU4Er4KR8PX4Vj4JhwP34YT4btwMpwKp8P34Uz4IZwN58L58GO4EH4KF8PP4VII4Uq/SRdCCCGE+N9A/05/j/9LjvpTuycAXL0j95H/2L8px6/t3hnztEoAwNPdOz70561y5dTU1D8du0xDVGAeACQu52eAy/FyaAlPQhtoASX+0p/yV+fqrTpf4P9sfIAoeStA5r/KScv/c3x5/Jv/7vp7q1Fz/tPxNUTJeQCFClzOyQSX48vjl/y746eqnM1+Z/xMX4wHaP5XOVngcnx5/OLwODwDbf7mSCGEEEIIIYQQ4le9Vbn2v/d8m/Z8nsdczskIl+O/93wuhBBCCCGEEEKI/1me7dzlqcfatGnRXhr/HY0UAAjX/PpR/0+YjzSk8V9sXOlvJiGEEEIIIcS/2uWb/is9EyGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIv36//HrxP58rt/7W4NCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHEv6v/EwAA//8oYjL2")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x10, 0x0, 0x0, 0x0, 0x2}, 0x94)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
ptrace$setregs(0xd, r4, 0x0, &(0x7f00000003c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b88f8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000a50000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ptrace$getregset(0x4205, r4, 0x1, &(0x7f0000000080)={&(0x7f00000000c0)=""/120, 0x78})

11.350172573s ago: executing program 0 (id=2706):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r4 = inotify_init1(0x0)
r5 = dup(r4)
inotify_rm_watch(r5, 0x0)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073110203000000008510008002000000b7000000000000009500c200000000009500001200000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x70)
fallocate(0xffffffffffffffff, 0x0, 0x9, 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$UI_SET_FFBIT(r6, 0x4004556b, 0x51)
ioctl$UI_DEV_CREATE(r6, 0x5501)
r7 = syz_open_dev$evdev(&(0x7f0000000100), 0x72, 0x0)
ioctl$EVIOCSFF(r7, 0x40304580, &(0x7f0000000500)={0x50, 0x4, 0x1d, {0x12, 0xcac}, {0x8000, 0x7}, @ramp={0x400, 0x7, {0x8, 0xfffb, 0xeb4d, 0xf7f3}}})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

10.542739969s ago: executing program 0 (id=2708):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r3, &(0x7f0000000000)=@file={0x1}, 0x6e)
setsockopt$sock_timeval(r3, 0x1, 0x15, &(0x7f0000000100)={0x0, 0xea60}, 0x10)
connect$unix(r3, &(0x7f0000000080)=@file={0x1}, 0x6e)

10.323868268s ago: executing program 0 (id=2710):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
modify_ldt$read_default(0x2, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_procfs(r0, &(0x7f00000003c0)='statm\x00')
read$FUSE(r3, &(0x7f0000004180)={0x2020}, 0x2020)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="580000000008010200000000000000000200ffff0600024022eb000005000300ffff00000900010073797a3000000000260004"], 0x58}, 0x1, 0x0, 0x0, 0x20000015}, 0x40)

8.370515894s ago: executing program 5 (id=2717):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x10002, 0x4, 0x2000, 0x2000, &(0x7f0000012000/0x2000)=nil})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

8.188008662s ago: executing program 6 (id=2718):
r0 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0xa)
fchdir(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r5, &(0x7f0000000f80)=""/4096, 0x1000)

7.927886763s ago: executing program 5 (id=2719):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r4 = inotify_init1(0x0)
r5 = dup(r4)
inotify_rm_watch(r5, 0x0)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073110203000000008510008002000000b7000000000000009500c200000000009500001200000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x70)
fallocate(0xffffffffffffffff, 0x0, 0x9, 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000280)={{0x0, 0x4, 0x0, 0x9}, 'syz1\x00', 0x9})
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x51)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r6 = syz_open_dev$evdev(&(0x7f0000000100), 0x72, 0x0)
ioctl$EVIOCSFF(r6, 0x40304580, &(0x7f0000000500)={0x50, 0x4, 0x1d, {0x12, 0xcac}, {0x8000, 0x7}, @ramp={0x400, 0x7, {0x8, 0xfffb, 0xeb4d, 0xf7f3}}})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

7.167622296s ago: executing program 0 (id=2720):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@dioread_nolock}]}, 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0xfffffffd, 0x33}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x0, 0xfffffffe}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x21, 0x0)

7.06643253s ago: executing program 6 (id=2721):
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1e00000000000000000000000300000004100000", @ANYRES32, @ANYBLOB="1a0001ddff000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000040000000500000007"], 0x50)

6.751805534s ago: executing program 6 (id=2723):
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

5.139874935s ago: executing program 6 (id=2728):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
ioctl$KDFONTOP_SET_DEF(r3, 0x4b72, 0x0)

5.067814598s ago: executing program 5 (id=2730):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
modify_ldt$read_default(0x2, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_procfs(r0, &(0x7f00000003c0)='statm\x00')
read$FUSE(r3, &(0x7f0000004180)={0x2020}, 0x2020)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="580000000008010200000000000000000200ffff0600024022eb000005000300ffff00000900010073797a3000000000260004"], 0x58}, 0x1, 0x0, 0x0, 0x20000015}, 0x40)

3.989591905s ago: executing program 7 (id=2732):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

3.983256686s ago: executing program 6 (id=2733):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=@framed={{}, [@printk={@x, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
unshare(0x26020400)

3.835527322s ago: executing program 7 (id=2734):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_CREATE2(r0, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, 0x0, 0x6c})
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, &(0x7f00000002c0)=[@code={0x1, 0x4a, {"2e450f1c80c800000066bad004b875a90000ef0fc73bd9e1438074180db50f2106f2440f2d300f00960a000000c4817a2cd82ef3410f2b41b7"}}], 0x4a})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x60000400000, 0x1000000000, 0x0, 0x40, 0x2000001, 0x0, 0x2004cb, 0x10000000000, 0x0, 0x68ff, 0x3, 0x20000000000000, 0xffffffffffffffff, 0x0, 0x0, 0x4], 0x1, 0x202})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.747789106s ago: executing program 6 (id=2735):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
socket$packet(0x11, 0x3, 0x300)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

3.315820324s ago: executing program 7 (id=2737):
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

3.142586792s ago: executing program 4 (id=2738):
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
write$binfmt_misc(r0, &(0x7f0000000600), 0x1000)

2.947841201s ago: executing program 4 (id=2739):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r4 = inotify_init1(0x0)
r5 = dup(r4)
inotify_rm_watch(r5, 0x0)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073110203000000008510008002000000b7000000000000009500c200000000009500001200000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x70)
fallocate(0xffffffffffffffff, 0x0, 0x9, 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000280)={{0x0, 0x4, 0x0, 0x9}, 'syz1\x00', 0x9})
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x51)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r6 = syz_open_dev$evdev(&(0x7f0000000100), 0x72, 0x0)
ioctl$EVIOCSFF(r6, 0x40304580, &(0x7f0000000500)={0x50, 0x4, 0x1d, {0x12, 0xcac}, {0x8000, 0x7}, @ramp={0x400, 0x7, {0x8, 0xfffb, 0xeb4d, 0xf7f3}}})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

2.410698614s ago: executing program 4 (id=2740):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getcwd(0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r4, &(0x7f0000000080)='cgroup.max.descendants\x00', 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000240)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x430601, 0x10)

2.329958328s ago: executing program 7 (id=2741):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x202, @private2={0xfc, 0x2, '\x00', 0xff}, 0x4ac2d78a}}, 0x0, 0x0, 0x34, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
setsockopt$inet6_tcp_int(r3, 0x6, 0x19, &(0x7f0000000880)=0x3, 0x4)
writev(r3, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

1.501084304s ago: executing program 7 (id=2742):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
open(&(0x7f0000000000)='./file2\x00', 0x147842, 0x1ef)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
ioctl$KDFONTOP_SET_DEF(r2, 0x4b72, 0x0)

1.498406634s ago: executing program 5 (id=2743):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000001006f9595d6538c6dc80804fa586226a23d71aafd23663ae6610952721f71faa0f9bbbf412166404116aa2b81a0443a169f41457a94c3cc54fe08aab15e489617968f5436df3a99f504fa0088e8b1448974a9b93c6085171af52ad83dc1a0d9db61bc4258ff449644dd8c597ebbcbc361f54e298ca8e5d80a5f64c515683dc72d205fc8529a6f849ee1806cc8d60ce55bbc50c1742c19f75d4d0081b6e6ccfb837bb993d2e941da721d6d88c6ecc94d80a1e22bd8e625"], 0x3, 0x174, &(0x7f0000000480)="$eJzsmD9PwkAYxp9rESJxcMZBE0lEI6UtalxMJPEDmOCfsEGkErSIQgdh85MYv4CLu/GjKJMLo3NN2wNOouKgJsbnN7z3vNe317u3ydOkIIT8W3pPL48XvcaKDmAGaSTk/LM+qtGU+tVssTl3vZ28K9+WdlL3/fH1BADf//rzYwAeCjo8mfv+27vTctyDNtT70LAs9SEEDKnL0HAgtQOBktQnim4G9YZxXHcd46jpVgNhBsEKgh2E/Pj++lcCVWV/Qrne7nRPK67rtH5QTOpfv6BhS9mf+r4GvTGV/lnQYEmdh0BR6k0kBr2JWqKcPxUbra//8vkpKCj+mhj5k38jsKT4U0zxj5zXOM+1O91svVGpOTXnzLbzG+aaaa7budCIoviJ/02H/pRU1p/6oDYu4riseF7LiuIwt6P4nuPGQ//TkFmMciHnVMLvwaxYCIaMLnNCCCGEEEIIIYQQQgj5duYhwr+gE7B3w+rXAAAA//9nP3XZ")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x141a82, 0x0)
sendfile(r4, r4, 0x0, 0x30)

1.395647308s ago: executing program 4 (id=2744):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
creat(&(0x7f0000000140)='./file0\x00', 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f0000000080))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f0000000000)='./bus/file0\x00', 0x0)
renameat2(r3, &(0x7f0000000240)='./bus/file0\x00', r3, &(0x7f00000001c0)='./file0\x00', 0x2)

335.282395ms ago: executing program 4 (id=2745):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
fspick(0xffffffffffffffff, 0x0, 0xef472a54935ff04f)

190.889891ms ago: executing program 5 (id=2746):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x24, r1, 0xd66771a5e8224ded, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_NETNS_FD={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

55.798567ms ago: executing program 4 (id=2747):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES64], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x8000000000000021, 0x0)
syz_usb_disconnect(r1)
syz_usb_connect$cdc_ncm(0x7, 0x6e, &(0x7f00000002c0)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r1, 0xc0085508, &(0x7f0000000000))

16.970539ms ago: executing program 5 (id=2748):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000002c0)="ea", 0x1}], 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1], 0x18}}], 0x1, 0x4)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x39000, 0x0)

0s ago: executing program 7 (id=2749):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r4 = inotify_init1(0x0)
r5 = dup(r4)
inotify_rm_watch(r5, 0x0)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b40800000000000073110203000000008510008002000000b7000000000000009500c200000000009500001200000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x70)
fallocate(0xffffffffffffffff, 0x0, 0x9, 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000280)={{0x0, 0x4, 0x0, 0x9}, 'syz1\x00', 0x9})
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), 0x0, 0x0, 0xfffffffffffffffd)
ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x51)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r6 = syz_open_dev$evdev(&(0x7f0000000100), 0x72, 0x0)
ioctl$EVIOCSFF(r6, 0x40304580, &(0x7f0000000500)={0x50, 0x4, 0x1d, {0x12, 0xcac}, {0x8000, 0x7}, @ramp={0x400, 0x7, {0x8, 0xfffb, 0xeb4d, 0xf7f3}}})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  321.059167][ T8037] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  322.016392][ T4273] EXT4-fs (loop1): unmounting filesystem.
[  322.102258][ T6377] EXT4-fs (loop5): unmounting filesystem.
[  323.880124][ T8096] loop3: detected capacity change from 0 to 512
[  324.267002][ T8096] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  324.428823][ T8096] ext4 filesystem being mounted at /227/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.014107][ T8121] loop4: detected capacity change from 0 to 256
[  325.028075][ T8121] /dev/loop4: Can't open blockdev
[  325.036243][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  325.275275][ T8123] netlink: 'syz.0.1107': attribute type 4 has an invalid length.
[  325.568591][ T8123] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1107'.
[  327.064150][ T8164] Bluetooth: MGMT ver 1.22
[  327.769412][ T8173] loop3: detected capacity change from 0 to 256
[  327.972768][ T8181] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1123'.
[  330.922948][ T8220] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1136'.
[  331.018314][ T8220] device sit0 entered promiscuous mode
[  333.968736][ T8267] fuse: Bad value for 'fd'
[  334.431204][ T4271] Bluetooth: hci5: command 0x0406 tx timeout
[  337.744323][ T8304] loop5: detected capacity change from 0 to 512
[  337.797093][ T8304] EXT4-fs: Ignoring removed mblk_io_submit option
[  338.011758][ T8304] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  338.119504][ T8304] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #13: comm syz.5.1158: attempt to clear invalid blocks 2 len 1
[  338.170028][ T8304] EXT4-fs (loop5): Remounting filesystem read-only
[  338.198023][ T8304] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  338.299734][ T8304] EXT4-fs (loop5): Remounting filesystem read-only
[  338.317579][ T8304] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1158: invalid indirect mapped block 1819239214 (level 0)
[  338.354517][ T8304] EXT4-fs (loop5): Remounting filesystem read-only
[  338.361601][ T8304] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1158: invalid indirect mapped block 1819239214 (level 1)
[  338.405423][ T8304] EXT4-fs (loop5): Remounting filesystem read-only
[  338.430685][ T8304] EXT4-fs (loop5): 1 truncate cleaned up
[  338.454508][ T8304] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  338.496315][ T8331] loop3: detected capacity change from 0 to 512
[  338.516251][ T8331] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  338.687357][ T8331] EXT4-fs (loop3): 1 truncate cleaned up
[  338.704608][ T8331] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  339.323942][ T6377] EXT4-fs (loop5): unmounting filesystem.
[  339.336312][   T27] audit: type=1800 audit(1764019209.836:88): pid=8331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1167" name="bus" dev="loop3" ino=18 res=0 errno=0
[  339.385803][ T8342] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  340.249009][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  340.458986][ T8358] loop3: detected capacity change from 0 to 256
[  340.469145][ T8356] loop4: detected capacity change from 0 to 2048
[  340.509989][ T8358] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  341.601460][ T8378] loop1: detected capacity change from 0 to 128
[  341.697427][   T27] audit: type=1800 audit(1764019212.146:89): pid=8378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1182" name="bus" dev="loop1" ino=1048637 res=0 errno=0
[  343.885139][ T4836] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.901228][ T8402] loop1: detected capacity change from 0 to 256
[  343.907883][ T8404] loop4: detected capacity change from 0 to 2048
[  343.947824][ T8402] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  344.081939][ T5178] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  344.465928][ T8418] loop4: detected capacity change from 0 to 512
[  344.475461][ T4836] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.489832][ T8418] EXT4-fs: Ignoring removed mblk_io_submit option
[  344.506864][ T8418] EXT4-fs: inline encryption not supported
[  344.554746][ T8418] EXT4-fs: Ignoring removed mblk_io_submit option
[  344.586737][ T8418] /dev/loop4: Can't open blockdev
[  344.900610][ T4836] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.385003][ T4279] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  345.395468][ T4279] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  345.403878][ T4279] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  345.412024][ T4279] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  345.420801][ T4279] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  345.429656][ T4267] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  345.542904][ T4836] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.575742][ T8447] loop4: detected capacity change from 0 to 256
[  346.612597][ T8449] loop5: detected capacity change from 0 to 16
[  346.633435][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  346.673205][ T8449] erofs: (device loop5): mounted with root inode @ nid 36.
[  346.709500][ T8449] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36
[  346.954219][ T8454] loop4: detected capacity change from 0 to 2048
[  347.126368][ T4267] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  347.141253][ T4279] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  347.150481][ T4279] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  347.158401][ T4279] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  347.167304][ T4279] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  347.174934][ T4279] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  347.234270][ T8468] kernel profiling enabled (shift: 5)
[  347.441502][ T8431] chnl_net:caif_netlink_parms(): no params data found
[  347.481359][ T4271] Bluetooth: hci0: command 0x0409 tx timeout
[  348.372260][ T8484] loop4: detected capacity change from 0 to 256
[  348.411954][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  348.629134][ T8496] loop4: detected capacity change from 0 to 1024
[  348.656194][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  348.707869][ T8431] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.731171][ T8431] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.760709][ T8431] device bridge_slave_0 entered promiscuous mode
[  348.878038][ T8431] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.889737][ T8431] bridge0: port 2(bridge_slave_1) entered disabled state
[  348.934437][ T8431] device bridge_slave_1 entered promiscuous mode
[  349.183398][ T8516] loop4: detected capacity change from 0 to 256
[  349.211894][ T8516] /dev/loop4: Can't open blockdev
[  349.786551][ T4271] Bluetooth: hci0: command 0x041b tx timeout
[  349.793700][ T4279] Bluetooth: hci1: command 0x0409 tx timeout
[  349.855928][ T8431] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  350.055527][ T8431] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  350.071422][ T4340] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  350.088655][ T8527] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1224'.
[  350.222232][ T8431] team0: Port device team_slave_0 added
[  350.241503][ T8431] team0: Port device team_slave_1 added
[  350.292447][ T4340] usb 1-1: Using ep0 maxpacket: 16
[  350.310442][ T4340] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  350.341105][ T4340] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  350.355104][ T4340] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  350.367927][ T4340] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.411649][ T8431] batman_adv: batadv0: Adding interface: batadv_slave_0
[  350.418643][ T8431] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.451617][ T4340] usb 1-1: config 0 descriptor??
[  350.468494][ T8431] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  350.498226][ T8463] chnl_net:caif_netlink_parms(): no params data found
[  350.524393][ T8431] batman_adv: batadv0: Adding interface: batadv_slave_1
[  350.546348][ T8431] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.574162][ T8431] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  350.769882][ T4836] device hsr_slave_0 left promiscuous mode
[  350.804658][ T4836] device hsr_slave_1 left promiscuous mode
[  350.824039][ T4836] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  350.912597][ T4836] batman_adv: batadv0: Removing interface: batadv_slave_0
[  350.976855][ T4836] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  351.030400][ T4836] batman_adv: batadv0: Removing interface: batadv_slave_1
[  351.084546][ T4836] device bridge_slave_1 left promiscuous mode
[  351.107151][ T4836] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.148813][ T4836] device bridge_slave_0 left promiscuous mode
[  351.200296][ T4836] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.369587][ T4836] device veth1_macvtap left promiscuous mode
[  351.409285][ T4836] device veth0_macvtap left promiscuous mode
[  351.448650][ T4836] device veth1_vlan left promiscuous mode
[  351.466267][ T4836] device veth0_vlan left promiscuous mode
[  351.871782][ T4271] Bluetooth: hci0: command 0x040f tx timeout
[  351.877852][ T4271] Bluetooth: hci1: command 0x041b tx timeout
[  351.972832][   T26] usb 1-1: USB disconnect, device number 9
[  352.518861][ T8568] loop4: detected capacity change from 0 to 512
[  352.535341][ T8568] /dev/loop4: Can't open blockdev
[  352.572426][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  353.403808][ T4836] team0 (unregistering): Port device team_slave_1 removed
[  353.616851][ T4836] team0 (unregistering): Port device team_slave_0 removed
[  353.658118][ T4836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  353.701703][ T4836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  353.951633][ T4271] Bluetooth: hci1: command 0x040f tx timeout
[  353.957702][ T4271] Bluetooth: hci0: command 0x0419 tx timeout
[  354.225569][ T4836] bond0 (unregistering): Released all slaves
[  354.327627][ T8583] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1240'.
[  354.355805][ T8431] device hsr_slave_0 entered promiscuous mode
[  354.394669][ T8431] device hsr_slave_1 entered promiscuous mode
[  354.532152][ T8598] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1244'.
[  354.628446][ T8463] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.650290][ T8463] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.676750][ T8463] device bridge_slave_0 entered promiscuous mode
[  354.710796][ T8463] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.719759][ T8463] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.736782][ T8463] device bridge_slave_1 entered promiscuous mode
[  354.825233][ T8463] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.848589][ T8463] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  355.057956][ T8463] team0: Port device team_slave_0 added
[  355.092856][ T8463] team0: Port device team_slave_1 added
[  355.198898][ T8619] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  355.226879][ T8619] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  355.300550][ T8463] batman_adv: batadv0: Adding interface: batadv_slave_0
[  355.385899][ T8463] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  355.541171][ T6815] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  355.600104][ T8463] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  355.742103][ T6815] usb 5-1: Using ep0 maxpacket: 16
[  355.754791][ T6815] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.844860][ T6815] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  355.904998][ T6815] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.024138][ T6815] usb 5-1: config 0 descriptor??
[  356.031409][ T4271] Bluetooth: hci1: command 0x0419 tx timeout
[  356.434571][ T8463] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.490939][ T6815] usbhid 5-1:0.0: can't add hid device: -71
[  356.520523][ T6815] usbhid: probe of 5-1:0.0 failed with error -71
[  356.535098][ T8463] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.657722][ T6815] usb 5-1: USB disconnect, device number 10
[  356.857376][ T8463] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  357.776115][ T8431] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  357.862632][ T8431] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  357.880003][ T8431] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  357.891961][ T8431] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  357.943165][ T8463] device hsr_slave_0 entered promiscuous mode
[  357.973982][ T8463] device hsr_slave_1 entered promiscuous mode
[  358.013562][ T8463] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  358.038179][ T8463] Cannot create hsr debugfs directory
[  358.812365][ T4836] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.122601][ T4836] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.528277][ T4836] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.868756][ T4836] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.091981][ T8689] loop4: detected capacity change from 0 to 1024
[  361.209807][ T8431] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.959345][ T8463] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  362.385011][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  362.417156][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  362.469433][ T8431] 8021q: adding VLAN 0 to HW filter on device team0
[  362.514756][ T8463] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  362.629446][ T8463] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  363.048356][ T5859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  363.114531][ T5859] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  363.123248][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.130386][ T5859] bridge0: port 1(bridge_slave_0) entered forwarding state
[  363.139775][ T5859] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  363.222710][ T8463] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  363.323338][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  363.335740][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  363.349661][ T4675] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.356888][ T4675] bridge0: port 2(bridge_slave_1) entered forwarding state
[  363.397441][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  363.423737][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  363.454154][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  363.488649][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  363.500321][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  363.571795][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  363.592347][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  363.628848][ T8431] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  363.653902][ T8431] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  363.693311][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  363.710510][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  363.734381][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  363.743767][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  364.487167][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  364.725234][ T8463] 8021q: adding VLAN 0 to HW filter on device bond0
[  364.855201][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  364.882282][ T4482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  364.921806][ T8463] 8021q: adding VLAN 0 to HW filter on device team0
[  365.009292][ T8763] loop4: detected capacity change from 0 to 128
[  365.015948][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  365.037374][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  365.071357][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[  365.078664][ T5843] bridge0: port 1(bridge_slave_0) entered forwarding state
[  365.103336][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  365.123460][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  365.168503][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  365.232427][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.239569][ T5843] bridge0: port 2(bridge_slave_1) entered forwarding state
[  365.444072][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  365.534620][ T8779] loop4: detected capacity change from 0 to 512
[  365.541984][ T8779] /dev/loop4: Can't open blockdev
[  366.801240][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  366.948271][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  366.964814][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  366.976568][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  366.987677][ T8780] loop5: detected capacity change from 0 to 164
[  367.017933][ T8780] Symlink component flag not implemented
[  367.076764][ T8780] Symlink component flag not implemented
[  367.102966][ T8780] Symlink component flag not implemented (112)
[  367.159958][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  367.182134][ T8780] Symlink component flag not implemented (22)
[  367.401740][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  367.442658][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  367.509302][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  367.517537][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  367.537378][ T8431] 8021q: adding VLAN 0 to HW filter on device batadv0
[  367.641767][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  367.655044][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  367.712934][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  367.761861][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  367.787864][ T8463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  368.667688][ T8817] netlink: 'syz.0.1307': attribute type 13 has an invalid length.
[  369.019236][ T8817] gretap0: refused to change device tx_queue_len
[  369.213673][ T8817] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  369.623856][ T8833] loop5: detected capacity change from 0 to 128
[  369.772378][ T8833] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  369.831424][ T8833] ext4 filesystem being mounted at /111/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  370.034640][ T8848] loop4: detected capacity change from 0 to 128
[  370.404209][ T8848] /dev/loop4: Can't open blockdev
[  370.709625][ T5026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  370.749508][ T5026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  370.831143][ T5863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  370.838696][ T5863] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  370.876927][ T8463] 8021q: adding VLAN 0 to HW filter on device batadv0
[  370.904904][ T8431] device veth0_vlan entered promiscuous mode
[  370.917734][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  370.928573][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  370.945353][ T8431] device veth1_vlan entered promiscuous mode
[  370.962846][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  371.013722][ T6377] EXT4-fs (loop5): unmounting filesystem.
[  371.038627][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  371.789458][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  371.923947][ T8431] device veth0_macvtap entered promiscuous mode
[  371.944872][ T8431] device veth1_macvtap entered promiscuous mode
[  371.969667][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.986340][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.016859][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.048544][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.059188][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.076972][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.087255][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  372.127819][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.139724][ T8431] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.169694][ T4836] device hsr_slave_0 left promiscuous mode
[  372.194914][ T4836] device hsr_slave_1 left promiscuous mode
[  372.233669][ T4836] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  372.243950][ T4836] batman_adv: batadv0: Removing interface: batadv_slave_0
[  372.252212][ T4836] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  372.259830][ T4836] batman_adv: batadv0: Removing interface: batadv_slave_1
[  372.268501][ T4836] device bridge_slave_1 left promiscuous mode
[  372.282489][ T4836] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.305663][ T4836] device bridge_slave_0 left promiscuous mode
[  372.320213][ T4836] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.329985][ T8872] loop4: detected capacity change from 0 to 256
[  372.390677][ T4836] device veth1_macvtap left promiscuous mode
[  372.400060][ T4836] device veth0_macvtap left promiscuous mode
[  372.406653][ T4836] device veth1_vlan left promiscuous mode
[  372.414421][ T4836] device veth0_vlan left promiscuous mode
[  372.630826][ T8881] loop5: detected capacity change from 0 to 512
[  372.648197][ T8881] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  372.669402][ T8881] EXT4-fs (loop5): invalid journal inode
[  372.687737][ T8881] EXT4-fs (loop5): can't get journal size
[  372.709889][ T8881] EXT4-fs (loop5): 1 truncate cleaned up
[  372.715683][ T8881] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  372.961140][ T4584] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  373.173034][ T4584] usb 5-1: config index 0 descriptor too short (expected 60708, got 36)
[  373.185418][ T4584] usb 5-1: config 15 has too many interfaces: 102, using maximum allowed: 32
[  373.201055][ T4584] usb 5-1: config 15 has an invalid descriptor of length 224, skipping remainder of the config
[  373.221064][ T4584] usb 5-1: config 15 has 0 interfaces, different from the descriptor's value: 102
[  373.240740][ T4584] usb 5-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00
[  373.261092][ T4584] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.667233][ T4584] usb 5-1: string descriptor 0 read error: -71
[  373.697563][ T4584] usb 5-1: USB disconnect, device number 11
[  373.802113][ T4836] team0 (unregistering): Port device team_slave_1 removed
[  373.868518][ T4836] team0 (unregistering): Port device team_slave_0 removed
[  373.955844][ T4836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  374.027940][ T4836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  375.352989][ T4836] bond0 (unregistering): Released all slaves
[  375.541204][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  375.560218][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  375.579484][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  375.601875][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  375.620234][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  375.652799][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.681184][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.701200][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.721235][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.739891][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  375.761209][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  375.783335][ T8431] batman_adv: batadv0: Interface activated: batadv_slave_1
[  375.789596][ T6377] EXT4-fs (loop5): unmounting filesystem.
[  375.794267][ T8431] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  375.818155][ T8431] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  375.855447][ T8431] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  375.877715][ T8431] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  375.911428][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  375.956022][ T8909] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1334'.
[  375.970952][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  375.986954][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  376.203195][ T5843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.222980][ T5843] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.276979][ T5026] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  376.321272][ T4354] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.335126][ T4354] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.371806][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  376.612515][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  376.631573][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  376.656268][ T8929] loop5: detected capacity change from 0 to 512
[  376.696912][ T8929] ext4: Unknown parameter 'nouser_xattr'
[  376.718018][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  376.742789][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  376.771161][ T8463] device veth0_vlan entered promiscuous mode
[  376.801408][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  376.843857][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  376.891518][ T8463] device veth1_vlan entered promiscuous mode
[  377.011497][ T4836] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  377.026423][ T4836] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  377.060838][ T4836] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  377.095971][ T4836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  377.124229][ T8948] loop4: detected capacity change from 0 to 256
[  377.139481][ T8463] device veth0_macvtap entered promiscuous mode
[  377.159854][ T8463] device veth1_macvtap entered promiscuous mode
[  377.241927][ T8463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  377.278984][ T8463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  377.318343][ T8463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  377.376105][ T8463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  377.405200][ T8463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  377.421196][ T4584] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  377.437544][ T8463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  377.469715][ T8463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  377.500778][ T8463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  377.552747][ T8463] batman_adv: batadv0: Interface activated: batadv_slave_0
[  377.564852][ T4836] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  377.583184][ T4836] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  377.614794][ T8961] loop4: detected capacity change from 0 to 8
[  377.633583][ T4584] usb 7-1: config 24 has an invalid descriptor of length 0, skipping remainder of the config
[  377.638446][ T8961] /dev/loop4: Can't open blockdev
[  377.651661][ T4836] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  377.670065][ T4584] usb 7-1: New USB device found, idVendor=06cd, idProduct=0105, bcdDevice=e2.57
[  377.685334][ T4836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  377.695850][ T4584] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.717714][ T8463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  377.744563][ T4584] keyspan 7-1:24.0: Keyspan - (without firmware) converter detected
[  377.764433][ T8463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  377.780933][ T4584] usb 7-1: Direct firmware load for keyspan/usa18x.fw failed with error -2
[  377.807298][ T8463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  377.830362][ T4584] usb 7-1: Falling back to sysfs fallback for: keyspan/usa18x.fw
[  377.851876][ T8463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  377.897869][ T8463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  377.919434][ T8463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  377.939946][ T8463] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  377.960837][ T8463] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  378.012083][ T8463] batman_adv: batadv0: Interface activated: batadv_slave_1
[  378.057969][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  378.100457][ T4354] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  378.141400][ T8463] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  378.150137][ T8463] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  378.171118][ T8463] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  378.183491][ T8463] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  378.458789][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  378.465155][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  378.916190][ T5847] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.004358][ T5847] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.241273][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  379.330202][ T4354] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.340275][ T4354] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.375919][ T5843] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  380.143984][ T9000] loop7: detected capacity change from 0 to 128
[  380.230912][   T27] audit: type=1800 audit(1764019250.716:90): pid=9000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1199" name="bus" dev="loop7" ino=1048644 res=0 errno=0
[  383.315261][ T9029] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1364'.
[  384.134043][ T9031] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(10)
[  384.141248][ T9031] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  384.224717][ T9031] vhci_hcd vhci_hcd.0: Device attached
[  384.250780][ T9035] vhci_hcd: connection closed
[  384.285957][ T5849] vhci_hcd: stop threads
[  384.511625][   T22] usb 47-1: new low-speed USB device number 2 using vhci_hcd
[  384.613949][ T5849] vhci_hcd: release socket
[  384.794131][ T5849] vhci_hcd: disconnect device
[  385.647105][ T9060] loop5: detected capacity change from 0 to 8
[  386.210891][ T9070] xt_CT: No such helper "pptp"
[  386.516275][ T9076] loop4: detected capacity change from 0 to 128
[  387.487496][ T4460] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  388.316557][ T9106] x_tables: duplicate underflow at hook 1
[  388.395456][ T9107] loop5: detected capacity change from 0 to 128
[  389.716435][   T22] vhci_hcd: vhci_device speed not set
[  390.481784][ T9132] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1388'.
[  390.996061][ T4256] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  391.301218][ T4256] usb 6-1: Using ep0 maxpacket: 16
[  391.308431][ T4256] usb 6-1: config 0 has an invalid interface number: 107 but max is 0
[  391.362743][ T4256] usb 6-1: config 0 has no interface number 0
[  391.405640][ T4256] usb 6-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  391.462408][ T4256] usb 6-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  391.505205][ T4256] usb 6-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  391.528106][ T4256] usb 6-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  391.563115][ T4256] usb 6-1: Product: syz
[  391.577605][ T4256] usb 6-1: Manufacturer: syz
[  391.592724][ T4256] usb 6-1: SerialNumber: syz
[  391.640636][ T4256] usb 6-1: config 0 descriptor??
[  391.670927][ T4256] keyspan 6-1:0.107: Keyspan 4 port adapter converter detected
[  391.690863][ T4256] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 81
[  391.720509][ T4256] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 1
[  391.851422][ T4256] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  391.874261][ T4256] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 2
[  391.952314][ T4256] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  391.996272][ T4256] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 4
[  392.067498][ T4256] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  392.314764][ T4256] keyspan 6-1:0.107: found no endpoint descriptor for endpoint 6
[  392.535650][ T4256] usb 6-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  392.602136][ T4256] usb 6-1: USB disconnect, device number 3
[  392.630515][ T4256] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  392.666413][ T4256] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  392.731588][ T4256] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  392.779099][ T4256] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  392.834289][ T4256] keyspan 6-1:0.107: device disconnected
[  393.113576][ T9187] loop6: detected capacity change from 0 to 16
[  393.198565][ T9187] erofs: (device loop6): mounted with root inode @ nid 36.
[  393.227102][ T9187] syz.6.1402: attempt to access beyond end of device
[  393.227102][ T9187] loop6: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  394.195304][ T9216] loop5: detected capacity change from 0 to 1764
[  394.306708][ T9216] ISOFS: Unable to identify CD-ROM format.
[  394.530565][ T9219] xt_TCPMSS: Only works on TCP SYN packets
[  394.756520][ T9222] capability: warning: `syz.5.1412' uses 32-bit capabilities (legacy support in use)
[  396.501924][ T9240] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  396.533240][ T9245] loop6: detected capacity change from 0 to 128
[  396.560296][ T9245] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  396.642088][ T9245] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  396.801261][ T5847] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  396.990865][ T9256] loop6: detected capacity change from 0 to 8
[  399.279754][ T9299] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1434'.
[  401.562276][ T9325] loop7: detected capacity change from 0 to 128
[  401.610475][   T27] audit: type=1800 audit(1764019272.106:91): pid=9325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1441" name="bus" dev="loop7" ino=1048648 res=0 errno=0
[  403.378892][ T9344] sch_tbf: peakrate 7 is lower than or equals to rate 15942523117129420729 !
[  404.489896][ T9358] loop5: detected capacity change from 0 to 1024
[  404.633768][ T9366] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1455'.
[  404.657373][ T9369] loop4: detected capacity change from 0 to 128
[  404.662966][ T9370] kvm: pic: non byte write
[  404.687148][ T9370] kvm: pic: non byte write
[  404.723757][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  404.735900][ T9370] kvm: pic: non byte write
[  404.751174][ T9370] kvm: pic: non byte write
[  404.770526][ T9370] kvm: pic: non byte write
[  404.784503][ T9370] kvm: pic: non byte write
[  404.811294][ T9370] kvm: pic: non byte write
[  404.820945][ T9370] kvm: pic: non byte write
[  404.830240][ T9370] kvm: pic: non byte write
[  404.851719][ T9370] kvm: pic: non byte write
[  404.873237][ T9373] loop6: detected capacity change from 0 to 512
[  404.973915][ T9373] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  405.113037][ T9373] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #16: comm syz.6.1458: invalid indirect mapped block 4294967295 (level 0)
[  405.194298][ T9373] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #16: comm syz.6.1458: invalid indirect mapped block 4294967295 (level 1)
[  405.236868][ T9373] EXT4-fs (loop6): 1 orphan inode deleted
[  405.250681][ T9373] EXT4-fs (loop6): 1 truncate cleaned up
[  405.264949][ T9373] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  405.552881][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  406.974283][ T9438] loop4: detected capacity change from 0 to 16
[  407.013920][ T9438] erofs: (device loop4): erofs_read_inode: bogus i_mode (0) @ nid 36
[  407.661150][ T6815] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  407.767346][ T9458] loop6: detected capacity change from 0 to 128
[  407.794426][ T9458] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  407.837645][ T9458] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  407.861135][ T6815] usb 1-1: Using ep0 maxpacket: 32
[  407.877360][ T6815] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[  407.917121][ T6815] usb 1-1: config 0 has no interface number 0
[  407.948687][ T6815] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  407.984883][ T6815] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  408.014486][ T6815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.023595][ T4836] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  408.053197][ T6815] usb 1-1: Product: syz
[  408.067744][ T6815] usb 1-1: Manufacturer: syz
[  408.077893][ T6815] usb 1-1: SerialNumber: syz
[  408.138589][ T6815] usb 1-1: config 0 descriptor??
[  408.165068][ T9450] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  408.353356][ T9478] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1489'.
[  408.390200][ T9450] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  408.497300][ T9482] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1490'.
[  408.614727][ T6815] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  408.648942][ T6815] asix: probe of 1-1:0.188 failed with error -61
[  409.400872][ T9510] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1497'.
[  409.691109][ T6815] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  410.314041][ T9512] loop4: detected capacity change from 0 to 128
[  410.738342][ T6815] usb 8-1: Using ep0 maxpacket: 16
[  410.768370][ T6815] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  410.791479][ T6815] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  410.802818][ T6815] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  410.821613][ T6815] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.354493][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  411.365006][ T6815] usb 8-1: config 0 descriptor??
[  411.397967][   T14] usb 1-1: USB disconnect, device number 10
[  412.515531][ T9558] loop4: detected capacity change from 0 to 128
[  412.657841][   T22] usb 8-1: USB disconnect, device number 2
[  412.672216][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  413.559133][ T9592] loop5: detected capacity change from 0 to 1024
[  413.685456][ T9592] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  414.122637][   T27] audit: type=1800 audit(1764019284.606:92): pid=9592 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1524" name="bus" dev="loop5" ino=18 res=0 errno=0
[  414.381512][ T9592] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3836: comm syz.5.1524: Allocating blocks 385-513 which overlap fs metadata
[  414.482259][ T9606] EXT4-fs (loop5): pa ffff888055947e00: logic 16, phys. 129, len 24
[  414.491296][ T9606] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  414.550014][ T9616] overlayfs: missing 'lowerdir'
[  414.654896][ T6377] bio_check_ro: 1 callbacks suppressed
[  414.654911][ T6377] Trying to write to read-only block-device loop5
[  414.696029][ T6377] Trying to write to read-only block-device loop5
[  414.708385][ T6377] Trying to write to read-only block-device loop5
[  414.715415][ T6377] Trying to write to read-only block-device loop5
[  414.723657][ T6377] Trying to write to read-only block-device loop5
[  414.743818][ T6377] Trying to write to read-only block-device loop5
[  414.885446][ T6377] Trying to write to read-only block-device loop5
[  414.901102][ T6377] Trying to write to read-only block-device loop5
[  414.920355][ T6377] Trying to write to read-only block-device loop5
[  414.980656][ T6377] Trying to write to read-only block-device loop5
[  415.032853][ T9629] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1534'.
[  415.049144][ T6377] EXT4-fs (loop5): unmounting filesystem.
[  415.101811][ T9629] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1534'.
[  415.308324][ T9640] ipt_REJECT: TCP_RESET invalid for non-tcp
[  415.671342][   T26] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  415.866194][   T26] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  415.897229][   T26] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  415.954053][   T26] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  415.982815][   T26] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.041911][   T26] usb 5-1: Product: syz
[  416.046158][   T26] usb 5-1: Manufacturer: syz
[  416.050769][   T26] usb 5-1: SerialNumber: syz
[  416.316121][   T26] usb 5-1: 0:2 : does not exist
[  416.346357][   T26] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  416.492488][   T26] usb 5-1: USB disconnect, device number 12
[  416.777433][ T5177] udevd[5177]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  416.815800][ T9688] loop7: detected capacity change from 0 to 128
[  416.828317][ T9688] ext4: Unknown parameter 'noacl'
[  417.109309][ T9696] binder: 9694:9696 ioctl c0306201 200000000500 returned -11
[  417.544098][ T9713] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input10
[  417.610927][ T9717] loop4: detected capacity change from 0 to 1024
[  417.708339][ T9717] /dev/loop4: Can't open blockdev
[  417.773846][ T4460] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  418.194118][ T9737] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1574'.
[  418.799042][  T128] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  418.993053][  T128] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  419.034437][  T128] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.085080][  T128] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  419.116280][  T128] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  419.130098][  T128] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.147423][  T128] usb 5-1: config 0 descriptor??
[  419.442045][ T9764] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1579'.
[  419.751535][   T26] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  420.011586][   T26] usb 8-1: Using ep0 maxpacket: 16
[  420.023097][   T26] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  420.077374][   T26] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  420.125926][   T26] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  420.139214][   T26] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.142504][  T128] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  420.173637][   T26] usb 8-1: config 0 descriptor??
[  420.199203][  T128] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  420.257526][ T9773] Bluetooth: MGMT ver 1.22
[  420.896945][ T9800] netlink: 'syz.6.1592': attribute type 10 has an invalid length.
[  421.184804][ T9813] loop6: detected capacity change from 0 to 1024
[  421.267959][ T9813] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  421.316386][ T9813] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3836: comm syz.6.1596: Allocating blocks 385-513 which overlap fs metadata
[  421.366400][ T9813] EXT4-fs (loop6): pa ffff888075d1d380: logic 16, phys. 129, len 24
[  421.374760][ T9813] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  421.401077][  T128] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  421.526422][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  421.594144][  T128] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[  421.611529][  T128] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  421.634512][  T128] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  421.658165][  T128] usb 6-1: config 220 has no interface number 2
[  421.672338][  T128] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  421.694465][ T9824] loop6: detected capacity change from 0 to 1024
[  421.701163][  T128] usb 6-1: config 220 interface 0 has no altsetting 0
[  421.714994][  T128] usb 6-1: config 220 interface 76 has no altsetting 0
[  421.723912][  T128] usb 6-1: config 220 interface 1 has no altsetting 0
[  421.748843][  T128] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  421.766821][ T9824] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  421.816355][  T128] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.834225][ T9824] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3836: comm syz.6.1597: Allocating blocks 385-513 which overlap fs metadata
[  421.860176][  T128] usb 6-1: Product: syz
[  421.877097][  T128] usb 6-1: Manufacturer: syz
[  421.888369][  T128] usb 6-1: SerialNumber: syz
[  421.917359][ T9824] EXT4-fs (loop6): pa ffff888075d1da80: logic 16, phys. 129, len 24
[  421.925759][ T9824] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  422.035495][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  422.154645][ T4318] usb 8-1: USB disconnect, device number 3
[  422.185610][  T128] usb 6-1: Found UVC 7.01 device syz (8086:0b07)
[  422.204536][  T128] usb 6-1: No valid video chain found.
[  422.233524][   T26] usb 5-1: USB disconnect, device number 13
[  422.308652][  T128] usb 6-1: selecting invalid altsetting 0
[  422.361317][ T9838] loop7: detected capacity change from 0 to 256
[  422.371416][ T4271] Bluetooth: hci0: command 0x0c20 tx timeout
[  422.374036][ T9836] loop6: detected capacity change from 0 to 256
[  422.427765][  T128] usb 6-1: selecting invalid altsetting 0
[  422.440274][ T9838] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  422.440751][ T9836] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  422.481999][ T9835] loop4: detected capacity change from 0 to 2048
[  422.497698][  T128] usbtest: probe of 6-1:220.1 failed with error -22
[  422.513196][ T9835] /dev/loop4: Can't open blockdev
[  422.520790][  T128] usb 6-1: USB disconnect, device number 4
[  422.804604][ T9849] loop7: detected capacity change from 0 to 128
[  422.908714][ T9849] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  422.917318][ T9850] loop4: detected capacity change from 0 to 512
[  422.960255][ T9850] EXT4-fs (loop4): write access unavailable, skipping orphan cleanup
[  422.999709][ T9850] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  423.012872][ T9849] ext4 filesystem being mounted at /42/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  423.841754][ T9867] loop5: detected capacity change from 0 to 1024
[  423.862721][ T4275] EXT4-fs (loop4): unmounting filesystem.
[  423.903963][ T9867] /dev/loop5: Can't open blockdev
[  423.948658][ T8463] EXT4-fs (loop7): unmounting filesystem.
[  424.188751][ T9876] loop7: detected capacity change from 0 to 1024
[  424.479229][ T9884] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1612'.
[  424.995981][ T9890] loop5: detected capacity change from 0 to 512
[  425.019401][ T9890] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  425.112529][ T9890] EXT4-fs (loop5): write access unavailable, skipping orphan cleanup
[  425.133962][ T9890] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  425.290623][ T6377] EXT4-fs (loop5): unmounting filesystem.
[  426.220365][ T9919] loop7: detected capacity change from 0 to 1024
[  426.375200][ T9919] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  427.069803][ T8463] EXT4-fs (loop7): unmounting filesystem.
[  427.409464][ T9969] binder: 9968:9969 ioctl c0306201 200000000500 returned -11
[  429.992777][ T9996] xt_socket: unknown flags 0x4c
[  430.109426][T10004] loop5: detected capacity change from 0 to 128
[  430.180193][T10004] /dev/loop5: Can't open blockdev
[  430.226521][T10006] loop7: detected capacity change from 0 to 16
[  430.365115][T10006] erofs: (device loop7): mounted with root inode @ nid 36.
[  431.633486][T10016] loop6: detected capacity change from 0 to 512
[  431.652652][T10006] syz.7.1637: attempt to access beyond end of device
[  431.652652][T10006] loop7: rw=0, sector=8, nr_sectors = 32 limit=16
[  431.705239][T10018] syz.7.1637: attempt to access beyond end of device
[  431.705239][T10018] loop7: rw=0, sector=8, nr_sectors = 32 limit=16
[  431.770877][T10016] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  432.002710][T10016] loop6: detected capacity change from 0 to 128
[  432.822187][T10029] binder: 10028:10029 ioctl c0306201 200000000500 returned -11
[  432.869522][T10016] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  432.921285][T10016] ext4 filesystem being mounted at /64/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  433.168833][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  433.463978][T10046] loop6: detected capacity change from 0 to 256
[  433.469849][T10047] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1649'.
[  433.749984][T10050] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1640'.
[  434.034176][T10055] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1652'.
[  434.154443][T10055] netlink: 43 bytes leftover after parsing attributes in process `syz.6.1652'.
[  434.243794][T10055] netlink: 'syz.6.1652': attribute type 5 has an invalid length.
[  434.263808][T10055] netlink: 43 bytes leftover after parsing attributes in process `syz.6.1652'.
[  435.149310][T10072] binder: 10070:10072 ioctl 4018620d 0 returned -22
[  435.174468][T10068] loop4: detected capacity change from 0 to 512
[  435.177747][T10072] binder: 10070:10072 ioctl c0306201 200000000500 returned -11
[  435.203835][T10068] EXT4-fs: Ignoring removed mblk_io_submit option
[  435.222738][T10068] EXT4-fs: inline encryption not supported
[  435.231324][T10068] EXT4-fs: Ignoring removed mblk_io_submit option
[  435.265291][T10068] /dev/loop4: Can't open blockdev
[  436.473970][T10094] loop4: detected capacity change from 0 to 1024
[  436.493969][T10094] /dev/loop4: Can't open blockdev
[  436.805115][T10103] binder: 10102:10103 ioctl 4018620d 0 returned -22
[  436.856569][T10103] binder: 10102:10103 ioctl c0306201 200000000500 returned -11
[  437.017238][T10109] netlink: 244 bytes leftover after parsing attributes in process `syz.4.1668'.
[  438.085885][T10132] loop5: detected capacity change from 0 to 1024
[  438.189114][T10132] /dev/loop5: Can't open blockdev
[  439.789338][T10150] binder: 10149:10150 ioctl 4018620d 0 returned -22
[  439.874611][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  439.881041][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  439.940659][T10150] binder: 10149:10150 ioctl c0306201 200000000500 returned -11
[  439.967837][ T4584] usb 7-1: ezusb_ihex_firmware_download - request "keyspan/usa18x.fw" failed
[  439.976815][ T4584] usb 7-1: failed to load firmware "keyspan/usa18x.fw"
[  439.984025][ T4584] keyspan: probe of 7-1:24.0 failed with error -2
[  439.992915][ T4584] usb 7-1: USB disconnect, device number 2
[  441.363189][T10185] loop5: detected capacity change from 0 to 1024
[  441.402125][T10185] hfsplus: unable to parse mount options
[  441.465678][ T5177] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  441.858914][T10202] binder: BINDER_SET_CONTEXT_MGR already set
[  441.913460][T10202] binder: 10201:10202 ioctl 4018620d 200000000040 returned -16
[  442.070613][T10206] loop4: detected capacity change from 0 to 512
[  443.180939][T10215] loop4: detected capacity change from 0 to 512
[  443.228832][T10215] EXT4-fs: Ignoring removed mblk_io_submit option
[  443.309202][T10215] EXT4-fs: inline encryption not supported
[  443.350641][T10215] EXT4-fs: Ignoring removed mblk_io_submit option
[  443.357544][T10215] /dev/loop4: Can't open blockdev
[  443.496938][T10218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1696'.
[  444.258800][T10233] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1704'.
[  444.305283][T10232] loop6: detected capacity change from 0 to 1024
[  444.391254][T10232] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  444.444905][T10240] loop4: detected capacity change from 0 to 256
[  444.508420][   T27] audit: type=1800 audit(1764019315.006:93): pid=10232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1703" name="bus" dev="loop6" ino=18 res=0 errno=0
[  444.586014][ T5178] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  444.626364][   T27] audit: type=1804 audit(1764019315.076:94): pid=10241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1703" name="/newroot/78/file1/bus" dev="loop6" ino=18 res=1 errno=0
[  444.772407][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  444.837596][T10252] binder: BINDER_SET_CONTEXT_MGR already set
[  444.904399][T10252] binder: 10249:10252 ioctl 4018620d 200000000040 returned -16
[  444.997406][T10252] binder: 10249:10252 ioctl c0306201 200000000500 returned -11
[  445.083971][T10263] binder: 10262:10263 ioctl c0306201 2000000001c0 returned -14
[  445.190595][T10267] loop6: detected capacity change from 0 to 512
[  445.226361][T10270] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1715'.
[  445.230651][T10267] EXT4-fs: Ignoring removed mblk_io_submit option
[  445.290115][T10267] EXT4-fs: inline encryption not supported
[  445.312466][T10267] EXT4-fs: Ignoring removed mblk_io_submit option
[  445.351669][T10267] EXT4-fs (loop6): Test dummy encryption mode enabled
[  445.387743][T10267] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  445.948150][T10267] EXT4-fs (loop6): 1 truncate cleaned up
[  446.029429][T10267] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  447.557592][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  447.865398][T10338] binder: BINDER_SET_CONTEXT_MGR already set
[  448.046803][T10338] binder: 10337:10338 ioctl 4018620d 200000000040 returned -16
[  448.688954][T10351] loop6: detected capacity change from 0 to 512
[  448.734954][T10351] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  448.776700][T10351] EXT4-fs (loop6): invalid journal inode
[  448.805381][T10351] EXT4-fs (loop6): can't get journal size
[  448.860063][T10351] EXT4-fs (loop6): 1 truncate cleaned up
[  448.883232][T10351] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  450.194277][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  450.984768][T10418] loop6: detected capacity change from 0 to 512
[  451.019173][T10418] EXT4-fs: Ignoring removed mblk_io_submit option
[  451.046981][T10418] EXT4-fs: inline encryption not supported
[  451.074681][T10418] EXT4-fs: Ignoring removed mblk_io_submit option
[  451.104478][T10418] EXT4-fs (loop6): Test dummy encryption mode enabled
[  451.129008][T10418] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  451.194858][T10418] EXT4-fs (loop6): 1 truncate cleaned up
[  451.206216][T10418] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  451.922195][T10436] loop4: detected capacity change from 0 to 16
[  452.012047][T10436] /dev/loop4: Can't open blockdev
[  452.035027][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  452.075548][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  452.435910][T10450] loop6: detected capacity change from 0 to 128
[  452.534120][T10450] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  452.671182][T10450] ext4 filesystem being mounted at /87/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  452.868130][T10465] loop5: detected capacity change from 0 to 512
[  452.928892][T10465] EXT4-fs: Ignoring removed mblk_io_submit option
[  452.936373][T10465] EXT4-fs: Ignoring removed orlov option
[  452.951451][T10465] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  453.003312][T10465] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0002]
[  453.031541][T10465] System zones: 1-12
[  453.058149][T10465] EXT4-fs (loop5): write access unavailable, skipping orphan cleanup
[  453.068569][T10465] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  453.147151][ T6377] EXT4-fs (loop5): unmounting filesystem.
[  453.354015][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  453.586515][ T6815] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  454.391080][ T6815] usb 6-1: Using ep0 maxpacket: 16
[  454.398809][ T6815] usb 6-1: unable to get BOS descriptor or descriptor too short
[  454.410380][ T6815] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[  454.455919][T10504] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1772'.
[  454.469367][ T6815] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  454.491084][ T6815] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[  454.546752][ T6815] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  454.572389][ T6815] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.610550][ T6815] usb 6-1: Product: syz
[  454.624081][ T6815] usb 6-1: Manufacturer: syz
[  454.639784][ T6815] usb 6-1: SerialNumber: syz
[  454.871693][ T6815] cdc_ncm 6-1:1.0: bind() failure
[  454.879558][ T6815] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  454.896874][T10516] binder: 10514:10516 ioctl c0306201 0 returned -14
[  454.910503][ T6815] cdc_ncm 6-1:1.1: bind() failure
[  454.959579][ T6815] usb 6-1: USB disconnect, device number 5
[  454.976095][T10516] binder: 10514:10516 ioctl c0306201 200000000500 returned -11
[  454.996345][T10522] tc_dump_action: action bad kind
[  455.133967][T10527] loop4: detected capacity change from 0 to 128
[  455.177349][T10527] /dev/loop4: Can't open blockdev
[  455.439110][T10540] loop7: detected capacity change from 0 to 512
[  455.454345][T10540] EXT4-fs: Ignoring removed mblk_io_submit option
[  455.488164][T10540] EXT4-fs: inline encryption not supported
[  455.506068][T10540] EXT4-fs: Ignoring removed mblk_io_submit option
[  455.527769][T10540] EXT4-fs (loop7): Test dummy encryption mode enabled
[  455.580655][T10540] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  455.631264][T10540] EXT4-fs (loop7): 1 truncate cleaned up
[  455.640838][T10540] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  456.603160][T10551] fuse: Bad value for 'fd'
[  456.932258][ T8463] EXT4-fs (loop7): unmounting filesystem.
[  457.253933][ T4256] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  457.345279][T10575] loop6: detected capacity change from 0 to 512
[  457.443584][ T4256] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  457.471412][ T4256] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  457.497835][ T4256] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  457.502891][T10575] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  457.516913][ T4256] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  457.529906][ T4256] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  457.540877][ T4256] usb 5-1: config 0 descriptor??
[  457.569039][T10575] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  457.805143][T10591] loop5: detected capacity change from 0 to 1024
[  457.856192][T10591] /dev/loop5: Can't open blockdev
[  457.950925][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  457.960835][ T4256] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  458.048660][ T4256] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  458.108037][T10598] loop5: detected capacity change from 0 to 512
[  458.152339][T10598] EXT4-fs: Ignoring removed mblk_io_submit option
[  458.152363][T10598] EXT4-fs: inline encryption not supported
[  458.152405][T10598] EXT4-fs: Ignoring removed mblk_io_submit option
[  458.152461][T10598] /dev/loop5: Can't open blockdev
[  459.515005][    C1] plantronics 0003:047F:FFFF.0005: usb_submit_urb(ctrl) failed: -1
[  459.681517][ T4256] usb 5-1: reset high-speed USB device number 14 using dummy_hcd
[  459.977909][T10619] loop7: detected capacity change from 0 to 4096
[  460.003351][T10619] ext4: Unknown parameter 'noacl'
[  460.196169][T10619] loop7: detected capacity change from 0 to 2048
[  460.296927][T10619] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  460.330723][T10619] EXT4-fs (loop7): unmounting filesystem.
[  460.418343][T10638] loop5: detected capacity change from 0 to 1024
[  460.472268][T10638] /dev/loop5: Can't open blockdev
[  460.673287][T10653] loop7: detected capacity change from 0 to 512
[  460.694473][   T26] usb 5-1: USB disconnect, device number 14
[  460.709292][T10653] EXT4-fs: Ignoring removed mblk_io_submit option
[  460.746706][T10653] EXT4-fs: inline encryption not supported
[  460.886656][T10653] EXT4-fs: Ignoring removed mblk_io_submit option
[  460.956854][T10653] EXT4-fs (loop7): Test dummy encryption mode enabled
[  461.046578][T10653] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  461.120804][T10653] EXT4-fs (loop7): 1 truncate cleaned up
[  461.161136][T10653] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  462.253872][ T8463] EXT4-fs (loop7): unmounting filesystem.
[  463.514679][T10699] loop5: detected capacity change from 0 to 1024
[  463.549036][T10699] /dev/loop5: Can't open blockdev
[  464.209085][T10726] netlink: 276 bytes leftover after parsing attributes in process `syz.4.1832'.
[  464.587066][T10745] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1838'.
[  464.815358][T10752] loop6: detected capacity change from 0 to 1024
[  465.310568][T10752] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  465.642656][T10770] x_tables: duplicate underflow at hook 1
[  466.502624][   T27] audit: type=1800 audit(1764019337.006:95): pid=10752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1841" name="bus" dev="loop6" ino=18 res=0 errno=0
[  466.536428][T10752] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3836: comm syz.6.1841: Allocating blocks 385-513 which overlap fs metadata
[  466.557176][T10775] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1846'.
[  466.573232][   T27] audit: type=1804 audit(1764019337.036:96): pid=10776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1841" name="/newroot/104/file1/bus" dev="loop6" ino=18 res=1 errno=0
[  466.665730][T10752] EXT4-fs (loop6): pa ffff888055947460: logic 16, phys. 129, len 24
[  466.674237][T10752] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  467.551123][ T4271] Bluetooth: hci0: command 0x0406 tx timeout
[  467.683092][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  468.178374][T10812] loop5: detected capacity change from 0 to 256
[  468.220212][T10812] /dev/loop5: Can't open blockdev
[  468.266364][ T5177] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  470.058617][T10838] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1862'.
[  470.173888][T10838] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  470.208868][T10838] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  470.228293][T10838] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  470.308069][T10843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1864'.
[  470.327396][T10838] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1862'.
[  470.359839][T10838] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  470.389890][T10838] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  470.426578][T10838] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  470.699540][T10859] loop5: detected capacity change from 0 to 512
[  470.745571][T10859] EXT4-fs: Ignoring removed mblk_io_submit option
[  470.766280][T10859] EXT4-fs: inline encryption not supported
[  470.801151][T10859] EXT4-fs: Ignoring removed mblk_io_submit option
[  471.045558][T10859] /dev/loop5: Can't open blockdev
[  475.069629][T10919] loop4: detected capacity change from 0 to 512
[  475.091858][T10919] EXT4-fs: Ignoring removed mblk_io_submit option
[  475.126312][T10919] EXT4-fs: inline encryption not supported
[  475.166153][T10919] EXT4-fs: Ignoring removed mblk_io_submit option
[  475.224215][T10919] /dev/loop4: Can't open blockdev
[  475.713695][ T4271] Bluetooth: hci1: command 0x0405 tx timeout
[  476.676458][T10946] loop5: detected capacity change from 0 to 128
[  476.704084][T10946] /dev/loop5: Can't open blockdev
[  477.121241][  T128] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  477.321353][  T128] usb 8-1: Using ep0 maxpacket: 16
[  477.329000][  T128] usb 8-1: unable to get BOS descriptor or descriptor too short
[  477.374660][  T128] usb 8-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  477.424530][  T128] usb 8-1: config 1 has no interface number 1
[  477.430680][  T128] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  477.519970][  T128] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  477.534385][T10984] loop4: detected capacity change from 0 to 128
[  477.555172][  T128] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.575530][  T128] usb 8-1: Product: syz
[  477.577076][T10984] /dev/loop4: Can't open blockdev
[  477.583057][  T128] usb 8-1: Manufacturer: syz
[  477.610522][  T128] usb 8-1: SerialNumber: syz
[  477.631715][T10951] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  477.923513][  T128] usb 8-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  478.006870][  T128] usb 8-1: USB disconnect, device number 4
[  478.097885][T10996] device pim6reg1 entered promiscuous mode
[  479.558108][T11024] loop6: detected capacity change from 0 to 128
[  479.588228][T11027] loop5: detected capacity change from 0 to 256
[  479.688051][T11027] binder: Binderfs stats mode cannot be changed during a remount
[  479.759499][T11026] loop7: detected capacity change from 0 to 128
[  479.781583][   T27] audit: type=1800 audit(1764019350.285:97): pid=11026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1919" name="bus" dev="loop7" ino=1048665 res=0 errno=0
[  479.838104][T11026] syz.7.1919: attempt to access beyond end of device
[  479.838104][T11026] loop7: rw=0, sector=121, nr_sectors = 920 limit=128
[  479.875242][T11024] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  479.885519][T11024] ext4 filesystem being mounted at /119/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  480.156750][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  481.059057][T11051] netlink: 'syz.0.1927': attribute type 13 has an invalid length.
[  481.099950][T11051] gretap0: refused to change device tx_queue_len
[  481.117411][T11051] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  482.175438][T11063] loop4: detected capacity change from 0 to 1024
[  482.184439][T11063] /dev/loop4: Can't open blockdev
[  482.261234][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  482.688095][T11079] loop7: detected capacity change from 0 to 128
[  482.716875][   T27] audit: type=1800 audit(1764019353.215:98): pid=11079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1936" name="bus" dev="loop7" ino=1048666 res=0 errno=0
[  482.769709][T11079] syz.7.1936: attempt to access beyond end of device
[  482.769709][T11079] loop7: rw=0, sector=121, nr_sectors = 920 limit=128
[  483.177377][T11093] binder: 11092:11093 ioctl c0306201 0 returned -14
[  483.178636][T11093] binder: 11092:11093 ioctl c0306201 200000000500 returned -11
[  485.431225][ T6815] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  485.650064][ T6815] usb 6-1: unable to get BOS descriptor or descriptor too short
[  486.216591][ T6815] usb 6-1: config 5 has an invalid interface number: 42 but max is 0
[  486.236609][ T6815] usb 6-1: config 5 has no interface number 0
[  486.248283][ T6815] usb 6-1: config 5 interface 42 has no altsetting 0
[  486.269662][ T6815] usb 6-1: New USB device found, idVendor=0499, idProduct=5009, bcdDevice=6b.2b
[  486.301309][ T6815] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.309359][ T6815] usb 6-1: Product: syz
[  486.355120][ T6815] usb 6-1: Manufacturer: syz
[  486.359879][ T6815] usb 6-1: SerialNumber: syz
[  486.514298][T11130] loop7: detected capacity change from 0 to 128
[  486.636809][T11130] syz.7.1949: attempt to access beyond end of device
[  486.636809][T11130] loop7: rw=0, sector=121, nr_sectors = 920 limit=128
[  486.651678][   T27] audit: type=1800 audit(1764019357.105:99): pid=11130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1949" name="bus" dev="loop7" ino=1048667 res=0 errno=0
[  486.846818][ T6815] snd-usb-audio: probe of 6-1:5.42 failed with error -2
[  486.956067][ T6815] usb 6-1: USB disconnect, device number 6
[  487.023407][ T5177] udevd[5177]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:5.42/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  488.638108][T11166] binder: 11165:11166 ioctl c0306201 200000000500 returned -11
[  489.162596][T11185] loop4: detected capacity change from 0 to 1024
[  490.175824][T11211] loop5: detected capacity change from 0 to 256
[  490.292808][ T5177] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  490.298916][T11219] loop7: detected capacity change from 0 to 128
[  490.325349][T11219] /dev/loop7: Can't open blockdev
[  490.424689][ T5178] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  490.761095][T11234] x_tables: duplicate underflow at hook 1
[  491.604386][T11243] loop6: detected capacity change from 0 to 512
[  491.626099][T11243] EXT4-fs: Ignoring removed mblk_io_submit option
[  491.678271][T11243] ext4: Unknown parameter 'seclabel'
[  492.011216][   T26] usb 6-1: new low-speed USB device number 7 using dummy_hcd
[  492.203358][   T26] usb 6-1: unable to get BOS descriptor or descriptor too short
[  492.213873][   T26] usb 6-1: config 129 has an invalid interface number: 48 but max is 0
[  492.240673][   T26] usb 6-1: config 129 has no interface number 0
[  492.260918][   T26] usb 6-1: config 129 interface 48 altsetting 5 endpoint 0x5 has invalid maxpacket 1023, setting to 8
[  492.281813][   T26] usb 6-1: config 129 interface 48 has no altsetting 0
[  492.312449][   T26] usb 6-1: string descriptor 0 read error: -22
[  492.318807][   T26] usb 6-1: New USB device found, idVendor=0c52, idProduct=2102, bcdDevice= 0.15
[  492.955831][   T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.997926][   T26] ftdi_sio 6-1:129.48: FTDI USB Serial Device converter detected
[  493.046171][   T26] usb 6-1: Detected SIO
[  493.066615][   T26] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  493.186144][   T26] usb 6-1: USB disconnect, device number 7
[  493.207202][   T26] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  493.232586][   T26] ftdi_sio 6-1:129.48: device disconnected
[  493.809023][T11292] loop4: detected capacity change from 0 to 512
[  493.852718][T11292] EXT4-fs: Ignoring removed bh option
[  493.870636][T11292] /dev/loop4: Can't open blockdev
[  494.052426][T11298] picdev_write: 51 callbacks suppressed
[  494.052442][T11298] kvm: pic: non byte write
[  494.117645][T11298] kvm: pic: non byte write
[  494.140474][T11298] kvm: pic: non byte write
[  494.187986][T11310] loop7: detected capacity change from 0 to 1024
[  494.206934][T11310] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  494.218099][T11310] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  494.249590][T11310] JBD2: no valid journal superblock found
[  494.255694][T11310] EXT4-fs (loop7): error loading journal
[  494.297577][T11298] kvm: pic: non byte write
[  495.729884][T11313] loop4: detected capacity change from 0 to 128
[  495.774856][T11313] /dev/loop4: Can't open blockdev
[  498.536774][T11345] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  498.858816][T11352] loop6: detected capacity change from 0 to 1024
[  499.002932][T11352] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  499.042013][   T27] audit: type=1800 audit(1764019369.535:100): pid=11352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2013" name="bus" dev="loop6" ino=18 res=0 errno=0
[  499.048467][T11352] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3836: comm syz.6.2013: Allocating blocks 385-513 which overlap fs metadata
[  499.160407][T11352] EXT4-fs (loop6): pa ffff888055947700: logic 16, phys. 129, len 24
[  499.168588][T11352] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  499.209298][ T4836] bio_check_ro: 2 callbacks suppressed
[  499.209312][ T4836] Trying to write to read-only block-device loop6
[  499.211400][ T8431] Trying to write to read-only block-device loop6
[  499.215311][ T4836] Trying to write to read-only block-device loop6
[  499.231417][ T8431] Trying to write to read-only block-device loop6
[  499.244394][ T4836] Trying to write to read-only block-device loop6
[  499.247298][ T8431] Trying to write to read-only block-device loop6
[  499.257756][ T8431] Trying to write to read-only block-device loop6
[  499.272449][ T8431] Trying to write to read-only block-device loop6
[  499.280177][ T8431] Trying to write to read-only block-device loop6
[  499.287642][ T4836] Trying to write to read-only block-device loop6
[  499.296365][ T8431] EXT4-fs (loop6): unmounting filesystem.
[  499.621172][   T22] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  499.803311][   T22] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  499.814425][   T22] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  499.842001][   T22] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  499.871893][   T22] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 35451, setting to 64
[  499.933971][   T22] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  499.972311][   T22] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  499.994620][   T22] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.008305][T11390] loop4: detected capacity change from 0 to 128
[  500.019240][   T22] usb 6-1: Product: syz
[  500.027450][T11390] /dev/loop4: Can't open blockdev
[  500.034808][   T22] usb 6-1: Manufacturer: syz
[  500.039649][   T22] usb 6-1: SerialNumber: syz
[  500.063608][T11376] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  500.294959][T11397] netlink: 304 bytes leftover after parsing attributes in process `syz.7.2030'.
[  500.351074][T11397] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2030'.
[  501.121175][   T22] cdc_ncm 6-1:1.0: bind() failure
[  501.136173][   T22] cdc_ncm: probe of 6-1:1.1 failed with error -71
[  501.151863][   T22] cdc_mbim: probe of 6-1:1.1 failed with error -71
[  501.167625][   T22] usbtest: probe of 6-1:1.1 failed with error -71
[  501.196628][   T22] usb 6-1: USB disconnect, device number 8
[  501.318289][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  501.324755][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  501.528003][   T27] audit: type=1326 audit(1764019372.025:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811118f749 code=0x7ffc0000
[  501.557459][   T27] audit: type=1326 audit(1764019372.025:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811118f749 code=0x7ffc0000
[  501.601259][   T27] audit: type=1326 audit(1764019372.075:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f811118f749 code=0x7ffc0000
[  501.671145][   T27] audit: type=1326 audit(1764019372.075:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811118f749 code=0x7ffc0000
[  501.723400][   T27] audit: type=1326 audit(1764019372.075:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811118f749 code=0x7ffc0000
[  501.788553][   T27] audit: type=1326 audit(1764019372.075:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f811118f749 code=0x7ffc0000
[  501.871950][   T27] audit: type=1326 audit(1764019372.075:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811118f749 code=0x7ffc0000
[  501.941356][   T27] audit: type=1326 audit(1764019372.075:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.6.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f811118f749 code=0x7ffc0000
[  502.138444][T11439] binder: 11437:11439 ioctl c0306201 0 returned -14
[  502.146723][T11439] binder: 11437:11439 ioctl c0306201 200000000500 returned -11
[  502.944291][T11446] netlink: 'syz.4.2050': attribute type 5 has an invalid length.
[  502.999233][T11451] loop7: detected capacity change from 0 to 128
[  503.034610][T11451] /dev/loop7: Can't open blockdev
[  503.080654][T11429] mmap: syz.0.2043 (11429) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  503.678659][T11469] binder: 11468:11469 ioctl c0306201 0 returned -14
[  503.687878][T11469] binder: 11468:11469 ioctl c0306201 200000000500 returned -11
[  507.996342][T11530] mmap: syz.0.2082 (11530): VmData 47124480 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  508.612477][T11543] device veth1_to_bridge entered promiscuous mode
[  508.627913][T11540] loop6: detected capacity change from 0 to 1024
[  508.649635][T11540] /dev/loop6: Can't open blockdev
[  508.668706][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.665888][T11574] loop5: detected capacity change from 0 to 128
[  510.732328][ T5178] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  511.200252][T11585] loop7: detected capacity change from 0 to 512
[  511.206893][ T6815] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  511.231666][T11585] EXT4-fs: Ignoring removed mblk_io_submit option
[  511.248608][T11585] EXT4-fs: inline encryption not supported
[  511.281421][T11585] EXT4-fs: Ignoring removed mblk_io_submit option
[  511.298844][T11585] /dev/loop7: Can't open blockdev
[  511.421046][ T6815] usb 7-1: Using ep0 maxpacket: 16
[  511.428936][ T6815] usb 7-1: unable to get BOS descriptor or descriptor too short
[  511.515440][T11590] netlink: 'syz.0.2104': attribute type 1 has an invalid length.
[  511.526882][ T6815] usb 7-1: config 13 has an invalid interface number: 50 but max is 0
[  512.093660][ T6815] usb 7-1: config 13 has no interface number 0
[  512.129676][T11596] loop4: detected capacity change from 0 to 256
[  512.211424][ T6815] usb 7-1: config 13 interface 50 altsetting 167 bulk endpoint 0x8 has invalid maxpacket 16
[  512.230556][ T6815] usb 7-1: config 13 interface 50 has no altsetting 0
[  512.291818][ T6815] usb 7-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  512.320607][ T6815] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.344838][ T6815] usb 7-1: Product: syz
[  512.349064][ T6815] usb 7-1: Manufacturer: syz
[  512.361104][ T6815] usb 7-1: SerialNumber: syz
[  512.385943][T11577] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  512.642444][ T6815] usb 7-1: MIDIStreaming interface descriptor not found
[  512.714204][ T6815] usb 7-1: USB disconnect, device number 3
[  512.991237][T11624] loop4: detected capacity change from 0 to 256
[  513.055306][ T5178] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  514.473804][T11651] ptrace attach of ""[11652] was attempted by "./syz-executor exec"[11651]
[  514.636842][T11657] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2127'.
[  514.845675][T11662] syz.4.2129[11662] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  514.845784][T11662] syz.4.2129[11662] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  515.588962][T11685] loop7: detected capacity change from 0 to 512
[  515.607400][T11687] loop5: detected capacity change from 0 to 512
[  515.640716][T11687] /dev/loop5: Can't open blockdev
[  515.746684][T11685] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  515.822740][T11685] EXT4-fs (loop7): write access unavailable, skipping orphan cleanup
[  515.851172][T11685] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  516.519576][T11698] loop5: detected capacity change from 0 to 8
[  516.547139][ T8463] EXT4-fs (loop7): unmounting filesystem.
[  516.928776][T11707] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2144'.
[  517.321655][   T26] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  517.385768][T11698] /dev/loop5: Can't open blockdev
[  517.591159][   T26] usb 7-1: Using ep0 maxpacket: 16
[  517.598281][   T26] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  517.657122][T11715] loop7: detected capacity change from 0 to 2048
[  517.663840][   T26] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  517.681114][   T26] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  517.721065][   T26] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.743584][   T26] usb 7-1: config 0 descriptor??
[  517.859457][T11722] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  518.011246][ T4318] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  518.035511][T11722] batman_adv: batadv0: Removing interface: batadv_slave_0
[  518.222591][ T4318] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  518.253605][ T4318] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  518.277941][ T4318] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.309990][ T4318] usb 1-1: Product: syz
[  518.336176][ T4318] usb 1-1: Manufacturer: syz
[  518.351249][ T4318] usb 1-1: SerialNumber: syz
[  518.362439][ T4318] usb 1-1: config 0 descriptor??
[  518.631394][ T4318] snd-usb-audio: probe of 1-1:0.0 failed with error -2
[  518.661637][ T4318] usb 1-1: USB disconnect, device number 11
[  518.674466][T11736] netlink: 'syz.4.2156': attribute type 4 has an invalid length.
[  518.711171][T11736] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2156'.
[  518.848559][T11742] loop4: detected capacity change from 0 to 128
[  518.867988][T11742] /dev/loop4: Can't open blockdev
[  518.905335][ T5177] udevd[5177]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  519.943035][   T26] usb 7-1: USB disconnect, device number 4
[  520.099114][T11761] loop6: detected capacity change from 0 to 1024
[  520.131917][T11761] EXT4-fs: Ignoring removed nomblk_io_submit option
[  520.149424][T11761] /dev/loop6: Can't open blockdev
[  521.827563][T11787] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  522.170827][T11797] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2176'.
[  522.521628][ T4318] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  522.710812][T11801] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  522.726380][T11801] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  522.751251][  T128] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  522.771169][ T4318] usb 1-1: Using ep0 maxpacket: 16
[  522.799970][ T4318] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.828876][ T4318] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  522.848840][ T4318] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  522.858440][ T4318] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.868512][ T4318] usb 1-1: config 0 descriptor??
[  523.109855][  T128] usb 7-1: Using ep0 maxpacket: 16
[  523.204996][  T128] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  523.217133][  T128] usb 7-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  523.227641][  T128] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  523.240422][  T128] usb 7-1: config 1 has no interface number 1
[  523.247863][  T128] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  523.268489][  T128] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 26232, setting to 64
[  523.482194][  T128] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  523.483268][  T128] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  523.484360][  T128] usb 7-1: Product: syz
[  523.484376][  T128] usb 7-1: Manufacturer: syz
[  523.485452][  T128] usb 7-1: SerialNumber: syz
[  523.873292][  T128] usb 7-1: USB disconnect, device number 5
[  523.986950][T11816] loop7: detected capacity change from 0 to 736
[  524.148633][ T5177] udevd[5177]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  524.229798][T11820] loop4: detected capacity change from 0 to 16
[  524.277034][T11820] /dev/loop4: Can't open blockdev
[  524.892683][   T26] usb 1-1: USB disconnect, device number 12
[  526.684338][T11858] loop4: detected capacity change from 0 to 512
[  526.734667][T11858] /dev/loop4: Can't open blockdev
[  526.950388][ T5177] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  527.305829][T11867] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2203'.
[  527.695726][T11871] loop5: detected capacity change from 0 to 512
[  527.760000][T11871] EXT4-fs: Ignoring removed mblk_io_submit option
[  527.807521][T11871] EXT4-fs: inline encryption not supported
[  527.871241][   T26] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  527.871588][T11871] EXT4-fs: Ignoring removed mblk_io_submit option
[  527.901297][T11871] /dev/loop5: Can't open blockdev
[  527.935093][ T5178] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  528.201042][   T26] usb 7-1: Using ep0 maxpacket: 16
[  528.213174][   T26] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  528.246650][   T26] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  528.306943][   T26] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  528.679384][   T26] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  528.772299][   T26] usb 7-1: config 0 descriptor??
[  529.511853][T11913] x_tables: duplicate underflow at hook 1
[  530.185258][  T128] usb 7-1: USB disconnect, device number 6
[  532.618550][T11955] device syzkaller0 entered promiscuous mode
[  532.980996][T11968] x_tables: duplicate underflow at hook 1
[  533.552272][T11971] trusted_key: encrypted_key: insufficient parameters specified
[  533.686617][T11975] loop7: detected capacity change from 0 to 512
[  533.722035][T11975] EXT4-fs: Ignoring removed mblk_io_submit option
[  533.728519][T11975] EXT4-fs: inline encryption not supported
[  533.843829][T11975] EXT4-fs: Ignoring removed mblk_io_submit option
[  533.850368][T11975] /dev/loop7: Can't open blockdev
[  536.948108][T12031] loop7: detected capacity change from 0 to 512
[  536.996917][T12031] EXT4-fs: Ignoring removed mblk_io_submit option
[  537.013999][T12028] kvm: pic: non byte write
[  537.018785][T12028] kvm: pic: non byte write
[  537.036391][T12031] EXT4-fs: inline encryption not supported
[  537.036884][T12028] kvm: pic: non byte write
[  537.062734][T12031] EXT4-fs: Ignoring removed mblk_io_submit option
[  537.069593][T12028] kvm: pic: non byte write
[  537.085627][T12031] /dev/loop7: Can't open blockdev
[  537.089248][T12028] kvm: pic: non byte write
[  537.124312][T12028] kvm: pic: non byte write
[  537.129012][T12028] kvm: pic: non byte write
[  537.135948][T12028] kvm: pic: non byte write
[  537.146134][T12028] kvm: pic: non byte write
[  537.162379][T12028] kvm: pic: non byte write
[  538.553986][   T27] audit: type=1326 audit(1764019409.055:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  538.646800][   T27] audit: type=1326 audit(1764019409.055:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  538.803351][   T27] audit: type=1326 audit(1764019409.055:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  538.863284][   T27] audit: type=1326 audit(1764019409.055:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  539.453778][   T27] audit: type=1326 audit(1764019409.055:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  539.477571][   T27] audit: type=1326 audit(1764019409.055:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  539.487347][T12072] loop7: detected capacity change from 0 to 256
[  539.508043][   T27] audit: type=1326 audit(1764019409.055:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  539.545263][   T27] audit: type=1326 audit(1764019409.055:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  539.617285][T12072] /dev/loop7: Can't open blockdev
[  539.648462][T12075] binder: 12074:12075 unknown command 0
[  539.657759][   T27] audit: type=1326 audit(1764019409.055:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  539.673160][T12075] binder: 12074:12075 ioctl c0306201 200000000080 returned -22
[  539.696614][   T27] audit: type=1326 audit(1764019409.055:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12051 comm="syz.4.2262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884718f749 code=0x7ffc0000
[  540.689916][T12089] loop6: detected capacity change from 0 to 1024
[  540.736872][T12089] /dev/loop6: Can't open blockdev
[  541.703706][T12108] loop6: detected capacity change from 0 to 2048
[  542.266859][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x1
[  542.266951][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.266970][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.266989][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267006][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267024][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267058][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267076][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267093][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x2
[  542.267110][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267128][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267146][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267164][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267181][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267198][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267216][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267233][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267251][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267269][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267287][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267304][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267322][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267339][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267357][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267374][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267391][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267409][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267426][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267444][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267461][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267479][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267496][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267515][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267532][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267549][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267567][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267584][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.267602][   T26] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  542.278757][   T26] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  544.285938][T12151] input: syz1 as /devices/virtual/input/input11
[  544.448354][T12170] loop6: detected capacity change from 0 to 512
[  544.469588][T12170] /dev/loop6: Can't open blockdev
[  546.183429][T12187] loop7: detected capacity change from 0 to 512
[  546.206723][T12185] loop6: detected capacity change from 0 to 1024
[  546.212617][T12187] EXT4-fs: Ignoring removed mblk_io_submit option
[  546.230760][T12187] EXT4-fs: inline encryption not supported
[  546.247372][T12185] /dev/loop6: Can't open blockdev
[  546.262614][T12191] netlink: 'syz.4.2310': attribute type 11 has an invalid length.
[  546.278576][T12187] EXT4-fs: Ignoring removed mblk_io_submit option
[  546.473504][T12187] /dev/loop7: Can't open blockdev
[  547.713792][T12209] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2315'.
[  548.978196][T12225] loop6: detected capacity change from 0 to 1024
[  549.056579][T12225] /dev/loop6: Can't open blockdev
[  550.308769][ T5177] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  551.227418][T12255] loop6: detected capacity change from 0 to 512
[  551.277113][T12255] /dev/loop6: Can't open blockdev
[  552.593125][T12284] loop7: detected capacity change from 0 to 512
[  552.849144][T12284] EXT4-fs: Ignoring removed mblk_io_submit option
[  552.914103][T12284] EXT4-fs: inline encryption not supported
[  553.192658][T12284] EXT4-fs: Ignoring removed mblk_io_submit option
[  553.199211][T12284] /dev/loop7: Can't open blockdev
[  554.192960][T12297] syz.7.2346 uses obsolete (PF_INET,SOCK_PACKET)
[  554.557659][T12307] loop7: detected capacity change from 0 to 8
[  554.596548][T12307] /dev/loop7: Can't open blockdev
[  554.912937][ T4326] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  555.073575][ T4326] usb 8-1: device descriptor read/64, error -71
[  555.918821][ T4326] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  556.081091][ T4326] usb 8-1: device descriptor read/64, error -71
[  556.202363][ T4326] usb usb8-port1: attempt power cycle
[  556.694086][ T4326] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  556.877406][ T4326] usb 8-1: device descriptor read/8, error -71
[  557.311241][ T4326] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  557.351910][ T4326] usb 8-1: device descriptor read/8, error -71
[  557.471378][ T4326] usb usb8-port1: unable to enumerate USB device
[  558.718039][T12361] loop6: detected capacity change from 0 to 512
[  558.790346][T12361] /dev/loop6: Can't open blockdev
[  558.984310][ T5839] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  559.178154][ T5839] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  559.501725][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  559.999310][T12392] loop6: detected capacity change from 0 to 128
[  560.199042][T12392] /dev/loop6: Can't open blockdev
[  562.239338][T12410] loop6: detected capacity change from 0 to 1024
[  562.247071][T12410] /dev/loop6: Can't open blockdev
[  562.293465][ T5177] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  562.503239][T12414] loop7: detected capacity change from 0 to 1024
[  562.554537][T12414] /dev/loop7: Can't open blockdev
[  562.782747][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  562.797842][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  564.303431][ T4331] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  564.315839][T12434] loop7: detected capacity change from 0 to 128
[  564.334291][T12434] /dev/loop7: Can't open blockdev
[  564.513165][ T4331] usb 1-1: Using ep0 maxpacket: 32
[  564.524050][T12440] netlink: 'syz.5.2398': attribute type 13 has an invalid length.
[  564.554316][ T4331] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  565.125488][ T4331] usb 1-1: config 0 has no interface number 0
[  565.131749][ T4331] usb 1-1: config 0 interface 184 has no altsetting 0
[  565.240624][ T4331] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  565.251081][ T4331] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.259108][ T4331] usb 1-1: Product: syz
[  565.264135][ T4331] usb 1-1: Manufacturer: syz
[  565.268773][ T4331] usb 1-1: SerialNumber: syz
[  565.275499][ T4331] usb 1-1: config 0 descriptor??
[  565.284588][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  565.296805][ T4331] smsc75xx v1.0.0
[  565.307409][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  565.352052][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  565.431765][ T4331] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  565.446561][ T4331] smsc75xx: probe of 1-1:0.184 failed with error -71
[  565.457568][ T4331] usb 1-1: USB disconnect, device number 13
[  566.382482][T12445] netlink: 92 bytes leftover after parsing attributes in process `syz.6.2399'.
[  575.031291][ T6815] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  575.237212][ T6815] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  575.250198][ T6815] usb 1-1: config 0 has no interface number 0
[  575.275527][ T6815] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  575.310482][ T6815] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[  575.338113][ T6815] usb 1-1: config 0 interface 85 has no altsetting 0
[  575.368963][ T6815] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  575.397028][ T6815] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.425346][ T6815] usb 1-1: Product: syz
[  575.437667][ T6815] usb 1-1: Manufacturer: syz
[  575.454498][ T6815] usb 1-1: SerialNumber: syz
[  575.484746][ T6815] usb 1-1: config 0 descriptor??
[  575.745393][ T6815] appletouch 1-1:0.85: Failed to read mode from device.
[  575.761182][ T6815] appletouch: probe of 1-1:0.85 failed with error -5
[  575.785474][ T6815] usb 1-1: USB disconnect, device number 14
[  577.354611][T12597] loop6: detected capacity change from 0 to 512
[  577.391317][T12597] /dev/loop6: Can't open blockdev
[  577.455992][ T5177] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  578.520072][T12619] loop7: detected capacity change from 0 to 128
[  578.549846][T12619] /dev/loop7: Can't open blockdev
[  580.043783][T12656] loop6: detected capacity change from 0 to 128
[  580.908524][T12665] loop7: detected capacity change from 0 to 128
[  580.989299][T12665] /dev/loop7: Can't open blockdev
[  586.277040][T12730] sock: sock_set_timeout: `syz.5.2495' (pid 12730) tries to set negative timeout
[  592.634157][   T26] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  593.332138][   T26] usb 6-1: not running at top speed; connect to a high speed hub
[  593.383975][   T26] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  593.957698][   T26] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  593.976614][   T26] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  593.994267][   T26] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  594.005846][   T26] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  594.017212][   T26] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  594.041753][   T26] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  594.072752][   T26] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  594.085998][   T26] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  594.096950][   T26] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  594.108890][   T26] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  594.118591][   T26] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.127869][   T26] usb 6-1: Product: syz
[  594.132793][   T26] usb 6-1: Manufacturer: syz
[  594.137415][   T26] usb 6-1: SerialNumber: syz
[  594.387309][   T26] usb 6-1: skipping empty audio interface (v1)
[  594.449278][   T26] snd-usb-audio: probe of 6-1:1.0 failed with error -22
[  594.496089][   T26] usb 6-1: USB disconnect, device number 9
[  594.769098][ T5177] udevd[5177]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  595.351076][T12865] loop7: detected capacity change from 0 to 256
[  595.358919][T12865] /dev/loop7: Can't open blockdev
[  598.381617][ T4318] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  598.721429][ T4318] usb 6-1: Using ep0 maxpacket: 8
[  598.739933][ T4318] usb 6-1: descriptor type invalid, skip
[  598.810150][ T4318] usb 6-1: config 0 has an invalid interface number: 125 but max is 0
[  598.833939][ T4318] usb 6-1: config 0 has no interface number 0
[  598.847627][ T4318] usb 6-1: config 0 interface 125 has no altsetting 0
[  598.875009][ T4318] usb 6-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=8a.dd
[  598.893102][ T4318] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.901787][ T4318] usb 6-1: Product: syz
[  598.906188][ T4318] usb 6-1: Manufacturer: syz
[  598.949718][ T4318] usb 6-1: SerialNumber: syz
[  598.961988][T12913] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2554'.
[  598.977158][T12913] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2554'.
[  598.983176][ T4318] usb 6-1: config 0 descriptor??
[  599.004417][ T4318] hub 6-1:0.125: bad descriptor, ignoring hub
[  599.037770][T12916] loop7: detected capacity change from 0 to 1024
[  599.049787][T12916] /dev/loop7: Can't open blockdev
[  599.053633][ T4318] hub: probe of 6-1:0.125 failed with error -5
[  599.075130][ T4318] usb 6-1: Found UVC 0.00 device syz (17dc:0202)
[  599.090446][ T4318] usb 6-1: No valid video chain found.
[  599.452869][ T6815] usb 6-1: USB disconnect, device number 10
[  603.884525][T12961] input: syz1 as /devices/virtual/input/input14
[  603.914848][T12966] loop7: detected capacity change from 0 to 256
[  603.949598][T12966] /dev/loop7: Can't open blockdev
[  604.005792][T12969] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  605.825682][T13011] xt_socket: unknown flags 0x48
[  606.661239][T13015] input: syz1 as /devices/virtual/input/input15
[  608.060829][T13057] loop6: detected capacity change from 0 to 512
[  608.194046][T13057] /dev/loop6: Can't open blockdev
[  608.791158][T13073] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2607'.
[  609.681310][T13083] input: syz1 as /devices/virtual/input/input16
[  610.902953][T13114] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2619'.
[  611.251487][ T4584] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  611.531610][ T4584] usb 1-1: Using ep0 maxpacket: 16
[  611.552318][ T4584] usb 1-1: unable to read config index 0 descriptor/start: -61
[  611.665769][ T4584] usb 1-1: can't read configurations, error -61
[  611.907412][ T4584] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  612.121016][ T4584] usb 1-1: Using ep0 maxpacket: 16
[  612.138842][ T4584] usb 1-1: unable to read config index 0 descriptor/start: -61
[  612.205802][ T4584] usb 1-1: can't read configurations, error -61
[  612.276979][ T4584] usb usb1-port1: attempt power cycle
[  612.663728][T13124] kvm: pic: level sensitive irq not supported
[  612.663805][T13124] kvm: pic: non byte read
[  612.761520][T13124] kvm: pic: level sensitive irq not supported
[  612.761596][T13124] kvm: pic: non byte read
[  612.794302][T13124] kvm: pic: level sensitive irq not supported
[  612.794370][T13124] kvm: pic: non byte read
[  612.891008][ T4584] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  612.921913][ T4584] usb 1-1: Using ep0 maxpacket: 16
[  612.929468][ T4584] usb 1-1: unable to read config index 0 descriptor/start: -61
[  613.004294][T13139] blktrace: Concurrent blktraces are not allowed on loop8
[  613.031238][T13139] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[  613.423690][ T4584] usb 1-1: can't read configurations, error -61
[  613.591394][ T4584] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  613.842745][T13153] loop7: detected capacity change from 0 to 128
[  613.891091][ T4584] usb 1-1: device not accepting address 18, error -71
[  614.250679][ T4584] usb usb1-port1: unable to enumerate USB device
[  614.649406][T13159] loop7: detected capacity change from 0 to 8
[  614.699949][T13159] unable to read id index table
[  614.866492][T13165] loop6: detected capacity change from 0 to 256
[  614.889209][T13165] /dev/loop6: Can't open blockdev
[  615.034128][ T4584] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  615.236026][ T4584] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  615.288648][ T4584] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  615.309651][T12964] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  615.367078][ T4584] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  615.395862][ T4584] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  615.441698][ T4584] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  615.455935][ T4584] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  615.464587][ T4584] usb 5-1: SerialNumber: syz
[  615.498730][T13163] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  615.537514][ T4584] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  615.886870][ T4584] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[  615.907053][ T4584] usb 5-1: USB disconnect, device number 15
[  616.066052][T13185] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2643'.
[  616.271414][ T4279] Bluetooth: hci1: command 0x0406 tx timeout
[  616.532498][T13184] binder_alloc: 13183: binder_alloc_buf, no vma
[  616.961470][ T4256] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  617.177513][T13195] netlink: 34 bytes leftover after parsing attributes in process `syz.5.2647'.
[  617.194150][ T4256] usb 7-1: Using ep0 maxpacket: 16
[  617.296475][ T4256] usb 7-1: unable to read config index 0 descriptor/start: -61
[  617.317609][ T4256] usb 7-1: can't read configurations, error -61
[  617.471184][ T4256] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  617.885834][ T4256] usb 7-1: Using ep0 maxpacket: 16
[  617.896617][ T4256] usb 7-1: unable to read config index 0 descriptor/start: -61
[  617.913014][ T4256] usb 7-1: can't read configurations, error -61
[  618.100854][ T4256] usb usb7-port1: attempt power cycle
[  618.723410][ T4256] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  618.951181][ T4256] usb 7-1: device not accepting address 9, error -71
[  619.470318][T13222] xt_TCPMSS: Only works on TCP SYN packets
[  621.000437][T13249] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  621.020980][ T6815] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  621.059399][T13249] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  621.099204][T13257] IPv6: Can't replace route, no match found
[  621.211046][ T6815] usb 7-1: Using ep0 maxpacket: 8
[  621.224443][ T6815] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  621.268175][ T6815] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  621.292434][ T6815] usb 7-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  621.322208][ T6815] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.362672][ T6815] usb 7-1: config 0 descriptor??
[  621.400833][ T6815] usbhid 7-1:0.0: can't add hid device: -22
[  621.424036][ T6815] usbhid: probe of 7-1:0.0 failed with error -22
[  621.521249][T13261] loop7: detected capacity change from 0 to 16
[  621.552082][T13261] /dev/loop7: Can't open blockdev
[  621.645436][ T4584] usb 7-1: USB disconnect, device number 11
[  622.321932][T13271] netlink: 34 bytes leftover after parsing attributes in process `syz.4.2673'.
[  623.887931][T13302] netlink: 34 bytes leftover after parsing attributes in process `syz.0.2687'.
[  624.128310][T13308] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2689'.
[  624.203793][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  624.213614][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  626.166546][T13353] loop6: detected capacity change from 0 to 1024
[  626.220195][T13353] /dev/loop6: Can't open blockdev
[  627.161068][ T4584] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  627.352375][ T4584] usb 6-1: Using ep0 maxpacket: 32
[  627.458652][ T4584] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  627.653662][ T4584] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  627.825135][ T4584] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  627.910192][ T4584] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.936336][ T4584] usb 6-1: config 0 descriptor??
[  627.955455][ T4584] hub 6-1:0.0: USB hub found
[  627.986679][T13371] kvm: pic: non byte read
[  628.001333][T13371] kvm: pic: non byte read
[  628.006353][T13371] kvm: pic: single mode not supported
[  628.006371][T13371] kvm: pic: level sensitive irq not supported
[  628.012589][T13371] kvm: pic: non byte read
[  628.043623][T13371] kvm: pic: single mode not supported
[  628.043837][T13371] kvm: pic: non byte read
[  628.055219][T13371] kvm: pic: non byte read
[  628.060097][T13371] kvm: pic: non byte read
[  628.065979][T13371] kvm: pic: single mode not supported
[  628.065997][T13371] kvm: pic: level sensitive irq not supported
[  628.072080][T13371] kvm: pic: non byte read
[  628.089688][T13371] kvm: pic: single mode not supported
[  628.089754][T13371] kvm: pic: non byte read
[  628.105113][T13371] kvm: pic: non byte read
[  628.158048][ T4584] hub 6-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  628.518390][ T4584] usbhid 6-1:0.0: can't add hid device: -71
[  628.525681][ T4584] usbhid: probe of 6-1:0.0 failed with error -71
[  628.582063][ T4584] usb 6-1: USB disconnect, device number 11
[  628.971025][ T4256] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  629.162386][ T4256] usb 5-1: not running at top speed; connect to a high speed hub
[  629.174999][ T4256] usb 5-1: config 1 has an invalid descriptor of length 54, skipping remainder of the config
[  629.211587][ T4256] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  629.234810][ T4256] usb 5-1: config 1 has no interface number 1
[  629.262147][ T4256] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  629.326070][ T4256] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  629.347126][ T4256] usb 5-1: Product: syz
[  629.359072][ T4256] usb 5-1: Manufacturer: syz
[  629.380037][ T4256] usb 5-1: SerialNumber: syz
[  629.629844][ T4256] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor
[  630.263865][ T4256] usb 5-1: 2:1: All rates were zero
[  630.269133][ T4256] usb 5-1: 2:1 : invalid channels 0
[  630.295898][ T4256] usb 5-1: USB disconnect, device number 16
[  631.002575][T12964] udevd[12964]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  631.642128][T13415] hub 2-0:1.0: USB hub found
[  631.651902][T13415] hub 2-0:1.0: 1 port detected
[  633.692591][ T4271] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  633.703698][ T4271] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  633.714710][ T4271] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  633.724531][ T4271] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  633.735560][ T4271] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  633.745028][ T4271] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  634.484712][T13439] chnl_net:caif_netlink_parms(): no params data found
[  634.695336][T13439] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.702952][T13439] bridge0: port 1(bridge_slave_0) entered disabled state
[  634.711733][T13439] device bridge_slave_0 entered promiscuous mode
[  634.720810][T13439] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.728818][T13439] bridge0: port 2(bridge_slave_1) entered disabled state
[  634.737623][T13439] device bridge_slave_1 entered promiscuous mode
[  634.805350][T13439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  634.847982][T13439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  634.920459][T13439] team0: Port device team_slave_0 added
[  634.938860][T13439] team0: Port device team_slave_1 added
[  635.005685][T13439] batman_adv: batadv0: Adding interface: batadv_slave_0
[  635.015194][T13439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.051717][T13439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  635.088883][T13439] batman_adv: batadv0: Adding interface: batadv_slave_1
[  635.099535][T13439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  635.139062][T13439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  635.426006][T13473] fuse: Bad value for 'fd'
[  635.857835][ T4271] Bluetooth: hci2: command 0x0409 tx timeout
[  636.004089][T13439] device hsr_slave_0 entered promiscuous mode
[  636.034079][T13439] device hsr_slave_1 entered promiscuous mode
[  636.079352][T13439] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  636.130987][T13439] Cannot create hsr debugfs directory
[  636.825358][T13439] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.298919][T13439] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.447934][T13439] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.623541][T13439] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.648487][T13490] ------------[ cut here ]------------
[  637.654257][T13490] WARNING: CPU: 1 PID: 13490 at mm/page_alloc.c:5590 __alloc_pages+0x2f4/0x4e0
[  637.663478][T13490] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  637.667404][T13490] CPU: 1 PID: 13490 Comm: syz.4.2747 Not tainted syzkaller #0
[  637.675035][T13490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  637.685250][T13490] RIP: 0010:__alloc_pages+0x2f4/0x4e0
[  637.690646][T13490] Code: 0c 25 28 00 00 00 48 3b 8c 24 a0 00 00 00 0f 85 a0 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 32 1f 45 0c 01 <0f> 0b eb a5 a9 00 00 08 00 8b 74 24 04 75 3e 44 89 f1 81 e1 7f ff
[  637.710402][T13490] RSP: 0018:ffffc90003777a00 EFLAGS: 00010246
[  637.716728][T13490] RAX: ffffc90003777a00 RBX: 1ffff920006eef44 RCX: 0000000000000000
[  637.724793][T13490] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003777a68
[  637.732842][T13490] RBP: ffffc90003777b00 R08: dffffc0000000000 R09: ffffc90003777a40
[  637.740836][T13490] R10: fffff520006eef4d R11: 1ffff920006eef48 R12: 0000000000000014
[  637.748898][T13490] R13: 0000000000000000 R14: 0000000000040cc0 R15: dffffc0000000000
[  637.756944][T13490] FS:  00007f8847fc56c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  637.765957][T13490] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  637.772616][T13490] CR2: 000000110c3debdc CR3: 000000005f9ae000 CR4: 00000000003506e0
[  637.780616][T13490] Call Trace:
[  637.783973][T13490]  <TASK>
[  637.786921][T13490]  ? zone_statistics+0x170/0x170
[  637.791969][T13490]  ? __might_fault+0xa6/0x120
[  637.796675][T13490]  ? __lock_acquire+0x7c50/0x7c50
[  637.801780][T13490]  ? do_vfs_ioctl+0xcb5/0x1d10
[  637.806569][T13490]  __kmalloc_large_node+0x8c/0x1e0
[  637.811752][T13490]  ? raw_ioctl+0x17c7/0x39c0
[  637.816351][T13490]  __kmalloc+0x110/0x240
[  637.820626][T13490]  ? _copy_from_user+0x10b/0x170
[  637.825666][T13490]  raw_ioctl+0x17c7/0x39c0
[  637.830194][T13490]  ? tomoyo_path_number_perm+0x4ae/0x600
[  637.835921][T13490]  ? __kmem_cache_free+0xb6/0x1f0
[  637.841016][T13490]  ? tomoyo_path_number_perm+0x503/0x600
[  637.846682][T13490]  ? tomoyo_path_number_perm+0x1b6/0x600
[  637.852405][T13490]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  637.857896][T13490]  ? make_qualifier+0x3f0/0x3f0
[  637.862857][T13490]  ? __fget_files+0x28/0x4d0
[  637.867489][T13490]  ? bpf_lsm_file_ioctl+0x5/0x10
[  637.872520][T13490]  ? security_file_ioctl+0x7c/0xa0
[  637.877661][T13490]  ? make_qualifier+0x3f0/0x3f0
[  637.882591][T13490]  __se_sys_ioctl+0xfa/0x170
[  637.887211][T13490]  do_syscall_64+0x4c/0xa0
[  637.891723][T13490]  ? clear_bhb_loop+0x60/0xb0
[  637.896435][T13490]  ? clear_bhb_loop+0x60/0xb0
[  637.901195][T13490]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  637.907120][T13490] RIP: 0033:0x7f884718f749
[  637.911632][T13490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.931316][T13490] RSP: 002b:00007f8847fc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  637.939756][T13490] RAX: ffffffffffffffda RBX: 00007f88473e5fa0 RCX: 00007f884718f749
[  637.947839][T13490] RDX: 0000200000000000 RSI: 00000000c0085508 RDI: 0000000000000004
[  637.955880][T13490] RBP: 00007f8847213f91 R08: 0000000000000000 R09: 0000000000000000
[  637.963941][T13490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  637.971982][T13490] R13: 00007f88473e6038 R14: 00007f88473e5fa0 R15: 00007ffde2b13018
[  637.979992][T13490]  </TASK>
[  637.983099][T13490] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  637.990394][T13490] CPU: 1 PID: 13490 Comm: syz.4.2747 Not tainted syzkaller #0
[  637.997865][T13490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  638.007918][T13490] Call Trace:
[  638.011197][T13490]  <TASK>
[  638.014141][T13490]  dump_stack_lvl+0x168/0x22e
[  638.018833][T13490]  ? memcpy+0x3c/0x60
[  638.022821][T13490]  ? show_regs_print_info+0x12/0x12
[  638.028028][T13490]  ? load_image+0x3b0/0x3b0
[  638.032538][T13490]  panic+0x2c9/0x710
[  638.036427][T13490]  ? bpf_jit_dump+0xd0/0xd0
[  638.040929][T13490]  __warn+0x2f8/0x4f0
[  638.044905][T13490]  ? __alloc_pages+0x2f4/0x4e0
[  638.049666][T13490]  ? __alloc_pages+0x2f4/0x4e0
[  638.054520][T13490]  report_bug+0x2ba/0x4f0
[  638.058843][T13490]  ? __alloc_pages+0x2f4/0x4e0
[  638.063600][T13490]  handle_bug+0x3a/0x70
[  638.067746][T13490]  exc_invalid_op+0x16/0x40
[  638.072238][T13490]  asm_exc_invalid_op+0x16/0x20
[  638.077087][T13490] RIP: 0010:__alloc_pages+0x2f4/0x4e0
[  638.082454][T13490] Code: 0c 25 28 00 00 00 48 3b 8c 24 a0 00 00 00 0f 85 a0 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 32 1f 45 0c 01 <0f> 0b eb a5 a9 00 00 08 00 8b 74 24 04 75 3e 44 89 f1 81 e1 7f ff
[  638.102068][T13490] RSP: 0018:ffffc90003777a00 EFLAGS: 00010246
[  638.108133][T13490] RAX: ffffc90003777a00 RBX: 1ffff920006eef44 RCX: 0000000000000000
[  638.116097][T13490] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003777a68
[  638.124055][T13490] RBP: ffffc90003777b00 R08: dffffc0000000000 R09: ffffc90003777a40
[  638.132102][T13490] R10: fffff520006eef4d R11: 1ffff920006eef48 R12: 0000000000000014
[  638.140063][T13490] R13: 0000000000000000 R14: 0000000000040cc0 R15: dffffc0000000000
[  638.148068][T13490]  ? zone_statistics+0x170/0x170
[  638.153112][T13490]  ? __might_fault+0xa6/0x120
[  638.158252][T13490]  ? __lock_acquire+0x7c50/0x7c50
[  638.163284][T13490]  ? do_vfs_ioctl+0xcb5/0x1d10
[  638.168049][T13490]  __kmalloc_large_node+0x8c/0x1e0
[  638.173160][T13490]  ? raw_ioctl+0x17c7/0x39c0
[  638.177765][T13490]  __kmalloc+0x110/0x240
[  638.182017][T13490]  ? _copy_from_user+0x10b/0x170
[  638.186952][T13490]  raw_ioctl+0x17c7/0x39c0
[  638.191359][T13490]  ? tomoyo_path_number_perm+0x4ae/0x600
[  638.196982][T13490]  ? __kmem_cache_free+0xb6/0x1f0
[  638.201998][T13490]  ? tomoyo_path_number_perm+0x503/0x600
[  638.207615][T13490]  ? tomoyo_path_number_perm+0x1b6/0x600
[  638.213236][T13490]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  638.218690][T13490]  ? make_qualifier+0x3f0/0x3f0
[  638.223551][T13490]  ? __fget_files+0x28/0x4d0
[  638.228147][T13490]  ? bpf_lsm_file_ioctl+0x5/0x10
[  638.233075][T13490]  ? security_file_ioctl+0x7c/0xa0
[  638.238174][T13490]  ? make_qualifier+0x3f0/0x3f0
[  638.243014][T13490]  __se_sys_ioctl+0xfa/0x170
[  638.247601][T13490]  do_syscall_64+0x4c/0xa0
[  638.252007][T13490]  ? clear_bhb_loop+0x60/0xb0
[  638.256673][T13490]  ? clear_bhb_loop+0x60/0xb0
[  638.261339][T13490]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  638.267221][T13490] RIP: 0033:0x7f884718f749
[  638.271627][T13490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  638.291225][T13490] RSP: 002b:00007f8847fc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  638.299629][T13490] RAX: ffffffffffffffda RBX: 00007f88473e5fa0 RCX: 00007f884718f749
[  638.307676][T13490] RDX: 0000200000000000 RSI: 00000000c0085508 RDI: 0000000000000004
[  638.315637][T13490] RBP: 00007f8847213f91 R08: 0000000000000000 R09: 0000000000000000
[  638.323599][T13490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  638.331564][T13490] R13: 00007f88473e6038 R14: 00007f88473e5fa0 R15: 00007ffde2b13018
[  638.339541][T13490]  </TASK>
[  638.342802][T13490] Kernel Offset: disabled
[  638.347124][T13490] Rebooting in 86400 seconds..