last executing test programs:

10.76160374s ago: executing program 4 (id=1492):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x10}], 0x4)
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

10.490418472s ago: executing program 0 (id=1494):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x8, &(0x7f0000000140)=ANY=[], 0x1, 0x152b, &(0x7f0000000a00)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
preadv(r6, &(0x7f0000000600)=[{&(0x7f0000000280)=""/215, 0xd7}, {&(0x7f0000000440)=""/53, 0x35}, {&(0x7f0000000480)=""/127, 0x7f}, {&(0x7f0000000500)=""/61, 0x3d}], 0x4, 0x6c, 0x0)

9.65172426s ago: executing program 1 (id=1495):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x14)

9.573938246s ago: executing program 4 (id=1496):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
mmap$fb(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x13, r2, 0xd8000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000440)="97713b46fbaa2b1044f2d408ffca802db4d770eb9874f493e0ef367e4bde497c403b450c72ff2417d079bb892435a1e107fa5c0ecd207d9e6f2a209bf148e6bc56955cb53347d1499097488fcad724a1"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x4c, 0x0, &(0x7f0000000640)=[@reply_sg={0x40486312, {0x4000, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000180)={0x2b, 0x30, 0x30}}, 0x400}], 0xfefa, 0x0, 0x0})

9.378485842s ago: executing program 2 (id=1497):
socket(0x1d, 0x0, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040), 0x0, 0x0, 0x3)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100000000002c0001801400030000000000000000000000ffffac1414bb1400040000000000000000000000ffff000000003c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400fe8000000000000000000000000000bb3c0002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014000400fe8000000000000000000000000000aab5fb91a4fc73b3"], 0xc8}}, 0x0)

9.28520718s ago: executing program 4 (id=1499):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x28, 0x3d, 0x107, 0x0, 0x0, {0x3, 0x7c}, [@nested={0x14, 0x37, 0x0, 0x1, [@typed={0xd, 0x3, 0x0, 0x0, @str='ctr(sm4)\x00'}]}]}, 0x28}}, 0xc000)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0xe)
dup(r2)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x1c, 0x4, 0x8, 0x3, 0x0, 0x0, {0x1, 0x0, 0x4}, [@CTA_TIMEOUT_L4PROTO={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c0c4}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r7, 0x65, 0x1, 0x0, 0x0)

7.530918601s ago: executing program 4 (id=1500):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001b61e308d016a91052300102030909021b0001000000000904000001ff"], 0x0)

7.478562476s ago: executing program 2 (id=1501):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

7.352132116s ago: executing program 1 (id=1502):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb", 0x6e}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000800)="104b0b7073fbd7f77a847bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881f12d750072abc05a7cb8f0e32fc3ec3ed14c3322630a", 0x6e}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{0x0}, {&(0x7f0000001a80)="d61f2c7a6ddbff16a09972b62284a63c170b9a6ec5cd29dfa047b76a9a0eeb4055c9dd2244e47c59e557c459c397cd02eb261fc7d521b1f2e95c3ce17726db0d3236a6d3b52d3f066554d84292329c8a6f034ff8d85d61dcf7ae508c5925903fb1feb7d07fe481313ad476131cf19514d6c77835e9cf82df2f153d9b82985da3e260fc6942d18345ac61b2958886a77e2a2726097d1888a25bee0fdec661520a057f8559f17e462bdf938f7f2303447bfaa744d3891372a825c63e83ff21650af922eaac39ab491cec071d31eebd6526d7a8ddd052d30beb962aeca814ad530c1413e502b92f3e51eaf75ec5b595b19e4945a1a821a8c47f804465f9e04d0ec9aff13036fe4f3a56b324e9ea795cc89d0f30433f3fa8aa7cc4dd93197840d644c6e48329c266316227ea917708cde40163a6b092d3c722a71e9f21255315cb87a74916d56da0479e7e8865b289fc8095a8477e7fee5eda0c55ec6d53c7aac85f6171717935832962f6db7889683497f3f5a4aa6c6af16908cc4c853536c4f624a75cae053c053f8490c028c15bf043adf4729306a4069324be546a83f71c16a15b86f1d6cb5505808acf055c982dfb14eaaa45b139ccc18952a1c1cbde3bb0d4882d72aa508b511b9a3e2b1a11b96aa29650279ca66b2ba92df4f9dcfa322ddd79d8a4da49182ac4d0c7078b2c2c2860e680276da35f952bc9627ab64d475aaeda4e896f04ffbb48983f29cee0574f219acb18778a0b17db40bca0c7102e8d6cbe0d66420a2d836efe9d4932605ad6852bd15bcfbee0fbc22bf79d08512bb8e4ef67004391f17b9723bd61bca96a861833bd415fafb468a205feb866aeaf0057b5d4c2eb5bed757aa6c8a38fd86de6e06bfce036465e63c9a9ae4512985474edbcd3c7ef50e74b4f6091a649cd04c6e14bc7238327edf829e0cca29fe837fd76e49b464933e40cf9799696fdb694a785a4aa7fc9342d32fd2fda5c5f81286dad13a17ac495bafefc5ec9b5ddbd744f879c00635c79d26b8131d7daadb26e5c4d0293ba696d29b1d80be0898263a1b157049fe222f2d2ba85b2dfa5cded7e372edf6bda18ecea8a75be58e19dba91c255561e21128277a8e00fd7c329ef4662494485", 0x322}], 0x2}}], 0x3, 0x0)

7.313368989s ago: executing program 2 (id=1503):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f2110"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, &(0x7f0000000040), 0x0)

6.866375915s ago: executing program 4 (id=1504):
statx(0xffffffffffffffff, 0x0, 0x7100, 0x1, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = syz_open_procfs(0x0, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000004300)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', 0x0, 0x2200892, 0x0)
pread64(r5, &(0x7f0000002240)=""/237, 0xed, 0x4eb)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000180)=0x7ff, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)

6.812304019s ago: executing program 0 (id=1505):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000600)=ANY=[@ANYBLOB="50000000140001000000000000000000fe8000000000000000000000000000aaff020000000000000000000000000001000300"/61, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB='\x00\x00\x00\b'], 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x0)

5.730645617s ago: executing program 0 (id=1506):
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x4d8, 0xf372, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}}}]}}]}}, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet6(0xa, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101140, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x6a3, 0xccb, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x9, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0xa, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x1, 0x7f}}}}}]}}]}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0xc048aeca, &(0x7f0000000080))

5.554407371s ago: executing program 1 (id=1507):
syz_mount_image$ext4(&(0x7f0000000180)='ext3\x00', &(0x7f0000000540)='./bus\x00', 0x8a832, &(0x7f0000000100)={[{@user_xattr}, {@grpjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}]}, 0x1, 0x50c, &(0x7f0000001000)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
prctl$PR_MCE_KILL(0x21, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000080)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@noblock_validity}, {@user_xattr}, {@noblock_validity}, {@data_ordered}, {@inlinecrypt}]}, 0x6, 0x60d, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZp0uZ9k4qILYoBDy1I06QWq15s68EeChbsQcRDQ5PU0O0PmhRsLZiCBwUFEa8ivfgPeJfevYmg3jwLVaSioJKV2Z1tN8lumjbZnTbz+cAkzzwzO8/z3dkn88xMnp0ASmss+5FG7IpYOpVEjLQsG47GwrF8vdu/XzudTUnUam/8lkSS5zXXT/LfO/KZwYj47mjEY5XV5c5fuXp2qlpreD9i/8K5i/vnr1zdN3du6szMmZnzkwdePHho4qXJg5ObEueO/Pex468/9ckH77ww+311XxKH42T/e9OxIo7NMhZjsZSH2JrfFxGHskSb9+VRswVCKLVK/nnsj4gnYiQq9bmGkZj7uNDKAV1Vq0TUgJJKtH8oqWY/oHluv77z4JNd7pX0zq0jjROg1fH3Na6NxGD93Gj77aTlzKhxbWN0E8rPyvj32u4vsimWXYf4687e6duEcjpZvB4RT7aLf6Bet9F6pFn86bJ6JBExUV+rUb9XN1CHpCXdjeswa+kcf7Jm/GlEHM5/Z/lHH7D8sRXzvY4fgHK6eSQ/kC9mc3ePf1nfo9n/iTb9n+E2x64HUfTxr3P/r3m8H6xfI09X9MOyPsuJ9pvsX5nx80fHPutUfmv/L5uy8pt9wV64dT1i94r4P8yCzfs/WfxJm/2frXLq8PrKeO2HX491WlZ0/LUbEXvanv/c7ZVmqTXuT+6fnavOTDR+ti3jm2/f/qpT+fcV/+CGw10l2//bO8Tfsv/Tla/L3pOL6yzj6xM3znVaNnzP+NNfBpLG+eZAnvPu1MLCpcmIgeR4vkpL/oG169Jcp7mNLP69z7Zv/8s+/9eXb2eo+SdzHS6+eXb5DeAWD/L5b9nWUqftrlcW//S99/+q9p/lfbrOMv586/LTnZatFf/QRgIDAAAAAACAEkrr92CTdPxOOk3HxxvjZR+P7Wn1wvzCc7MXLp+fjthb/3/I/rR5p3ukMZ9k85P5/8Nm880756Mty5+PiJ0R8XllqD4/fvpCdbrg2AEAAAAAAAAAAAAAAAAAAOBhsSMf/998TvUflcb4f6AkuvmAOeDhpv1DedXb/6pHPAFl4PgP5aX9Q3lp/1Be2j+Ul/YP5aX9Q3lp/1Be2j8AAAAAbEk7n7n5UxIRiy8P1afMQL7MiCDY2vqLrgBQmErRFQAKc+fWv84+lM66+v9/518O2P3qAAVI2mXWOwe1tRv/zbavBAAAAAAAAAAAAAC6YM+uzuP/jQ2Grc2wPyivDYz/99UB8Ijz1f9QXs7xgXuN4h/stMD4fwAAAAAAAAAAAADomeH6lKTj+Vjg4UjT8fGI/0XEaPQns3PVmYmI+H9E/Fjp35bNT0ZEbVvRNQcAAAAAAAAAAAAAAAAAAICtY/7K1bNT1erMpdbEP6tytnai+RTUHpT1StznqyLp/dsyFBGF75RliaVN3GBfS04SsZjt+cIDbCTi4ahGPVHwHyYAAAAAAAAAAAAAAAAAACihlrHH7e3+ssc1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDeu/v8/+4lio4RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg0/RcAAP//n2NBFg==")
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioprio_set$uid(0x3, 0xee01, 0x4000)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000480)='pids.events\x00', 0x275a, 0x0)
read$rfkill(r2, &(0x7f0000000080), 0x58)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000000)="2e000000010000", 0x7)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)

5.342983458s ago: executing program 4 (id=1508):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x7, 0x4, 0x4, 0x7ff}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

4.898529064s ago: executing program 3 (id=1510):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
epoll_create1(0x0)
socket(0x1, 0x80802, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x8042, 0x0)
write$P9_RSTATu(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="390200000200000005f800000000000000000000000006000000000000000000784100000000fdffffff00000000000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b920000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500002b595fcb14034354b9fd9ef196a51cd5157adc8103b494e11d00d299988014986ce982cfc26dd7c500f04cd85f2a70f5e9930e97a59a645500f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0b4f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a4cc280e8e289da029a37002c016f6465762f6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff0000000000000000000000000000000000c32108c238572e696bc630a749c3aebc8fdc3898462a98eb576e8cd05e5b0f4a5bbb91cc8791841e6e294d16d85c16290bedbd056a0f7afd4e42e9960cb07ee2905b26ec323a6f77d671b4e42a9e1c3b37659a73808f6f1fabdc650d4ca7423f26c5382f7a8b83c23ad0cff082", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x239)
ioctl$SNDCTL_TMR_CONTINUE(0xffffffffffffffff, 0x5404)
openat$ttynull(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0xf0ffffffffffff, 0x0, 0x30004804}, 0x840)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, 0x0, &(0x7f0000000240))
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x5}, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x19, 0x0, &(0x7f0000000100)=0x28)
epoll_create1(0x0)

3.83218272s ago: executing program 3 (id=1511):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r1, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
write$sysctl(r1, &(0x7f0000000000)='2\x00', 0x2)

3.785823284s ago: executing program 2 (id=1512):
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x14c0e, &(0x7f00000001c0)=ANY=[@ANYBLOB="6d61703d6f66662c6d61703d61636f726e006e6f726f636b2c73657373696f6e3d307830203030303030303030332c636865636b3d72656c617865642c6e6f726f636b416e0400000000000000c86b2c6d6f44653d30783030303030303090cf5cee73e4fdbccf1ad8f6238d714830303030303030756e686964652c6d61703d61636f726e2c6f76657272696467726f636b706572916964652c00add51ea2b35249a135fa479f9069028397e9808a385f6e0c9ab44fb55e327ad812fe293a6347f7f50263af07e2638e5c5522fc046bdeb75ac5ae4dfa74f42b394b1587068ecfa5acd43d2ca29a5d67adb9bfb87ce6ccb85cb9ae05ac0000000000", @ANYRESOCT], 0xfd, 0x6b1, &(0x7f0000001f80)="$eJzs3V1vG1kdx/Hf2E7iZFFVAapWVbc5bVkpFcW1nW2qqFzsMBknA7bHmnEgkZBWhSarqk6Btkg0NyU3PEjLG+Bub7jgRazE9b4LuAJpBXcgJDRoZjx+iB9St0m6D99P1Ho8c+ac/5zj+t+JPWcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkORvlcsVS3Wtu75jJnI3Ab2RP8hrZntY2p5vpws1pbc7F7UpW/EfFot5OV7/9zX6RS/Ff13UlfXZFxfihqMO3Ll28941CLtt/SsCvQrNW+PT54aP7nc7ek5com9fM1b9Jyr1EoU236YW+17A3XeOFvllfWyvf3qqFpubV3XA3bLsN4wRuru0HZsW5aSrr66vGLe36283NDbvuZivvfqdaLq+Z7y+kAy2pFDpbXr3uNTeTMvHmuMxd89GP0wKu3TBm/2Fnb3Ugnhfj+jguVDnpSOJC1ZMKVcvVaqVSrVbW7qzfuVsuF0ZWlGNWuUcjJU79RYsvmNN9AwdeQy7O/3+1pLqKampbOzJjfxxtKJCvxoTtXVn+f/e2O7XdwfyfZfm5/ubLSvL/1fTZ1Un5f0IsRibZYdwWa8L62X7mkoiMnuq5DvVI99VRR3t6cgp1G5nlU6nlHH425aopT6F8eWrITtaY7hqjda1pTWV9oC3VFMqoJk91uQq1q1BtufEraj4eLVe22vIVyGhFjm7KqKJ1rWtVRq5K2pWvbTW1qQ3Z+ncURft6mPT7aj+m/PGRV1aoMuEgFlTIXnd7qk452kn5/ycv0r27+b9M/v+qSl8HC+nDp9PKAJ8DUff8f0bLZxMNAAAAAAA4C1by23cr+VT+HUmRal7dLb/psAAAAAAAwCmyFC3oiqz0W/l6Rxbn/wAAAAAAfNlYyTV2lqSl5Ev9Vv9yqZf5JUD+HEIEAAAAAACvKbny/+q8FCWTVizLmun8HwAAAAAAfAH8bmCO/UI2x26Ufayfk7T8twXrk38uKJizjlo737IO7HiLfdAtM/INgHbtsnWhO1Fv8jAvKXnmuFesbmvdSTB78w5+tn/SXP9WcCyA+fxgBRMCsOKW1wrdZ/pI19JdrnXnmX9wmFOyJW1lqebV3ZLj1+9VZNsXcm13p/3Lxw9/JQW949x/2Nkr/fRnnQdJLEfxqqODuNIXQ+HkxndGP5ZnyXwLyTUX4454UbWsyd83G0tW0m45O/687IPcYEPTBqDf5m90PR2z61FadumwN+O+JS0nkz9USsmQDR19MGf1o6gcP/JxAzEhimISxY20zI2VG+lDFl9cT84qfjsvVUujYzAURXUwipP7wvrXSF9Mi0JWMe6L1TiKv8QVHYviR5+kO6/OFsXIiADAm7Lfz0LJJOYjeTdLD9mb2ivlnZOz+/vD2f3ZH6M0Q+WlQveziamtFBW/o69YSR6aTyd0L1we845eLv0niiL7QlGD7+j/i1K9HPty2e0oiqLjx/rn/j2QumGPRPHfKIruVZJM8odjWfXjeIePJ7Yb1qv5uAtvPzv4eTIBfuzDvQ/3Hlerq2vl98rlO1XNJf9V6D7kRe4BAIw4+R47SYnclBLWe7qW1nHtwT/eTZeGMt7Xu18pyHT0QLeyWwgsj691aeBrCLfSs1bp+lL6uHRoLl28tygNlLUKyR1ebk08q0ty6UC91V7Z7L5Dx88A+2VXz3IIAAA4d9cn5GFpKP9rOP8Xh/L/La2kJVYujz3vHs7l3bPj3in9pLKVk4N//5Q7AwCArwg3+Mxaav/WCgKv9UFlfb1it7dcE/jOD0zgbWy6xmu23cDZspubrmkFftt3/LppBVrwFt3QhNutlh+0Tc0PTMsPvZ3kzu+me+v30G3YzbbnhK26a4eucfxm23baZsMLHdPa/l7dC7fcINk5bLmOV/Mcu+35TRP624HjlowJXXegoLfhNttezYsXm6YVeA072DU/9OvbDddsuKETeK22n1aYteU1a37QSKotKZr5RocAAHwZPX1++Oh+p7P35PjCYnxqnq450oQyowvzYypkjiAAAD5n+ul6hp2KZxgQAAAAAAAAAAAAAAAAAAAAAAAYcfIlfTMuzI27WFDqrfnFhe4a/Vr9SwxH6rF02oHNspCbda/skojDR59OKbzYW5N1/2CZo1ka1UXplQ/w71+T3krWKF1TOP0+XJwyuGex8N39tEcn95gm9NhCbywKp//PIV54/KcJm6IoiqbvvjDch/PTDnB4oSDpyfxrDMH5vxcBOF//DwAA//9wiz37")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_extract_tcp_res(0x0, 0xfffffff7, 0x3ff)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r4, 0xc1004110, &(0x7f0000000000)={0x0, [0x6, 0xffff133a, 0x3], [{0x0, 0x3ff, 0x0, 0x1}, {0x35, 0x35}, {0x0, 0x7}, {0xffffffff}, {0xfffffffc}, {}, {}, {0xffffffff}, {}, {}, {}, {0x100}], 0x2})

2.882477437s ago: executing program 2 (id=1513):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_PMU_CAPABILITY(r1, 0x4068aea3, &(0x7f0000000c00)={0xd4, 0x0, 0xb91d})

2.882181637s ago: executing program 3 (id=1514):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r0}, 0x18)
epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0x4, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @cgroup_sock_addr=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb58}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={0x14, r2, 0x309, 0x2, 0x25dfdbfc, {0x1d}}, 0x14}, 0x1, 0x0, 0x0, 0x4008915}, 0x20040000)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20000080)

2.825375742s ago: executing program 0 (id=1515):
syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x713, &(0x7f0000000840)="$eJzs3V2P21gZB/D/STJJJoVSAapWVbdzOmWlqRhSJ7NNFQ1IGOckY0jiyPbAjIS0KnQGjZop0BaJ5qadG16k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a7sv/N9qNc/z4+PGx12c9Yx+DiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIIKyGYVQE2nZ3d0/OZjVcp5N8yWJqflTbCm5GEzfnrXMlXC8gwn9QLOKNqPiNr45CLof/WsfV6NtVFMOPIgYXLl/a/koukyw/J+HngUUrfPRkcP9uv3/w8ByxWSxc/euEzDmCWqpre47dMVtK2p4j67WacWun6cmm3VbevuerjrRclfEdV25YN2WlXt+Sqrzv7HZbDbOtksI736gaRk1+txDtaABlz9qx222729Ix4eww5o5894dRgDI7Uh4e9Q+2xvJ5mtbGYVAlJfnMeHAYVD1rc6tGtVqpVKuV2u367TuGkZsqMELCGMJUxNIPWnqdMvHxusAiyzt5E72gjNX4r/EXAbRRRBe72INM/bHQgAsHnRnzY0n//9YtNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/AEA9zHXfTRxwEeLqFuCbn2wjXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwDnbQhAeJJmy0oeBhHx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24WAXXbTQgImPgiA4xJFu9604n2cpW40kqDJjIwrIJcfdAapztnZW//+jp9HScf9vsP//vIqOg0L08cG8GKJPgCC+/l/Q2svJhoiIiIiIiIheBqF/+y70X+XfBBCgabeVcSqm8NqyIyIiIiIiIqJlEAgKuAoR3ZWPNyGmr/+JiIiIiIiI6NNN6GfsBICSvqlfjB6XOs8vAbKvIEUiIiIiIiIiekH6yf9reSDQd/mvQSx0/U9EREREREREnwK/GRtjP5eNx9gNkj/rZwCs/bUg3v9HAe6KOOntfU0cm+Ec8ziOmboDwG9eERfjgXr1Rx6A/mapqyJemwT+nfz2IfThYfpY/8+CiBDCnUggnx2vYEYCIlxzLRd/w7u4Hi1yPR5n/t4gAz0nGlG41LTbqmw57e0KTPNixld7/i8eHP0ScIfbeXjUPyj/+Kf9ezqXk7Do5Dis9OmpdDLpjTHK5bEeb0E/c5E2uvEqmskqf9vtlIRer5FsfxbmcWZ8RfN2QG0ViLbyV1iP9tl6EMWWBsMR9wWwpgd/qJT1Lju19e6KGGVRmdzytB0xY8uLOosbUcyNjRvRR9ImYT0ZUfx6FqjmMLEPwkTHsqiOZ3F2W4h/TrT//CwgimFbbJW3K/hTWNFEW/zg/Wjhrd5eMjzGebKYOgqIiF6Xw1EvpAcxnxpjP+kekpPa+fsd5ID4LDejdx+tJYj7j6R3f/z7IOqhskAu/ttE+lqSfgXhGX1D6Hry0YDuuSspZ3Sj/HEQBObFIsbP6P8LgmSDjAV6t5MgCCbP6H8cvQMpTnsqi/8EQbBd0T3J7yZ61ffCBd6buV6vXc2iiAIeH/8MHyWzD35y8KBa3aoZbxvG7SpW9P8qxB9ZsO8hIqIpZ79jR0dk5kSIt3E9quP6vb+/FU2d6vG+HN9SoN0C+riHzeQVAmvptZZwiG/9K7oNYTO6agXWS9FnaSAvX9oOr2qHsUcip9/wsjnzqk53llGsvr2hOoxN3js0eQU4it16yXuBiIjo1Vqf0Q8Dp/p/nO7/i6f6/01sRBEbV1Kvu0tjtxRuJlfHw0v6wYWT1NjK2cl/e8mNQURE9Dmh3A9Fyf+1cF27906lXq+Y/o6SrmN9T7p2o6Wk3fWVa+2Y3ZaSPdfxHctpy56Lgr2qPOnt9nqO68um48qe49l7+s3vMn71u6c6Zte3La/XVqanpOV0fdPyZcP2LNnb/U7b9naUqxf2esqym7Zl+rbTlZ6z61qqLKWn1Fig3VBd327a4WRX9ly7Y7r78vtOe7ejZEN5lmv3fCeqMFmX3W06bkdXW0aw8IsOiYiIPosePRncv9vvHzycnFgNL82jkhPMiJmeyKdUyDGCiIiIPmFG3fV4afCluQsVX3ZWREREREREREREREREREREREREREREREQ07uxH+hacWEl7WBAYlvz8YlyCZxg9YjhVj8CL5vOx+2c9sN/zLJ4ZlggA51gqeSRicP+DOcGr0URwt580/3jMySIZ4hLw3O3zty8AF3QJopLcEg+A6edHl36MpU188zBq0VkxembqrMJwX+SW/59DOPHgD9OzRNjyQRAE8xcvnG7D/PmP5xyAh/k5u2D1jOPnVZ+JiOhV+38AAAD//+aCMRM=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
getdents64(r0, &(0x7f0000000100)=""/134, 0x86)

2.282230266s ago: executing program 3 (id=1516):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xc2a)
setresuid(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/ip6_tables_matches\x00')
r1 = add_key$keyring(&(0x7f0000000a40), &(0x7f0000000a80)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$chown(0x4, r1, 0xee01, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x15)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040890}, 0x200080c0)

2.2265208s ago: executing program 1 (id=1517):
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
unshare(0x2a020400)

2.176142554s ago: executing program 2 (id=1518):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="07000000040000008000"], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000001300"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x42002)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110c23004a)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1980, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110c230005)
close(r3)

1.944633153s ago: executing program 0 (id=1519):
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_route(0x10, 0x3, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
socket(0x28, 0x5, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x42, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x1})
fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)

650.529097ms ago: executing program 1 (id=1520):
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0x4}}, 0x9)

221.988502ms ago: executing program 3 (id=1521):
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0)=""/83, 0x53)

179.542975ms ago: executing program 0 (id=1522):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x1, 0xa42)
r0 = io_uring_setup(0x6dc6, &(0x7f00000001c0)={0x0, 0xcf51, 0x400, 0x2})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
socket(0x2b, 0x1, 0x1)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x5)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

14.455969ms ago: executing program 3 (id=1523):
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0xa00000, &(0x7f0000002580)=ANY=[@ANYBLOB="756e64656c6574652c696f636861727365743d6575632d6a702c757466382c756e686964652c6164696e6963622c7569643d666f726765742c766f6c756d653d30303030303030303030303030303030303030362c696f636861727365743d6d6163637972696c6c69632c6c617374626c6f636b3d30303030303030303030303030303030303030352c00ccf28d6ada7a3a420c3e2897e0f74dc7413e95c4b1152100569303b2d6e21e81fdf4d71a2f435ca3f85b7d25479a9d6c0bf5a0b6983154c0193e415a207c51517db48a7bf9972aba6a44887a6e91c44dd99040a2dc77234a031e3aafc02cfc18f69a7cdc51a4354d58c373ffce575569061b800c9d0b8ce5929cd3d6eedbe3fca54e25eb1c5535047e0ba7814ea5658fdf4a671a1aa77197f176436bbc448e67bdfe5ba8b254558e6c77ad8f2b912b"], 0x2, 0xc43, &(0x7f00000010c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
sendfile(r1, r1, 0x0, 0xfffe82)

0s ago: executing program 1 (id=1524):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000180)=[{0x7, 0x0, 0x0, 0x7ffc0002}]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000001c0), 0x13f, 0x1}}, 0x20)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$netlink(0x10, 0x3, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x22803)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0xf3, 0x1b1c07, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x80d02, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES16=r5, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x24000001}, 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000000)={{0x80}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x80000041})

kernel console output (not intermixed with test programs):

 T8874]  </TASK>
[  507.026070][ T8868] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  507.059248][ T8879] fuse: Unknown parameter 'd'
[  507.067670][ T8868] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  507.093101][ T8868] UDF-fs: Scanning with blocksize 4096 failed
[  507.114062][ T8868] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
[  507.338474][ T8876] loop0: detected capacity change from 0 to 32768
[  507.371670][ T8885] fuse: Bad value for 'rootmode'
[  507.452250][ T8884] loop2: detected capacity change from 0 to 512
[  507.501154][ T8876] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  507.518874][   T27] audit: type=1800 audit(1756641597.854:41): pid=8876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1096" name="file1" dev="loop0" ino=9553 res=0 errno=0
[  507.616386][ T4265] ocfs2: Unmounting device (7,0) on (node local)
[  507.653444][ T8884] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  507.671030][ T8884] ext4 filesystem being mounted at /227/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  507.771979][ T8881] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1093: bg 0: block 217: padding at end of block bitmap is not set
[  508.163615][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  508.653943][ T8892] loop0: detected capacity change from 0 to 32768
[  508.739957][ T8892] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  508.801187][ T8892] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  508.821379][ T8892] BTRFS info (device loop0): using free space tree
[  508.874275][ T8904] loop2: detected capacity change from 0 to 8192
[  508.945366][ T8904] FAULT_INJECTION: forcing a failure.
[  508.945366][ T8904] name failslab, interval 1, probability 0, space 0, times 0
[  508.980865][ T8904] CPU: 0 PID: 8904 Comm: syz.2.1102 Not tainted syzkaller #0
[  508.988314][ T8904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  508.998410][ T8904] Call Trace:
[  509.001720][ T8904]  <TASK>
[  509.004672][ T8904]  dump_stack_lvl+0x168/0x22e
[  509.009393][ T8904]  ? show_regs_print_info+0x12/0x12
[  509.014629][ T8904]  ? load_image+0x3b0/0x3b0
[  509.019172][ T8904]  ? __might_sleep+0xd0/0xd0
[  509.023810][ T8904]  ? __lock_acquire+0x7c50/0x7c50
[  509.028878][ T8904]  should_fail_ex+0x399/0x4d0
[  509.033691][ T8904]  should_failslab+0x5/0x20
[  509.038238][ T8904]  slab_pre_alloc_hook+0x59/0x310
[  509.043386][ T8904]  ? file_end_write+0x156/0x250
[  509.048456][ T8904]  kmem_cache_alloc+0x56/0x2f0
[  509.053279][ T8904]  ? getname_flags+0xb7/0x500
[  509.058025][ T8904]  getname_flags+0xb7/0x500
[  509.062564][ T8904]  do_sys_openat2+0xcf/0x490
[  509.067181][ T8904]  ? do_sys_open+0xe0/0xe0
[  509.071780][ T8904]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  509.077780][ T8904]  ? lock_chain_count+0x20/0x20
[  509.082673][ T8904]  __x64_sys_openat+0x135/0x160
[  509.087639][ T8904]  do_syscall_64+0x4c/0xa0
[  509.092161][ T8904]  ? clear_bhb_loop+0x60/0xb0
[  509.096852][ T8904]  ? clear_bhb_loop+0x60/0xb0
[  509.101535][ T8904]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  509.107534][ T8904] RIP: 0033:0x7f206c38ebe9
[  509.111976][ T8904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.131689][ T8904] RSP: 002b:00007f206a5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  509.140119][ T8904] RAX: ffffffffffffffda RBX: 00007f206c5c5fa0 RCX: 00007f206c38ebe9
[  509.148105][ T8904] RDX: 0000000000002041 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  509.156174][ T8904] RBP: 00007f206a5f6090 R08: 0000000000000000 R09: 0000000000000000
[  509.164152][ T8904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.172128][ T8904] R13: 00007f206c5c6038 R14: 00007f206c5c5fa0 R15: 00007ffe78ec7258
[  509.180122][ T8904]  </TASK>
[  509.229218][ T8897] loop3: detected capacity change from 0 to 32768
[  509.279832][ T8897] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by syz.3.1100 (8897)
[  509.407523][ T8903] loop1: detected capacity change from 0 to 32768
[  509.499582][ T8892] BTRFS info (device loop0): enabling ssd optimizations
[  509.572410][ T8892] FAULT_INJECTION: forcing a failure.
[  509.572410][ T8892] name failslab, interval 1, probability 0, space 0, times 0
[  509.598144][ T8903] XFS (loop1): Mounting V5 Filesystem
[  509.650956][ T8892] CPU: 0 PID: 8892 Comm: syz.0.1099 Not tainted syzkaller #0
[  509.658402][ T8892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  509.668484][ T8892] Call Trace:
[  509.671790][ T8892]  <TASK>
[  509.674755][ T8892]  dump_stack_lvl+0x168/0x22e
[  509.679668][ T8892]  ? show_regs_print_info+0x12/0x12
[  509.684976][ T8892]  ? load_image+0x3b0/0x3b0
[  509.689497][ T8892]  ? __might_sleep+0xd0/0xd0
[  509.694301][ T8892]  ? __lock_acquire+0x7c50/0x7c50
[  509.699351][ T8892]  should_fail_ex+0x399/0x4d0
[  509.704050][ T8892]  should_failslab+0x5/0x20
[  509.708640][ T8892]  slab_pre_alloc_hook+0x59/0x310
[  509.713695][ T8892]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[  509.719456][ T8892]  __kmem_cache_alloc_node+0x4f/0x260
[  509.725098][ T8892]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[  509.730840][ T8892]  __kmalloc+0xa0/0x240
[  509.736761][ T8892]  tomoyo_realpath_from_path+0xdf/0x5d0
[  509.742343][ T8892]  tomoyo_path_number_perm+0x1e3/0x600
[  509.747807][ T8892]  ? tomoyo_path_number_perm+0x1b6/0x600
[  509.753447][ T8892]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  509.758939][ T8892]  ? ksys_write+0x1bd/0x240
[  509.763555][ T8892]  ? common_file_perm+0x171/0x1c0
[  509.768754][ T8892]  ? __fget_files+0x28/0x4d0
[  509.773374][ T8892]  security_file_ioctl+0x6c/0xa0
[  509.778416][ T8892]  __se_sys_ioctl+0x48/0x170
[  509.783106][ T8892]  do_syscall_64+0x4c/0xa0
[  509.787564][ T8892]  ? clear_bhb_loop+0x60/0xb0
[  509.792246][ T8892]  ? clear_bhb_loop+0x60/0xb0
[  509.796952][ T8892]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  509.802861][ T8892] RIP: 0033:0x7f1797d8ebe9
[  509.807307][ T8892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.827017][ T8892] RSP: 002b:00007f1798cc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  509.835441][ T8892] RAX: ffffffffffffffda RBX: 00007f1797fc5fa0 RCX: 00007f1797d8ebe9
[  509.843419][ T8892] RDX: 0000200000001640 RSI: 0000000050009401 RDI: 0000000000000003
[  509.851395][ T8892] RBP: 00007f1798cc6090 R08: 0000000000000000 R09: 0000000000000000
[  509.859424][ T8892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.867660][ T8892] R13: 00007f1797fc6038 R14: 00007f1797fc5fa0 R15: 00007ffe40e303f8
[  509.876003][ T8892]  </TASK>
[  509.931192][ T8892] ERROR: Out of memory at tomoyo_realpath_from_path.
[  509.938340][ T8892] BTRFS info (device loop0): Snapshot src from another FS
[  510.039548][ T8903] XFS (loop1): Ending clean mount
[  510.102606][ T8903] XFS (loop1): Quotacheck needed: Please wait.
[  511.087310][ T4427] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by udevd (4427)
[  511.113729][ T4265] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  511.401398][ T8944] FAULT_INJECTION: forcing a failure.
[  511.401398][ T8944] name failslab, interval 1, probability 0, space 0, times 0
[  511.460897][ T8944] CPU: 1 PID: 8944 Comm: syz.2.1109 Not tainted syzkaller #0
[  511.468370][ T8944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  511.478557][ T8944] Call Trace:
[  511.481877][ T8944]  <TASK>
[  511.484836][ T8944]  dump_stack_lvl+0x168/0x22e
[  511.490218][ T8944]  ? show_regs_print_info+0x12/0x12
[  511.495657][ T8944]  ? load_image+0x3b0/0x3b0
[  511.500219][ T8944]  ? __might_sleep+0xd0/0xd0
[  511.504862][ T8944]  ? __lock_acquire+0x7c50/0x7c50
[  511.509932][ T8944]  ? common_file_perm+0x171/0x1c0
[  511.515018][ T8944]  should_fail_ex+0x399/0x4d0
[  511.519759][ T8944]  should_failslab+0x5/0x20
[  511.524408][ T8944]  slab_pre_alloc_hook+0x59/0x310
[  511.529453][ T8944]  kmem_cache_alloc+0x56/0x2f0
[  511.534416][ T8944]  ? copy_fs_struct+0x4b/0x270
[  511.539199][ T8944]  copy_fs_struct+0x4b/0x270
[  511.543824][ T8944]  ksys_unshare+0x373/0x890
[  511.548345][ T8944]  ? sighand_ctor+0x40/0x40
[  511.553031][ T8944]  ? lock_chain_count+0x20/0x20
[  511.557903][ T8944]  ? syscall_enter_from_user_mode+0x21/0x80
[  511.563812][ T8944]  __x64_sys_unshare+0x34/0x40
[  511.568590][ T8944]  do_syscall_64+0x4c/0xa0
[  511.573038][ T8944]  ? clear_bhb_loop+0x60/0xb0
[  511.577895][ T8944]  ? clear_bhb_loop+0x60/0xb0
[  511.582587][ T8944]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  511.588507][ T8944] RIP: 0033:0x7f206c38ebe9
[  511.592929][ T8944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.612815][ T8944] RSP: 002b:00007f206a5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  511.621249][ T8944] RAX: ffffffffffffffda RBX: 00007f206c5c5fa0 RCX: 00007f206c38ebe9
[  511.629223][ T8944] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000006020400
[  511.637209][ T8944] RBP: 00007f206a5f6090 R08: 0000000000000000 R09: 0000000000000000
[  511.645186][ T8944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.653161][ T8944] R13: 00007f206c5c6038 R14: 00007f206c5c5fa0 R15: 00007ffe78ec7258
[  511.661151][ T8944]  </TASK>
[  511.682779][ T8948] fuse: Unknown parameter 'd'
[  511.748847][ T8903] XFS (loop1): Quotacheck: Done.
[  511.846551][ T8958] loop2: detected capacity change from 0 to 128
[  511.870348][ T4266] XFS (loop1): Unmounting Filesystem
[  512.044728][ T8958] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  512.088182][ T8961] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  512.171307][ T8962] dns_resolver: Unsupported server list version (0)
[  512.212621][ T8958] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  512.397905][ T8958] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  512.537283][ T8958] UDF-fs: Scanning with blocksize 512 failed
[  512.646166][ T8958] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  512.771920][ T8958] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  512.832928][ T8958] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  512.846442][ T8958] UDF-fs: Scanning with blocksize 1024 failed
[  512.870567][ T8958] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  512.887305][ T8958] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  512.897084][ T8958] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  512.910687][ T8958] UDF-fs: Scanning with blocksize 2048 failed
[  512.918779][ T8958] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  512.931740][ T8958] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  512.942771][ T8958] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  512.950570][ T8958] UDF-fs: Scanning with blocksize 4096 failed
[  512.956894][ T8958] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  513.269320][ T8967] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  513.297584][ T8967] device syzkaller0 entered promiscuous mode
[  513.310348][ T8967] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1115'.
[  513.357505][ T8967] tipc: Resetting bearer <eth:syzkaller0>
[  513.372553][ T8966] tipc: Resetting bearer <eth:syzkaller0>
[  513.457300][ T8966] tipc: Disabling bearer <eth:syzkaller0>
[  513.506953][ T8948] loop0: detected capacity change from 0 to 32768
[  513.648564][ T8948] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  513.858467][ T4265] ocfs2: Unmounting device (7,0) on (node local)
[  513.878306][ T8968] loop3: detected capacity change from 0 to 32768
[  513.960951][ T8968] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  513.995765][ T8968] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  514.026325][ T8968] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  514.090017][ T8968] BTRFS info (device loop3): use lzo compression, level 0
[  514.131353][ T8968] BTRFS info (device loop3): using free space tree
[  514.910903][ T8968] BTRFS info (device loop3): enabling ssd optimizations
[  515.077370][ T9012] FAULT_INJECTION: forcing a failure.
[  515.077370][ T9012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  515.113245][   T27] audit: type=1800 audit(1756641605.454:42): pid=8968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1114" name="file1" dev="loop3" ino=260 res=0 errno=0
[  515.188152][ T9012] CPU: 1 PID: 9012 Comm: syz.0.1122 Not tainted syzkaller #0
[  515.195604][ T9012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  515.205701][ T9012] Call Trace:
[  515.209013][ T9012]  <TASK>
[  515.211976][ T9012]  dump_stack_lvl+0x168/0x22e
[  515.216700][ T9012]  ? show_regs_print_info+0x12/0x12
[  515.222028][ T9012]  ? load_image+0x3b0/0x3b0
[  515.226587][ T9012]  ? __lock_acquire+0x7c50/0x7c50
[  515.231753][ T9012]  should_fail_ex+0x399/0x4d0
[  515.236578][ T9012]  _copy_from_user+0x2c/0x170
[  515.241389][ T9012]  core_sys_select+0x4d0/0x8b0
[  515.246214][ T9012]  ? poll_select_set_timeout+0x150/0x150
[  515.251915][ T9012]  ? sigprocmask+0x190/0x190
[  515.256589][ T9012]  ? __fget_files+0x44a/0x4d0
[  515.257280][ T8977] loop1: detected capacity change from 0 to 32768
[  515.261322][ T9012]  __se_sys_pselect6+0x2ed/0x3a0
[  515.261356][ T9012]  ? __x64_sys_pselect6+0xf0/0xf0
[  515.261385][ T9012]  ? __x64_sys_pselect6+0x1d/0xf0
[  515.282854][ T9012]  do_syscall_64+0x4c/0xa0
[  515.287311][ T9012]  ? clear_bhb_loop+0x60/0xb0
[  515.292107][ T9012]  ? clear_bhb_loop+0x60/0xb0
[  515.296813][ T9012]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  515.302742][ T9012] RIP: 0033:0x7f1797d8ebe9
[  515.307163][ T9012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.326859][ T9012] RSP: 002b:00007f1798cc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  515.335294][ T9012] RAX: ffffffffffffffda RBX: 00007f1797fc5fa0 RCX: 00007f1797d8ebe9
[  515.343449][ T9012] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000040
[  515.351428][ T9012] RBP: 00007f1798cc6090 R08: 0000000000000000 R09: 0000000000000000
[  515.359402][ T9012] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  515.367380][ T9012] R13: 00007f1797fc6038 R14: 00007f1797fc5fa0 R15: 00007ffe40e303f8
[  515.375372][ T9012]  </TASK>
[  515.388063][ T8977] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.1117 (8977)
[  515.450081][ T8977] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  515.522263][ T8977] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  515.556804][ T8977] BTRFS info (device loop1): using free space tree
[  515.807789][ T8977] BTRFS info (device loop1): enabling ssd optimizations
[  516.001906][ T8978] loop2: detected capacity change from 0 to 32768
[  516.037589][ T8978] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.1118 (8978)
[  516.086529][ T4266] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  516.311521][ T9044] tipc: Started in network mode
[  516.316490][ T9044] tipc: Node identity d27d6b72295b, cluster identity 4711
[  516.387345][ T9044] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  516.431669][ T9045] device syzkaller0 entered promiscuous mode
[  516.492494][ T4408] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by udevd (4408)
[  516.509190][ T9044] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1128'.
[  516.577905][ T9044] tipc: Resetting bearer <eth:syzkaller0>
[  516.691253][ T9042] tipc: Resetting bearer <eth:syzkaller0>
[  516.711970][ T9057] fuse: Unknown parameter 'd'
[  516.831666][ T9042] tipc: Disabling bearer <eth:syzkaller0>
[  516.873057][ T4267] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  517.718704][ T9057] loop2: detected capacity change from 0 to 32768
[  517.852953][ T9057] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  518.060213][ T4264] ocfs2: Unmounting device (7,2) on (node local)
[  518.110932][  T125] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  518.217386][ T9079] loop1: detected capacity change from 0 to 2364
[  518.300805][  T125] usb 4-1: Using ep0 maxpacket: 16
[  518.310468][  T125] usb 4-1: New USB device found, idVendor=2040, idProduct=d864, bcdDevice=37.62
[  518.349267][  T125] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.371062][  T125] usb 4-1: Product: syz
[  518.375293][  T125] usb 4-1: Manufacturer: syz
[  518.400268][  T125] usb 4-1: SerialNumber: syz
[  518.431311][  T125] usb 4-1: config 0 descriptor??
[  518.457257][  T125] usb 4-1: dvb_usb_v2: found a 'Hauppauge 138xxx DVBT' in warm state
[  518.510364][  T125] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  518.559004][  T125] dvbdev: DVB: registering new adapter (Hauppauge 138xxx DVBT)
[  518.581929][  T125] usb 4-1: media controller created
[  518.626072][  T125] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  518.778559][  T125] usb 4-1: selecting invalid altsetting 2
[  518.790698][  T125] set interface failed
[  518.791115][  T125] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  518.830692][  T125] error writing reg: 0xff, val: 0x00
[  518.893456][ T9067] loop3: detected capacity change from 0 to 8192
[  518.906319][  T125] dvb_usb_mxl111sf: probe of 4-1:0.0 failed with error -22
[  518.927132][ T9089] loop1: detected capacity change from 0 to 2048
[  518.957307][ T9067] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  518.982081][ T9067] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  519.028261][ T9089] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  519.069565][ T9067] REISERFS (device loop3): using ordered data mode
[  519.076661][ T9067] reiserfs: using flush barriers
[  519.090798][ T9067] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  519.124131][ T9067] REISERFS (device loop3): checking transaction log (loop3)
[  519.138116][ T9089] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  519.220527][ T9081] loop2: detected capacity change from 0 to 32768
[  519.346667][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  519.354846][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  519.362844][ T9094] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  519.410846][ T9094] dns_resolver: Unsupported server list version (0)
[  519.475003][ T9081] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  519.485576][ T9067] REISERFS (device loop3): Using tea hash to sort names
[  519.519277][ T9067] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  519.580080][ T9102] fuse: Unknown parameter 'd'
[  519.789002][ T4264] ocfs2: Unmounting device (7,2) on (node local)
[  520.175583][ T9104] loop2: detected capacity change from 0 to 512
[  520.225543][ T9104] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1146: bg 0: block 248: padding at end of block bitmap is not set
[  520.240987][ T9104] Quota error (device loop2): write_blk: dquota write failed
[  520.248393][ T9104] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  520.258625][ T9104] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.1146: Failed to acquire dquot type 1
[  520.276764][ T4429] usb 4-1: USB disconnect, device number 12
[  520.283860][ T9104] EXT4-fs (loop2): 1 truncate cleaned up
[  520.289545][ T9104] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  520.298998][ T9104] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  520.433200][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  520.566639][ T9099] loop0: detected capacity change from 0 to 32768
[  520.775186][ T9121] loop3: detected capacity change from 0 to 512
[  520.822228][ T9099] XFS (loop0): Mounting V5 Filesystem
[  520.854233][ T9121] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  520.893743][ T9121] ext4 filesystem being mounted at /228/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  520.977354][ T9099] XFS (loop0): Ending clean mount
[  521.019927][ T9099] XFS (loop0): Quotacheck needed: Please wait.
[  521.112864][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  521.134894][ T9099] XFS (loop0): Quotacheck: Done.
[  521.298406][ T9110] loop1: detected capacity change from 0 to 32768
[  521.387399][ T4265] XFS (loop0): Unmounting Filesystem
[  521.411073][ T9110] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  521.624097][ T4266] ocfs2: Unmounting device (7,1) on (node local)
[  521.929934][ T9148] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  521.945503][ T9148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  521.954365][ T9148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  521.983795][ T9147] FAULT_INJECTION: forcing a failure.
[  521.983795][ T9147] name failslab, interval 1, probability 0, space 0, times 0
[  522.027004][ T9150] dns_resolver: Unsupported server list version (0)
[  522.233275][ T9147] CPU: 0 PID: 9147 Comm: syz.3.1158 Not tainted syzkaller #0
[  522.240754][ T9147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  522.250843][ T9147] Call Trace:
[  522.254146][ T9147]  <TASK>
[  522.257102][ T9147]  dump_stack_lvl+0x168/0x22e
[  522.261904][ T9147]  ? show_regs_print_info+0x12/0x12
[  522.267132][ T9147]  ? load_image+0x3b0/0x3b0
[  522.271675][ T9147]  ? __lock_acquire+0x7c50/0x7c50
[  522.276739][ T9147]  should_fail_ex+0x399/0x4d0
[  522.281461][ T9147]  should_failslab+0x5/0x20
[  522.286006][ T9147]  slab_pre_alloc_hook+0x59/0x310
[  522.291164][ T9147]  ? lock_chain_count+0x20/0x20
[  522.296070][ T9147]  ? sock_kmalloc+0x92/0xf0
[  522.300630][ T9147]  __kmem_cache_alloc_node+0x4f/0x260
[  522.306031][ T9147]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  522.311696][ T9147]  ? sock_kmalloc+0x92/0xf0
[  522.316222][ T9147]  __kmalloc+0xa0/0x240
[  522.320417][ T9147]  sock_kmalloc+0x92/0xf0
[  522.324793][ T9147]  af_alg_alloc_areq+0x89/0x230
[  522.329696][ T9147]  aead_recvmsg+0x54d/0x1590
[  522.334357][ T9147]  ? aead_sendmsg+0x100/0x100
[  522.339072][ T9147]  ? mark_lock+0x94/0x320
[  522.343436][ T9147]  ? __lock_acquire+0x12e5/0x7c50
[  522.348701][ T9147]  ? __lock_acquire+0x12e5/0x7c50
[  522.353758][ T9147]  ? is_dynamic_key+0x260/0x260
[  522.358651][ T9147]  ? verify_lock_unused+0x140/0x140
[  522.363903][ T9147]  ? aa_label_sk_perm+0x3e7/0x500
[  522.369051][ T9147]  ? aa_sk_perm+0x920/0x920
[  522.373600][ T9147]  ? __might_sleep+0xd0/0xd0
[  522.378236][ T9147]  ? aa_file_perm+0x117/0xec0
[  522.382955][ T9147]  ? aa_sk_perm+0x7e5/0x920
[  522.387495][ T9147]  ? aa_af_perm+0x2b0/0x2b0
[  522.392037][ T9147]  ? aa_file_perm+0x3ef/0xec0
[  522.396751][ T9147]  ? verify_lock_unused+0x140/0x140
[  522.401990][ T9147]  ? bpf_lsm_socket_recvmsg+0x5/0x10
[  522.407399][ T9147]  ? security_socket_recvmsg+0x85/0xb0
[  522.412893][ T9147]  sock_read_iter+0x2bf/0x370
[  522.417612][ T9147]  ? kernel_sock_ip_overhead+0x590/0x590
[  522.423297][ T9147]  ? common_file_perm+0x171/0x1c0
[  522.428383][ T9147]  ? fsnotify_perm+0x248/0x550
[  522.433192][ T9147]  vfs_read+0x434/0x920
[  522.437399][ T9147]  ? kernel_read+0x1e0/0x1e0
[  522.442137][ T9147]  ? __fget_files+0x44a/0x4d0
[  522.446876][ T9147]  ? __fdget_pos+0x1d4/0x360
[  522.451509][ T9147]  ? ksys_read+0x71/0x240
[  522.455876][ T9147]  ksys_read+0x143/0x240
[  522.460153][ T9147]  ? vfs_write+0x960/0x960
[  522.464606][ T9147]  ? lockdep_hardirqs_on+0x94/0x140
[  522.469839][ T9147]  do_syscall_64+0x4c/0xa0
[  522.474302][ T9147]  ? clear_bhb_loop+0x60/0xb0
[  522.479008][ T9147]  ? clear_bhb_loop+0x60/0xb0
[  522.483735][ T9147]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  522.489666][ T9147] RIP: 0033:0x7f7e7078ebe9
[  522.494118][ T9147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.514105][ T9147] RSP: 002b:00007f7e715cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  522.522555][ T9147] RAX: ffffffffffffffda RBX: 00007f7e709c5fa0 RCX: 00007f7e7078ebe9
[  522.530560][ T9147] RDX: 0000000000000023 RSI: 0000200000000000 RDI: 0000000000000004
[  522.538643][ T9147] RBP: 00007f7e715cc090 R08: 0000000000000000 R09: 0000000000000000
[  522.546651][ T9147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.554652][ T9147] R13: 00007f7e709c6038 R14: 00007f7e709c5fa0 R15: 00007ffd96a09f38
[  522.563106][ T9147]  </TASK>
[  522.905017][ T9152] loop2: detected capacity change from 0 to 512
[  522.986475][ T9152] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1159: bg 0: block 248: padding at end of block bitmap is not set
[  523.001433][ T9152] Quota error (device loop2): write_blk: dquota write failed
[  523.008837][ T9152] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  523.019264][ T9152] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.1159: Failed to acquire dquot type 1
[  523.032155][ T9152] EXT4-fs (loop2): 1 truncate cleaned up
[  523.037851][ T9152] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  523.047005][ T9152] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  523.089716][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  523.234047][ T9158] fuse: Unknown parameter 'd'
[  523.252705][ T9156] loop0: detected capacity change from 0 to 512
[  523.541184][ T9158] loop1: detected capacity change from 0 to 32768
[  523.581906][ T9156] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  523.591042][ T9156] ext4 filesystem being mounted at /217/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  523.603990][ T9156] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1154: bg 0: block 217: padding at end of block bitmap is not set
[  523.674201][ T9158] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  523.696176][   T27] audit: type=1804 audit(1756641614.034:43): pid=9158 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1160" name="/newroot/212/file1/file1" dev="loop1" ino=9553 res=1 errno=0
[  523.797257][ T9173] loop8: detected capacity change from 0 to 8
[  523.808874][ T9171] loop2: detected capacity change from 0 to 128
[  523.844546][ T9171] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  523.854105][ T9171] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  524.002577][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  524.017730][ T4266] ocfs2: Unmounting device (7,1) on (node local)
[  524.067148][ T9173] Dev loop8: unable to read RDB block 8
[  524.095320][ T9173]  loop8: unable to read partition table
[  524.141024][ T9173] loop8: partition table beyond EOD, truncated
[  524.179337][ T9173] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[  524.308721][ T9179] FAULT_INJECTION: forcing a failure.
[  524.308721][ T9179] name failslab, interval 1, probability 0, space 0, times 0
[  524.343423][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  524.428061][ T9179] CPU: 0 PID: 9179 Comm: syz.0.1166 Not tainted syzkaller #0
[  524.435518][ T9179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  524.445877][ T9179] Call Trace:
[  524.449184][ T9179]  <TASK>
[  524.452248][ T9179]  dump_stack_lvl+0x168/0x22e
[  524.456970][ T9179]  ? show_regs_print_info+0x12/0x12
[  524.462211][ T9179]  ? load_image+0x3b0/0x3b0
[  524.466758][ T9179]  ? __might_sleep+0xd0/0xd0
[  524.471396][ T9179]  ? __lock_acquire+0x7c50/0x7c50
[  524.476473][ T9179]  should_fail_ex+0x399/0x4d0
[  524.481206][ T9179]  should_failslab+0x5/0x20
[  524.485780][ T9179]  slab_pre_alloc_hook+0x59/0x310
[  524.490858][ T9179]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[  524.496737][ T9179]  __kmem_cache_alloc_node+0x4f/0x260
[  524.501640][ T9181] loop3: detected capacity change from 0 to 1024
[  524.502139][ T9179]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[  524.514223][ T9179]  __kmalloc+0xa0/0x240
[  524.518425][ T9179]  tomoyo_realpath_from_path+0xdf/0x5d0
[  524.524045][ T9179]  tomoyo_path_number_perm+0x1e3/0x600
[  524.529541][ T9179]  ? tomoyo_path_number_perm+0x1b6/0x600
[  524.535221][ T9179]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  524.540737][ T9179]  ? ksys_write+0x1bd/0x240
[  524.545287][ T9179]  ? common_file_perm+0x171/0x1c0
[  524.550403][ T9179]  ? __fget_files+0x28/0x4d0
[  524.555088][ T9179]  security_file_ioctl+0x6c/0xa0
[  524.560161][ T9179]  __se_sys_ioctl+0x48/0x170
[  524.564818][ T9179]  do_syscall_64+0x4c/0xa0
[  524.569277][ T9179]  ? clear_bhb_loop+0x60/0xb0
[  524.573985][ T9179]  ? clear_bhb_loop+0x60/0xb0
[  524.578695][ T9179]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  524.584633][ T9179] RIP: 0033:0x7f1797d8ebe9
[  524.589103][ T9179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.608854][ T9179] RSP: 002b:00007f1798cc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  524.617319][ T9179] RAX: ffffffffffffffda RBX: 00007f1797fc5fa0 RCX: 00007f1797d8ebe9
[  524.625438][ T9179] RDX: 0000200000000480 RSI: 0000000000004c0a RDI: 0000000000000003
[  524.631331][ T9183] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1168'.
[  524.633431][ T9179] RBP: 00007f1798cc6090 R08: 0000000000000000 R09: 0000000000000000
[  524.650380][ T9179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.658400][ T9179] R13: 00007f1797fc6038 R14: 00007f1797fc5fa0 R15: 00007ffe40e303f8
[  524.666521][ T9179]  </TASK>
[  524.684378][ T9181] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  524.719770][ T9181] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  524.852347][ T9181] EXT4-fs (loop3): invalid journal inode
[  524.858144][ T9181] EXT4-fs (loop3): can't get journal size
[  524.865320][ T9179] ERROR: Out of memory at tomoyo_realpath_from_path.
[  524.875039][ T9181] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  524.885321][ T9179] loop8: detected capacity change from 0 to 8
[  524.925203][ T4408] Dev loop8: unable to read RDB block 8
[  524.930972][ T4408]  loop8: unable to read partition table
[  524.945881][ T4408] loop8: partition table beyond EOD, truncated
[  524.961422][ T9179] Dev loop8: unable to read RDB block 8
[  524.991148][ T9181] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 37: comm syz.3.1169: path /234/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  525.010779][ T9179]  loop8: unable to read partition table
[  525.030255][ T9179] loop8: partition table beyond EOD, truncated
[  525.037922][ T9181] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.1169: path /234/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=511, rec_len=65535, size=1024 fake=0
[  525.070746][ T9179] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[  525.250075][ T9177] loop1: detected capacity change from 0 to 32768
[  525.326111][ T9189] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1170'.
[  525.341659][ T9177] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  525.551417][ T4266] ocfs2: Unmounting device (7,1) on (node local)
[  525.732391][ T9201] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  525.771802][ T9201] device syzkaller0 entered promiscuous mode
[  525.881201][ T9206] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1172'.
[  525.921025][ T9200] tipc: Resetting bearer <eth:syzkaller0>
[  526.002674][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  526.065962][ T9200] tipc: Disabling bearer <eth:syzkaller0>
[  526.448859][ T9209] loop0: detected capacity change from 0 to 512
[  526.522236][ T9209] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  526.531279][ T9209] ext4 filesystem being mounted at /221/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  526.553704][ T9209] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1177: bg 0: block 217: padding at end of block bitmap is not set
[  526.754655][ T9217] loop1: detected capacity change from 0 to 128
[  526.801640][ T9217] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  526.811431][ T9217] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  527.111649][ T9222] loop3: detected capacity change from 0 to 1
[  527.126311][ T9222] Dev loop3: unable to read RDB block 1
[  527.132319][ T9222]  loop3: unable to read partition table
[  527.139066][ T9222] loop3: partition table beyond EOD, truncated
[  527.145525][ T9222] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5)
[  527.732260][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  527.913082][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  527.983392][ T9226] FAULT_INJECTION: forcing a failure.
[  527.983392][ T9226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  528.068299][ T9226] CPU: 0 PID: 9226 Comm: syz.3.1182 Not tainted syzkaller #0
[  528.075940][ T9226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  528.086043][ T9226] Call Trace:
[  528.089372][ T9226]  <TASK>
[  528.092435][ T9226]  dump_stack_lvl+0x168/0x22e
[  528.097173][ T9226]  ? show_regs_print_info+0x12/0x12
[  528.102505][ T9226]  ? load_image+0x3b0/0x3b0
[  528.107073][ T9226]  ? __lock_acquire+0x7c50/0x7c50
[  528.112140][ T9226]  ? verify_lock_unused+0x140/0x140
[  528.117390][ T9226]  should_fail_ex+0x399/0x4d0
[  528.122129][ T9226]  _copy_from_user+0x2c/0x170
[  528.126851][ T9226]  ___sys_sendmsg+0x155/0x290
[  528.131574][ T9226]  ? __sys_sendmsg+0x270/0x270
[  528.136436][ T9226]  ? __lock_acquire+0x7c50/0x7c50
[  528.141516][ T9226]  ? __fdget+0x17c/0x200
[  528.145794][ T9226]  __se_sys_sendmsg+0x19e/0x270
[  528.150676][ T9226]  ? __x64_sys_sendmsg+0x80/0x80
[  528.155669][ T9226]  ? lockdep_hardirqs_on+0x94/0x140
[  528.160905][ T9226]  do_syscall_64+0x4c/0xa0
[  528.165349][ T9226]  ? clear_bhb_loop+0x60/0xb0
[  528.170052][ T9226]  ? clear_bhb_loop+0x60/0xb0
[  528.174937][ T9226]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  528.180869][ T9226] RIP: 0033:0x7f7e7078ebe9
[  528.185324][ T9226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  528.204972][ T9226] RSP: 002b:00007f7e715cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  528.213432][ T9226] RAX: ffffffffffffffda RBX: 00007f7e709c5fa0 RCX: 00007f7e7078ebe9
[  528.221524][ T9226] RDX: 0000000020004804 RSI: 0000200000000000 RDI: 0000000000000004
[  528.229546][ T9226] RBP: 00007f7e715cc090 R08: 0000000000000000 R09: 0000000000000000
[  528.237556][ T9226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  528.245591][ T9226] R13: 00007f7e709c6038 R14: 00007f7e709c5fa0 R15: 00007ffd96a09f38
[  528.253702][ T9226]  </TASK>
[  528.576465][ T9238] loop1: detected capacity change from 0 to 32768
[  528.698964][ T9238] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  528.773910][ T9252] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  529.035346][ T9249] device syzkaller0 entered promiscuous mode
[  529.146542][ T9252] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1188'.
[  529.200274][ T9255] loop0: detected capacity change from 0 to 512
[  529.234022][ T9247] tipc: Resetting bearer <eth:syzkaller0>
[  529.259477][ T4266] ocfs2: Unmounting device (7,1) on (node local)
[  529.301445][ T9255] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1189: bg 0: block 248: padding at end of block bitmap is not set
[  529.318228][ T9255] Quota error (device loop0): write_blk: dquota write failed
[  529.325762][ T9255] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  529.337015][ T9255] EXT4-fs error (device loop0): ext4_acquire_dquot:6816: comm syz.0.1189: Failed to acquire dquot type 1
[  529.351364][ T9255] EXT4-fs (loop0): 1 truncate cleaned up
[  529.357017][ T9255] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  529.365998][ T9255] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  529.399939][ T9247] tipc: Disabling bearer <eth:syzkaller0>
[  529.458434][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  529.701793][ T9272] loop0: detected capacity change from 0 to 512
[  529.778231][ T9272] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  529.787333][ T9272] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  529.800922][ T9050] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  529.823458][ T9268] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1192: bg 0: block 217: padding at end of block bitmap is not set
[  530.033876][ T9050] usb 2-1: device descriptor read/64, error -71
[  530.047330][ T9271] loop3: detected capacity change from 0 to 4096
[  530.138480][ T9279] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  530.340800][ T9050] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  530.373886][ T9282] loop2: detected capacity change from 0 to 512
[  530.478587][ T9271] FAULT_INJECTION: forcing a failure.
[  530.478587][ T9271] name failslab, interval 1, probability 0, space 0, times 0
[  530.494459][ T9271] CPU: 1 PID: 9271 Comm: syz.3.1193 Not tainted syzkaller #0
[  530.501976][ T9271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  530.512077][ T9271] Call Trace:
[  530.515462][ T9271]  <TASK>
[  530.518418][ T9271]  dump_stack_lvl+0x168/0x22e
[  530.523119][ T9271]  ? show_regs_print_info+0x12/0x12
[  530.528359][ T9271]  ? load_image+0x3b0/0x3b0
[  530.532977][ T9271]  ? __might_sleep+0xd0/0xd0
[  530.537606][ T9271]  ? __lock_acquire+0x7c50/0x7c50
[  530.542751][ T9271]  should_fail_ex+0x399/0x4d0
[  530.547446][ T9271]  should_failslab+0x5/0x20
[  530.551961][ T9271]  slab_pre_alloc_hook+0x59/0x310
[  530.556989][ T9271]  ? file_end_write+0x156/0x250
[  530.561852][ T9271]  kmem_cache_alloc+0x56/0x2f0
[  530.566632][ T9271]  ? getname_flags+0xb7/0x500
[  530.571335][ T9271]  getname_flags+0xb7/0x500
[  530.575852][ T9271]  do_sys_openat2+0xcf/0x490
[  530.580465][ T9271]  ? do_sys_open+0xe0/0xe0
[  530.584897][ T9271]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  530.590929][ T9271]  ? lock_chain_count+0x20/0x20
[  530.595794][ T9271]  __x64_sys_openat+0x135/0x160
[  530.600655][ T9271]  do_syscall_64+0x4c/0xa0
[  530.605074][ T9271]  ? clear_bhb_loop+0x60/0xb0
[  530.609772][ T9271]  ? clear_bhb_loop+0x60/0xb0
[  530.614489][ T9271]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  530.620409][ T9271] RIP: 0033:0x7f7e7078ebe9
[  530.624921][ T9271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  530.644537][ T9271] RSP: 002b:00007f7e715cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  530.652960][ T9271] RAX: ffffffffffffffda RBX: 00007f7e709c5fa0 RCX: 00007f7e7078ebe9
[  530.660941][ T9271] RDX: 0000000000141242 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  530.668924][ T9271] RBP: 00007f7e715cc090 R08: 0000000000000000 R09: 0000000000000000
[  530.676905][ T9271] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  530.684889][ T9271] R13: 00007f7e709c6038 R14: 00007f7e709c5fa0 R15: 00007ffd96a09f38
[  530.692972][ T9271]  </TASK>
[  530.698461][ T9050] usb 2-1: device descriptor read/64, error -71
[  530.724025][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  530.820964][ T9050] usb usb2-port1: attempt power cycle
[  530.850132][ T9271] syz.3.1193 (9271) used greatest stack depth: 19168 bytes left
[  530.976508][ T9288] loop0: detected capacity change from 0 to 2048
[  531.001795][ T9288] NILFS (loop0): couldn't find nilfs on the device
[  531.076529][ T4408] udevd[4408]: incorrect nilfs2 checksum on /dev/loop0
[  531.230825][ T9050] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  531.249325][ T9282] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  531.270309][ T9282] ext4 filesystem being mounted at /245/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  531.282025][ T9050] usb 2-1: device descriptor read/8, error -71
[  531.553912][ T9288] loop0: detected capacity change from 0 to 32768
[  531.565938][ T9281] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1195: bg 0: block 217: padding at end of block bitmap is not set
[  531.580816][ T9050] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  531.611453][ T9050] usb 2-1: device descriptor read/8, error -71
[  531.741110][ T9050] usb usb2-port1: unable to enumerate USB device
[  531.757080][ T4762] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop0 scanned by udevd (4762)
[  531.833702][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  531.958836][ T9295] loop3: detected capacity change from 0 to 128
[  531.973870][ T9295] EXT4-fs: Ignoring removed orlov option
[  532.044121][ T9295] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  532.056969][ T9310] loop2: detected capacity change from 0 to 512
[  532.082904][ T9295] ext4 filesystem being mounted at /240/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  532.093269][ T9310] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1202: bg 0: block 248: padding at end of block bitmap is not set
[  532.136208][ T9310] Quota error (device loop2): write_blk: dquota write failed
[  532.143726][ T9310] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  532.153833][ T9310] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.1202: Failed to acquire dquot type 1
[  532.170118][ T9310] EXT4-fs (loop2): 1 truncate cleaned up
[  532.176427][ T9310] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  532.185536][ T9310] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  532.230766][ T8956] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  532.254275][ T9295] EXT4-fs (loop3): shut down requested (1)
[  532.278303][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  532.390770][ T8956] usb 1-1: device descriptor read/64, error -71
[  532.670893][ T8956] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  532.815068][ T9318] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  532.840889][ T8956] usb 1-1: device descriptor read/64, error -71
[  532.925186][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  532.961046][ T8956] usb usb1-port1: attempt power cycle
[  532.986018][ T9324] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1203'.
[  534.170320][ T9331] fuse: Unknown parameter 'd'
[  534.382331][ T8956] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  534.610763][ T8956] usb 1-1: device not accepting address 17, error -71
[  534.721666][ T9342] FAULT_INJECTION: forcing a failure.
[  534.721666][ T9342] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  534.819280][ T9347] FAULT_INJECTION: forcing a failure.
[  534.819280][ T9347] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  534.832677][ T9347] CPU: 0 PID: 9347 Comm: syz.0.1210 Not tainted syzkaller #0
[  534.840146][ T9347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  534.850236][ T9347] Call Trace:
[  534.853552][ T9347]  <TASK>
[  534.856597][ T9347]  dump_stack_lvl+0x168/0x22e
[  534.861309][ T9347]  ? show_regs_print_info+0x12/0x12
[  534.866540][ T9347]  ? load_image+0x3b0/0x3b0
[  534.871081][ T9347]  ? __lock_acquire+0x7c50/0x7c50
[  534.876158][ T9347]  ? verify_lock_unused+0x140/0x140
[  534.881407][ T9347]  should_fail_ex+0x399/0x4d0
[  534.886220][ T9347]  _copy_from_user+0x2c/0x170
[  534.890936][ T9347]  ___sys_sendmsg+0x155/0x290
[  534.895674][ T9347]  ? __sys_sendmsg+0x270/0x270
[  534.900609][ T9347]  ? __fdget+0x17c/0x200
[  534.904973][ T9347]  __se_sys_sendmsg+0x19e/0x270
[  534.909886][ T9347]  ? release_firmware_map_entry+0x18a/0x18a
[  534.916033][ T9347]  ? __x64_sys_sendmsg+0x80/0x80
[  534.921197][ T9347]  ? lockdep_hardirqs_on+0x94/0x140
[  534.926446][ T9347]  do_syscall_64+0x4c/0xa0
[  534.930895][ T9347]  ? clear_bhb_loop+0x60/0xb0
[  534.935625][ T9347]  ? clear_bhb_loop+0x60/0xb0
[  534.940327][ T9347]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  534.946345][ T9347] RIP: 0033:0x7f1797d8ebe9
[  534.950878][ T9347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.970606][ T9347] RSP: 002b:00007f1798c84038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  534.979053][ T9347] RAX: ffffffffffffffda RBX: 00007f1797fc6180 RCX: 00007f1797d8ebe9
[  534.987134][ T9347] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  534.995140][ T9347] RBP: 00007f1798c84090 R08: 0000000000000000 R09: 0000000000000000
[  535.003137][ T9347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.011217][ T9347] R13: 00007f1797fc6218 R14: 00007f1797fc6180 R15: 00007ffe40e303f8
[  535.019242][ T9347]  </TASK>
[  535.605838][ T9350] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  535.614917][ T9342] CPU: 1 PID: 9342 Comm: syz.2.1208 Not tainted syzkaller #0
[  535.622615][ T9342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  535.632699][ T9342] Call Trace:
[  535.636001][ T9342]  <TASK>
[  535.639013][ T9342]  dump_stack_lvl+0x168/0x22e
[  535.643733][ T9342]  ? show_regs_print_info+0x12/0x12
[  535.648960][ T9342]  ? load_image+0x3b0/0x3b0
[  535.653506][ T9342]  ? __lock_acquire+0x7c50/0x7c50
[  535.658577][ T9342]  ? snprintf+0xd7/0x120
[  535.662866][ T9342]  should_fail_ex+0x399/0x4d0
[  535.667601][ T9342]  _copy_to_user+0x2c/0x130
[  535.672142][ T9342]  simple_read_from_buffer+0xe3/0x150
[  535.677733][ T9342]  proc_fail_nth_read+0x19a/0x210
[  535.682888][ T9342]  ? proc_fault_inject_write+0x2f0/0x2f0
[  535.688635][ T9342]  ? fsnotify_perm+0x248/0x550
[  535.693439][ T9342]  ? proc_fault_inject_write+0x2f0/0x2f0
[  535.699200][ T9342]  vfs_read+0x2c0/0x920
[  535.703418][ T9342]  ? kernel_read+0x1e0/0x1e0
[  535.708141][ T9342]  ? __fget_files+0x28/0x4d0
[  535.715206][ T9342]  ? __fget_files+0x44a/0x4d0
[  535.719932][ T9342]  ? __fdget_pos+0x2ae/0x360
[  535.724649][ T9342]  ? ksys_read+0x71/0x240
[  535.729020][ T9342]  ksys_read+0x143/0x240
[  535.733300][ T9342]  ? vfs_write+0x960/0x960
[  535.737760][ T9342]  ? lockdep_hardirqs_on+0x94/0x140
[  535.743088][ T9342]  do_syscall_64+0x4c/0xa0
[  535.747556][ T9342]  ? clear_bhb_loop+0x60/0xb0
[  535.752270][ T9342]  ? clear_bhb_loop+0x60/0xb0
[  535.756984][ T9342]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  535.762924][ T9342] RIP: 0033:0x7f206c38d5fc
[  535.767386][ T9342] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  535.787228][ T9342] RSP: 002b:00007f206a5d5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  535.795773][ T9342] RAX: ffffffffffffffda RBX: 00007f206c5c6090 RCX: 00007f206c38d5fc
[  535.803788][ T9342] RDX: 000000000000000f RSI: 00007f206a5d50a0 RDI: 0000000000000004
[  535.811886][ T9342] RBP: 00007f206a5d5090 R08: 0000000000000000 R09: 0000000000000000
[  535.819981][ T9342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.827995][ T9342] R13: 00007f206c5c6128 R14: 00007f206c5c6090 R15: 00007ffe78ec7258
[  535.836033][ T9342]  </TASK>
[  535.880173][ T9352] overlayfs: missing 'workdir'
[  535.950494][ T9352] overlayfs: failed to resolve './file1': -2
[  535.966515][ T9357] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  536.030083][ T9358] dns_resolver: Unsupported server list version (0)
[  536.296718][ T9352] overlayfs: failed to clone upperpath
[  536.839810][ T9363] loop1: detected capacity change from 0 to 512
[  537.046245][ T9367] loop2: detected capacity change from 0 to 512
[  537.917842][ T9367] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1214: bg 0: block 248: padding at end of block bitmap is not set
[  537.934334][ T9367] Quota error (device loop2): write_blk: dquota write failed
[  537.943443][ T9367] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  537.954068][ T9367] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.1214: Failed to acquire dquot type 1
[  537.981422][ T9367] EXT4-fs (loop2): 1 truncate cleaned up
[  537.987473][ T9367] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  537.997260][ T9367] ext4 filesystem being mounted at /249/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  538.153009][ T9363] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  538.248969][ T9363] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  538.413533][ T9375] binder: 9373:9375 ioctl c0306201 200000000180 returned -22
[  538.621184][ T9372] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  538.629750][ T9372] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  538.637420][ T9372] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  538.667976][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  538.732069][ T9372] dns_resolver: Unsupported server list version (0)
[  538.877651][ T9383] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  538.891324][ T9383] device syzkaller0 entered promiscuous mode
[  538.944088][ T9383] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1218'.
[  538.989314][ T9383] tipc: Resetting bearer <eth:syzkaller0>
[  539.007812][ T9380] tipc: Resetting bearer <eth:syzkaller0>
[  539.078866][ T9380] tipc: Disabling bearer <eth:syzkaller0>
[  539.112148][ T9377] loop3: detected capacity change from 0 to 32768
[  539.493432][ T9377] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  539.760740][ T9377] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  539.845562][ T9377] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  539.931312][ T9377] BTRFS info (device loop3): use zstd compression, level 3
[  539.943806][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  540.029600][ T9377] BTRFS info (device loop3): using free space tree
[  540.107631][ T9391] overlayfs: filesystem on './file0' not supported as upperdir
[  540.241035][ T9396] FAULT_INJECTION: forcing a failure.
[  540.241035][ T9396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  540.254484][ T9396] CPU: 0 PID: 9396 Comm: syz.0.1221 Not tainted syzkaller #0
[  540.261889][ T9396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  540.271974][ T9396] Call Trace:
[  540.275278][ T9396]  <TASK>
[  540.278238][ T9396]  dump_stack_lvl+0x168/0x22e
[  540.282948][ T9396]  ? show_regs_print_info+0x12/0x12
[  540.288175][ T9396]  ? load_image+0x3b0/0x3b0
[  540.292712][ T9396]  ? __lock_acquire+0x7c50/0x7c50
[  540.297757][ T9396]  ? aa_label_sk_perm+0x3e7/0x500
[  540.302810][ T9396]  should_fail_ex+0x399/0x4d0
[  540.307518][ T9396]  _copy_from_user+0x2c/0x170
[  540.312221][ T9396]  copy_from_sockptr+0x69/0x80
[  540.317018][ T9396]  packet_setsockopt+0x78a/0x1140
[  540.322076][ T9396]  ? packet_ioctl+0x240/0x240
[  540.326790][ T9396]  ? aa_sk_perm+0x5b7/0x920
[  540.331312][ T9396]  ? aa_sk_perm+0x7e5/0x920
[  540.335851][ T9396]  ? __fget_files+0x44a/0x4d0
[  540.340554][ T9396]  ? aa_sock_opt_perm+0x74/0x100
[  540.345512][ T9396]  ? bpf_lsm_socket_setsockopt+0x5/0x10
[  540.351077][ T9396]  ? security_socket_setsockopt+0x7a/0xa0
[  540.356822][ T9396]  ? packet_ioctl+0x240/0x240
[  540.361526][ T9396]  __sys_setsockopt+0x2bf/0x3d0
[  540.366403][ T9396]  __x64_sys_setsockopt+0xb1/0xc0
[  540.371458][ T9396]  do_syscall_64+0x4c/0xa0
[  540.375903][ T9396]  ? clear_bhb_loop+0x60/0xb0
[  540.380602][ T9396]  ? clear_bhb_loop+0x60/0xb0
[  540.385305][ T9396]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  540.391411][ T9396] RIP: 0033:0x7f1797d8ebe9
[  540.395847][ T9396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.415495][ T9396] RSP: 002b:00007f1798c84038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  540.423962][ T9396] RAX: ffffffffffffffda RBX: 00007f1797fc6180 RCX: 00007f1797d8ebe9
[  540.431965][ T9396] RDX: 000000000000000f RSI: 0000000000000107 RDI: 0000000000000005
[  540.439967][ T9396] RBP: 00007f1798c84090 R08: 0000000000000004 R09: 0000000000000000
[  540.447972][ T9396] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.455973][ T9396] R13: 00007f1797fc6218 R14: 00007f1797fc6180 R15: 00007ffe40e303f8
[  540.464097][ T9396]  </TASK>
[  540.917916][ T9400] loop1: detected capacity change from 0 to 64
[  541.048686][ T9400] FAULT_INJECTION: forcing a failure.
[  541.048686][ T9400] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  541.104286][ T9400] CPU: 1 PID: 9400 Comm: syz.1.1223 Not tainted syzkaller #0
[  541.111751][ T9400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  541.122988][ T9400] Call Trace:
[  541.126310][ T9400]  <TASK>
[  541.129279][ T9400]  dump_stack_lvl+0x168/0x22e
[  541.134016][ T9400]  ? show_regs_print_info+0x12/0x12
[  541.139280][ T9400]  ? load_image+0x3b0/0x3b0
[  541.143840][ T9400]  ? __lock_acquire+0x7c50/0x7c50
[  541.148934][ T9400]  should_fail_ex+0x399/0x4d0
[  541.153663][ T9400]  prepare_alloc_pages+0x1e2/0x5f0
[  541.158831][ T9400]  __alloc_pages+0x123/0x4e0
[  541.163480][ T9400]  ? zone_statistics+0x170/0x170
[  541.168497][ T9400]  folio_alloc+0x1c/0x60
[  541.172788][ T9400]  filemap_alloc_folio+0xdb/0x460
[  541.177853][ T9400]  ? __filemap_get_folio+0xf0/0xdd0
[  541.183102][ T9400]  ? filemap_add_folio+0x3c0/0x3c0
[  541.188258][ T9400]  ? __lock_acquire+0x7c50/0x7c50
[  541.193504][ T9400]  ? xas_start+0x3d1/0x770
[  541.197974][ T9400]  ? xas_load+0x119/0x140
[  541.202346][ T9400]  __filemap_get_folio+0x697/0xdd0
[  541.207496][ T9400]  ? __filemap_get_folio+0xf0/0xdd0
[  541.212826][ T9400]  ? page_cache_prev_miss+0x350/0x350
[  541.218239][ T9400]  ? mark_lock+0x94/0x320
[  541.222614][ T9400]  pagecache_get_page+0x26/0x250
[  541.227597][ T9400]  ? hfs_free_extents+0x430/0x430
[  541.232747][ T9400]  block_write_begin+0x2c/0x1e0
[  541.237642][ T9400]  ? hfs_free_extents+0x430/0x430
[  541.242714][ T9400]  cont_write_begin+0x5c4/0x7d0
[  541.247623][ T9400]  ? generic_cont_expand_simple+0x1f0/0x1f0
[  541.253859][ T9400]  ? fault_in_readable+0x139/0x1f0
[  541.259014][ T9400]  ? fault_in_readable+0x13e/0x1f0
[  541.264267][ T9400]  hfs_write_begin+0x87/0xd0
[  541.268949][ T9400]  ? hfs_free_extents+0x430/0x430
[  541.274029][ T9400]  generic_perform_write+0x2db/0x560
[  541.279374][ T9400]  ? __mark_inode_dirty+0x414/0xf40
[  541.284637][ T9400]  ? generic_file_direct_write+0x660/0x660
[  541.290578][ T9400]  ? __file_remove_privs+0x5b0/0x5b0
[  541.295903][ T9400]  ? preempt_count_add+0x8d/0x190
[  541.301141][ T9400]  ? rwsem_write_trylock+0x12f/0x1b0
[  541.306556][ T9400]  ? clear_nonspinnable+0x60/0x60
[  541.311633][ T9400]  ? generic_write_checks_count+0x3d9/0x4c0
[  541.317667][ T9400]  __generic_file_write_iter+0x172/0x430
[  541.323350][ T9400]  generic_file_write_iter+0xab/0x2e0
[  541.328777][ T9400]  vfs_write+0x44c/0x960
[  541.333078][ T9400]  ? file_end_write+0x250/0x250
[  541.337982][ T9400]  ? __fget_files+0x44a/0x4d0
[  541.342970][ T9400]  ? __fdget_pos+0x2ae/0x360
[  541.347777][ T9400]  ? ksys_write+0x71/0x240
[  541.352242][ T9400]  ksys_write+0x143/0x240
[  541.356709][ T9400]  ? __ia32_sys_read+0x80/0x80
[  541.361521][ T9400]  ? lockdep_hardirqs_on+0x94/0x140
[  541.366849][ T9400]  do_syscall_64+0x4c/0xa0
[  541.371297][ T9400]  ? clear_bhb_loop+0x60/0xb0
[  541.376197][ T9400]  ? clear_bhb_loop+0x60/0xb0
[  541.381027][ T9400]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  541.386975][ T9400] RIP: 0033:0x7fe9c198ebe9
[  541.391430][ T9400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.411172][ T9400] RSP: 002b:00007fe9c279f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  541.419635][ T9400] RAX: ffffffffffffffda RBX: 00007fe9c1bc5fa0 RCX: 00007fe9c198ebe9
[  541.427651][ T9400] RDX: 000000000000fefc RSI: 0000200000000180 RDI: 0000000000000004
[  541.435698][ T9400] RBP: 00007fe9c279f090 R08: 0000000000000000 R09: 0000000000000000
[  541.443802][ T9400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  541.451817][ T9400] R13: 00007fe9c1bc6038 R14: 00007fe9c1bc5fa0 R15: 00007ffc4536eed8
[  541.459850][ T9400]  </TASK>
[  541.507823][ T9417] loop0: detected capacity change from 0 to 512
[  541.587771][ T9417] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.1226: casefold flag without casefold feature
[  541.624761][ T9417] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1226: couldn't read orphan inode 15 (err -117)
[  541.731474][ T9417] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  541.784476][ T9377] BTRFS error (device loop3): open_ctree failed: -22
[  541.821535][ T9417] overlayfs: missing 'workdir'
[  542.036801][ T9417] overlayfs: failed to resolve './file1': -2
[  542.527682][ T9430] fuse: Unknown parameter 'd'
[  542.581785][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  542.708804][ T9432] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  542.786192][ T9434] dns_resolver: Unsupported server list version (0)
[  544.010335][ T9435] loop1: detected capacity change from 0 to 128
[  544.082119][ T9435] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  544.091605][ T9435] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  544.302994][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  544.365706][ T9444] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  544.421000][ T9444] device syzkaller0 entered promiscuous mode
[  544.546834][ T9445] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1233'.
[  544.611917][ T9447] loop1: detected capacity change from 0 to 512
[  544.623683][ T9444] tipc: Resetting bearer <eth:syzkaller0>
[  544.647543][ T9443] tipc: Resetting bearer <eth:syzkaller0>
[  544.701625][ T9443] tipc: Disabling bearer <eth:syzkaller0>
[  544.713727][ T9447] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  544.744598][ T9447] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  544.971636][ T9453] loop3: detected capacity change from 0 to 64
[  545.138544][ T9441] loop2: detected capacity change from 0 to 32768
[  545.220258][ T9453] hfs: unable to load codepage "WFǐ�{O�s[p����cp936"
[  545.235694][ T9453] hfs: unable to parse mount options
[  545.244883][ T9441] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  545.419117][ T9449] loop0: detected capacity change from 0 to 32768
[  545.449717][ T4264] ocfs2: Unmounting device (7,2) on (node local)
[  545.467099][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  545.598657][ T9449] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  545.633421][ T9467] FAULT_INJECTION: forcing a failure.
[  545.633421][ T9467] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  545.740768][ T9467] CPU: 1 PID: 9467 Comm: syz.2.1238 Not tainted syzkaller #0
[  545.748318][ T9467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  545.758517][ T9467] Call Trace:
[  545.761847][ T9467]  <TASK>
[  545.764805][ T9467]  dump_stack_lvl+0x168/0x22e
[  545.769523][ T9467]  ? show_regs_print_info+0x12/0x12
[  545.774787][ T9467]  ? load_image+0x3b0/0x3b0
[  545.779429][ T9467]  ? __lock_acquire+0x7c50/0x7c50
[  545.784509][ T9467]  should_fail_ex+0x399/0x4d0
[  545.789302][ T9467]  _copy_from_user+0x2c/0x170
[  545.794029][ T9467]  core_sys_select+0x4d0/0x8b0
[  545.798878][ T9467]  ? poll_select_set_timeout+0x150/0x150
[  545.804563][ T9467]  ? sigprocmask+0x190/0x190
[  545.809180][ T9467]  ? __fget_files+0x44a/0x4d0
[  545.813883][ T9467]  __se_sys_pselect6+0x2ed/0x3a0
[  545.818860][ T9467]  ? __x64_sys_pselect6+0xf0/0xf0
[  545.823928][ T9467]  ? __x64_sys_pselect6+0x1d/0xf0
[  545.828996][ T9467]  do_syscall_64+0x4c/0xa0
[  545.833444][ T9467]  ? clear_bhb_loop+0x60/0xb0
[  545.838130][ T9467]  ? clear_bhb_loop+0x60/0xb0
[  545.842819][ T9467]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  545.848760][ T9467] RIP: 0033:0x7f206c38ebe9
[  545.853382][ T9467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.873203][ T9467] RSP: 002b:00007f206a5d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  545.881637][ T9467] RAX: ffffffffffffffda RBX: 00007f206c5c6090 RCX: 00007f206c38ebe9
[  545.889620][ T9467] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  545.897613][ T9467] RBP: 00007f206a5d5090 R08: 0000000000000000 R09: 0000000000000000
[  545.906108][ T9467] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  545.914085][ T9467] R13: 00007f206c5c6128 R14: 00007f206c5c6090 R15: 00007ffe78ec7258
[  545.922161][ T9467]  </TASK>
[  546.017542][ T4265] ocfs2: Unmounting device (7,0) on (node local)
[  546.158188][ T9476] loop3: detected capacity change from 0 to 512
[  546.298649][ T9476] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1241: casefold flag without casefold feature
[  546.312196][ T9482] FAULT_INJECTION: forcing a failure.
[  546.312196][ T9482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  546.341268][ T9482] CPU: 1 PID: 9482 Comm: syz.1.1243 Not tainted syzkaller #0
[  546.348809][ T9482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  546.358897][ T9482] Call Trace:
[  546.362217][ T9482]  <TASK>
[  546.365182][ T9482]  dump_stack_lvl+0x168/0x22e
[  546.369938][ T9482]  ? show_regs_print_info+0x12/0x12
[  546.375179][ T9482]  ? load_image+0x3b0/0x3b0
[  546.379707][ T9482]  ? __lock_acquire+0x7c50/0x7c50
[  546.384730][ T9482]  ? verify_lock_unused+0x140/0x140
[  546.390002][ T9482]  should_fail_ex+0x399/0x4d0
[  546.394670][ T9482]  _copy_from_user+0x2c/0x170
[  546.399335][ T9482]  ___sys_sendmsg+0x155/0x290
[  546.404022][ T9482]  ? __sys_sendmsg+0x270/0x270
[  546.408778][ T9482]  ? __lock_acquire+0x7c50/0x7c50
[  546.413904][ T9482]  ? __fdget+0x17c/0x200
[  546.418139][ T9482]  __se_sys_sendmsg+0x19e/0x270
[  546.423480][ T9482]  ? __x64_sys_sendmsg+0x80/0x80
[  546.428527][ T9482]  ? lockdep_hardirqs_on+0x94/0x140
[  546.433739][ T9482]  do_syscall_64+0x4c/0xa0
[  546.438158][ T9482]  ? clear_bhb_loop+0x60/0xb0
[  546.442855][ T9482]  ? clear_bhb_loop+0x60/0xb0
[  546.447530][ T9482]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  546.453414][ T9482] RIP: 0033:0x7fe9c198ebe9
[  546.457818][ T9482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.477428][ T9482] RSP: 002b:00007fe9c279f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  546.485850][ T9482] RAX: ffffffffffffffda RBX: 00007fe9c1bc5fa0 RCX: 00007fe9c198ebe9
[  546.493810][ T9482] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  546.501852][ T9482] RBP: 00007fe9c279f090 R08: 0000000000000000 R09: 0000000000000000
[  546.509811][ T9482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.517858][ T9482] R13: 00007fe9c1bc6038 R14: 00007fe9c1bc5fa0 R15: 00007ffc4536eed8
[  546.525841][ T9482]  </TASK>
[  546.761712][ T9476] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1241: couldn't read orphan inode 15 (err -117)
[  546.776714][ T9476] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  547.042446][ T9476] overlayfs: missing 'workdir'
[  547.092764][ T9476] overlayfs: failed to resolve './file1': -2
[  547.328953][ T9492] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  547.337516][ T9492] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  547.395944][ T9493] dns_resolver: Unsupported server list version (0)
[  548.145317][ T9488] loop1: detected capacity change from 0 to 128
[  548.173185][ T9488] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  548.182696][ T9488] ext4 filesystem being mounted at /227/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  548.345101][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  548.373204][ T9499] fuse: Unknown parameter 'd'
[  548.402969][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  548.574505][ T9501] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  548.582418][ T9501] device syzkaller0 entered promiscuous mode
[  548.708248][ T9504] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1247'.
[  548.739852][ T9500] tipc: Resetting bearer <eth:syzkaller0>
[  548.836320][ T9500] tipc: Disabling bearer <eth:syzkaller0>
[  548.855624][ T9506] loop2: detected capacity change from 0 to 512
[  548.927735][ T9506] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  548.984790][ T9506] ext4 filesystem being mounted at /256/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  549.173821][ T9499] loop0: detected capacity change from 0 to 32768
[  549.252699][ T9499] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  549.297231][   T27] audit: type=1804 audit(1756641639.634:44): pid=9499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1248" name="/newroot/238/file1/file1" dev="loop0" ino=9553 res=1 errno=0
[  549.403287][ T4265] ocfs2: Unmounting device (7,0) on (node local)
[  549.428632][ T9503] loop1: detected capacity change from 0 to 32768
[  549.446828][ T9521] FAULT_INJECTION: forcing a failure.
[  549.446828][ T9521] name failslab, interval 1, probability 0, space 0, times 0
[  549.472054][ T9521] CPU: 0 PID: 9521 Comm: syz.3.1253 Not tainted syzkaller #0
[  549.479504][ T9521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  549.489586][ T9521] Call Trace:
[  549.492882][ T9521]  <TASK>
[  549.495823][ T9521]  dump_stack_lvl+0x168/0x22e
[  549.500517][ T9521]  ? show_regs_print_info+0x12/0x12
[  549.505722][ T9521]  ? load_image+0x3b0/0x3b0
[  549.510250][ T9521]  ? __might_sleep+0xd0/0xd0
[  549.514850][ T9521]  ? __lock_acquire+0x7c50/0x7c50
[  549.519889][ T9521]  should_fail_ex+0x399/0x4d0
[  549.524594][ T9521]  should_failslab+0x5/0x20
[  549.529105][ T9521]  slab_pre_alloc_hook+0x59/0x310
[  549.534173][ T9521]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[  549.539935][ T9521]  __kmem_cache_alloc_node+0x4f/0x260
[  549.545333][ T9521]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[  549.551171][ T9521]  __kmalloc+0xa0/0x240
[  549.555342][ T9521]  tomoyo_realpath_from_path+0xdf/0x5d0
[  549.560913][ T9521]  tomoyo_path_number_perm+0x1e3/0x600
[  549.566382][ T9521]  ? tomoyo_path_number_perm+0x1b6/0x600
[  549.572111][ T9521]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  549.577578][ T9521]  ? ksys_write+0x1bd/0x240
[  549.582093][ T9521]  ? common_file_perm+0x171/0x1c0
[  549.587168][ T9521]  ? __fget_files+0x28/0x4d0
[  549.591780][ T9521]  security_file_ioctl+0x6c/0xa0
[  549.596764][ T9521]  __se_sys_ioctl+0x48/0x170
[  549.601397][ T9521]  do_syscall_64+0x4c/0xa0
[  549.605826][ T9521]  ? clear_bhb_loop+0x60/0xb0
[  549.610508][ T9521]  ? clear_bhb_loop+0x60/0xb0
[  549.615192][ T9521]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  549.621107][ T9521] RIP: 0033:0x7f7e7078ebe9
[  549.625533][ T9521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.645144][ T9521] RSP: 002b:00007f7e715cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  549.653673][ T9521] RAX: ffffffffffffffda RBX: 00007f7e709c5fa0 RCX: 00007f7e7078ebe9
[  549.661826][ T9521] RDX: 0000200000004a40 RSI: 00000000c0306201 RDI: 0000000000000005
[  549.669811][ T9521] RBP: 00007f7e715cc090 R08: 0000000000000000 R09: 0000000000000000
[  549.677790][ T9521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  549.685769][ T9521] R13: 00007f7e709c6038 R14: 00007f7e709c5fa0 R15: 00007ffd96a09f38
[  549.693766][ T9521]  </TASK>
[  549.767828][ T9503] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  549.797380][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  549.880977][ T9521] ERROR: Out of memory at tomoyo_realpath_from_path.
[  550.049855][ T9532] loop2: detected capacity change from 0 to 512
[  550.074491][ T4266] ocfs2: Unmounting device (7,1) on (node local)
[  550.171220][ T9532] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1257: casefold flag without casefold feature
[  550.290570][ T9544] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  550.361528][ T9545] dns_resolver: Unsupported server list version (0)
[  550.965716][ T9532] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1257: couldn't read orphan inode 15 (err -117)
[  551.079988][ T9532] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  551.116875][ T9538] loop0: detected capacity change from 0 to 128
[  551.177163][ T9532] overlayfs: missing 'workdir'
[  551.187146][ T9538] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  551.196766][ T9538] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  551.375619][ T9549] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  551.432828][ T9554] loop1: detected capacity change from 0 to 512
[  551.449710][ T9555] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1262'.
[  551.463153][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  551.503514][ T9554] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1263: invalid indirect mapped block 4294967295 (level 1)
[  551.556503][ T9554] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.1263: invalid indirect mapped block 4294967295 (level 1)
[  551.641933][ T9554] EXT4-fs (loop1): 2 truncates cleaned up
[  551.647921][ T9554] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  551.681225][ T9554] FAULT_INJECTION: forcing a failure.
[  551.681225][ T9554] name failslab, interval 1, probability 0, space 0, times 0
[  551.704669][ T9554] CPU: 0 PID: 9554 Comm: syz.1.1263 Not tainted syzkaller #0
[  551.712129][ T9554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  551.722226][ T9554] Call Trace:
[  551.725530][ T9554]  <TASK>
[  551.728501][ T9554]  dump_stack_lvl+0x168/0x22e
[  551.733228][ T9554]  ? show_regs_print_info+0x12/0x12
[  551.738557][ T9554]  ? load_image+0x3b0/0x3b0
[  551.743098][ T9554]  ? __might_sleep+0xd0/0xd0
[  551.747764][ T9554]  ? __lock_acquire+0x7c50/0x7c50
[  551.752804][ T9554]  should_fail_ex+0x399/0x4d0
[  551.757497][ T9554]  should_failslab+0x5/0x20
[  551.762020][ T9554]  slab_pre_alloc_hook+0x59/0x310
[  551.767489][ T9554]  ? file_end_write+0x156/0x250
[  551.772384][ T9554]  kmem_cache_alloc+0x56/0x2f0
[  551.777214][ T9554]  ? getname_flags+0xb7/0x500
[  551.781910][ T9554]  getname_flags+0xb7/0x500
[  551.786433][ T9554]  do_sys_openat2+0xcf/0x490
[  551.791036][ T9554]  ? do_sys_open+0xe0/0xe0
[  551.795460][ T9554]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  551.801451][ T9554]  ? lock_chain_count+0x20/0x20
[  551.806346][ T9554]  __x64_sys_openat+0x135/0x160
[  551.811214][ T9554]  do_syscall_64+0x4c/0xa0
[  551.815726][ T9554]  ? clear_bhb_loop+0x60/0xb0
[  551.820407][ T9554]  ? clear_bhb_loop+0x60/0xb0
[  551.825097][ T9554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  551.831001][ T9554] RIP: 0033:0x7fe9c198ebe9
[  551.835448][ T9554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  551.855283][ T9554] RSP: 002b:00007fe9c279f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  551.863886][ T9554] RAX: ffffffffffffffda RBX: 00007fe9c1bc5fa0 RCX: 00007fe9c198ebe9
[  551.872219][ T9554] RDX: 0000000000143042 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  551.880195][ T9554] RBP: 00007fe9c279f090 R08: 0000000000000000 R09: 0000000000000000
[  551.888235][ T9554] R10: 0000000000000058 R11: 0000000000000246 R12: 0000000000000001
[  551.896216][ T9554] R13: 00007fe9c1bc6038 R14: 00007fe9c1bc5fa0 R15: 00007ffc4536eed8
[  551.904205][ T9554]  </TASK>
[  551.977997][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  552.087761][ T9564] fuse: Unknown parameter 'd'
[  552.288492][ T9562] loop0: detected capacity change from 0 to 512
[  552.307450][ T9562] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1264: invalid indirect mapped block 4294967295 (level 1)
[  552.328794][ T9562] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1264: invalid indirect mapped block 4294967295 (level 1)
[  552.331696][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  552.373469][ T9562] EXT4-fs (loop0): 2 truncates cleaned up
[  552.379484][ T9562] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  552.402013][ T9571] netlink: 'syz.3.1267': attribute type 10 has an invalid length.
[  552.434384][ T9571] device hsr0 entered promiscuous mode
[  552.450347][ T9571] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  552.463496][ T9571] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  552.474726][ T9571] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  552.487433][ T9571] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  552.816689][ T9562] EXT4-fs error (device loop0): ext4_check_all_de:666: inode #12: block 7: comm syz.0.1264: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=124 fake=0
[  553.088762][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  553.518303][ T9584] FAULT_INJECTION: forcing a failure.
[  553.518303][ T9584] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  553.531854][ T9584] CPU: 1 PID: 9584 Comm: syz.3.1271 Not tainted syzkaller #0
[  553.539251][ T9584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  553.549332][ T9584] Call Trace:
[  553.552637][ T9584]  <TASK>
[  553.555598][ T9584]  dump_stack_lvl+0x168/0x22e
[  553.560482][ T9584]  ? show_regs_print_info+0x12/0x12
[  553.565707][ T9584]  ? load_image+0x3b0/0x3b0
[  553.570329][ T9584]  ? __lock_acquire+0x7c50/0x7c50
[  553.575475][ T9584]  ? verify_lock_unused+0x140/0x140
[  553.580884][ T9584]  should_fail_ex+0x399/0x4d0
[  553.585683][ T9584]  _copy_from_user+0x2c/0x170
[  553.590392][ T9584]  ___sys_sendmsg+0x155/0x290
[  553.595189][ T9584]  ? __sys_sendmsg+0x270/0x270
[  553.600006][ T9584]  ? __lock_acquire+0x7c50/0x7c50
[  553.605079][ T9584]  ? __fdget+0x17c/0x200
[  553.609353][ T9584]  __se_sys_sendmsg+0x19e/0x270
[  553.614278][ T9584]  ? __x64_sys_sendmsg+0x80/0x80
[  553.619316][ T9584]  ? lockdep_hardirqs_on+0x94/0x140
[  553.624547][ T9584]  do_syscall_64+0x4c/0xa0
[  553.628987][ T9584]  ? clear_bhb_loop+0x60/0xb0
[  553.633687][ T9584]  ? clear_bhb_loop+0x60/0xb0
[  553.638389][ T9584]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  553.644408][ T9584] RIP: 0033:0x7f7e7078ebe9
[  553.649040][ T9584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.668676][ T9584] RSP: 002b:00007f7e7158a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  553.677209][ T9584] RAX: ffffffffffffffda RBX: 00007f7e709c6180 RCX: 00007f7e7078ebe9
[  553.685205][ T9584] RDX: 0000000000000080 RSI: 0000200000000600 RDI: 0000000000000003
[  553.693206][ T9584] RBP: 00007f7e7158a090 R08: 0000000000000000 R09: 0000000000000000
[  553.701203][ T9584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.709197][ T9584] R13: 00007f7e709c6218 R14: 00007f7e709c6180 R15: 00007ffd96a09f38
[  553.717207][ T9584]  </TASK>
[  554.054868][ T9564] loop2: detected capacity change from 0 to 32768
[  554.534174][ T9564] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  554.880735][ T9588] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1272'.
[  554.904467][   T27] audit: type=1804 audit(1756641645.244:45): pid=9564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1266" name="/newroot/258/file1/file1" dev="loop2" ino=9553 res=1 errno=0
[  555.074979][ T4264] ocfs2: Unmounting device (7,2) on (node local)
[  555.196471][ T9597] loop1: detected capacity change from 0 to 128
[  555.369552][ T9597] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  556.136985][ T9597] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  556.434725][ T9605] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  556.448126][ T9605] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  556.499408][ T9607] dns_resolver: Unsupported server list version (0)
[  557.229388][ T9608] overlayfs: missing 'workdir'
[  557.277005][ T9610] overlayfs: failed to clone upperpath
[  557.372668][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  557.457915][ T9612] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  557.470270][ T9615] FAULT_INJECTION: forcing a failure.
[  557.470270][ T9615] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.542438][ T9615] CPU: 0 PID: 9615 Comm: syz.0.1280 Not tainted syzkaller #0
[  557.549894][ T9615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.559997][ T9615] Call Trace:
[  557.563310][ T9615]  <TASK>
[  557.566277][ T9615]  dump_stack_lvl+0x168/0x22e
[  557.571086][ T9615]  ? show_regs_print_info+0x12/0x12
[  557.576342][ T9615]  ? load_image+0x3b0/0x3b0
[  557.580895][ T9615]  ? __lock_acquire+0x7c50/0x7c50
[  557.585970][ T9615]  ? snprintf+0xd7/0x120
[  557.590256][ T9615]  should_fail_ex+0x399/0x4d0
[  557.594983][ T9615]  _copy_to_user+0x2c/0x130
[  557.599530][ T9615]  simple_read_from_buffer+0xe3/0x150
[  557.604945][ T9615]  proc_fail_nth_read+0x19a/0x210
[  557.610102][ T9615]  ? proc_fault_inject_write+0x2f0/0x2f0
[  557.615774][ T9615]  ? fsnotify_perm+0x248/0x550
[  557.620560][ T9615]  ? proc_fault_inject_write+0x2f0/0x2f0
[  557.626296][ T9615]  vfs_read+0x2c0/0x920
[  557.630557][ T9615]  ? kernel_read+0x1e0/0x1e0
[  557.635273][ T9615]  ? __fget_files+0x28/0x4d0
[  557.639884][ T9615]  ? __fget_files+0x44a/0x4d0
[  557.644665][ T9615]  ? __fdget_pos+0x2ae/0x360
[  557.649276][ T9615]  ? ksys_read+0x71/0x240
[  557.653619][ T9615]  ksys_read+0x143/0x240
[  557.657875][ T9615]  ? vfs_write+0x960/0x960
[  557.662305][ T9615]  ? lockdep_hardirqs_on+0x94/0x140
[  557.667541][ T9615]  do_syscall_64+0x4c/0xa0
[  557.671964][ T9615]  ? clear_bhb_loop+0x60/0xb0
[  557.676653][ T9615]  ? clear_bhb_loop+0x60/0xb0
[  557.681339][ T9615]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  557.687247][ T9615] RIP: 0033:0x7f1797d8d5fc
[  557.691668][ T9615] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  557.711372][ T9615] RSP: 002b:00007f1798cc6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  557.719798][ T9615] RAX: ffffffffffffffda RBX: 00007f1797fc5fa0 RCX: 00007f1797d8d5fc
[  557.727775][ T9615] RDX: 000000000000000f RSI: 00007f1798cc60a0 RDI: 0000000000000006
[  557.736278][ T9615] RBP: 00007f1798cc6090 R08: 0000000000000000 R09: 0000000000000000
[  557.744276][ T9615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  557.752352][ T9615] R13: 00007f1797fc6038 R14: 00007f1797fc5fa0 R15: 00007ffe40e303f8
[  557.760349][ T9615]  </TASK>
[  557.795637][ T9617] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1280'.
[  558.031719][ T9625] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1278'.
[  558.518986][ T9641] loop2: detected capacity change from 0 to 64
[  558.727353][ T9641] hfs: unable to load codepage "WFǐ�{O�s[p����cp936"
[  558.734617][ T9641] hfs: unable to parse mount options
[  558.997690][ T9649] loop3: detected capacity change from 0 to 512
[  559.216230][ T9649] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1285: bg 0: block 248: padding at end of block bitmap is not set
[  559.232765][ T9649] Quota error (device loop3): write_blk: dquota write failed
[  559.240540][ T9649] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  559.251038][ T9649] EXT4-fs error (device loop3): ext4_acquire_dquot:6816: comm syz.3.1285: Failed to acquire dquot type 1
[  559.269429][ T9649] EXT4-fs (loop3): 1 truncate cleaned up
[  559.275496][ T9649] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  559.284937][ T9649] ext4 filesystem being mounted at /255/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  559.783159][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  559.883701][ T9658] loop0: detected capacity change from 0 to 512
[  559.948711][ T9658] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  559.958057][ T9658] ext4 filesystem being mounted at /245/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  560.003525][ T9658] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1288: bg 0: block 217: padding at end of block bitmap is not set
[  560.198163][ T9668] loop1: detected capacity change from 0 to 512
[  560.339618][ T9668] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  561.614389][ T9668] ext4 filesystem being mounted at /235/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  561.773472][ T9665] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1290: bg 0: block 217: padding at end of block bitmap is not set
[  561.870819][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  561.999416][ T9681] loop3: detected capacity change from 0 to 512
[  562.046163][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  562.198311][ T9681] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1293: casefold flag without casefold feature
[  562.231359][ T9681] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1293: couldn't read orphan inode 15 (err -117)
[  562.242727][ T9687] loop1: detected capacity change from 0 to 512
[  562.271159][ T9681] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  562.292263][ T9656] loop2: detected capacity change from 0 to 32768
[  562.404986][ T9690] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  562.477526][ T9691] dns_resolver: Unsupported server list version (0)
[  562.523999][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  562.530373][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  563.134935][ T9656] (syz.2.1287,9656,1):ocfs2_initialize_super:2286 ERROR: status = -12
[  563.153259][ T9694] overlayfs: missing 'workdir'
[  563.232688][ T9656] (syz.2.1287,9656,0):ocfs2_fill_super:1176 ERROR: status = -12
[  563.244692][ T9687] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  563.261076][ T9687] ext4 filesystem being mounted at /236/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  563.571033][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  563.608580][ T9703] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  563.761683][ T9703] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1295'.
[  564.089912][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  564.217275][ T9710] fuse: Unknown parameter 'd'
[  564.374705][ T9699] loop2: detected capacity change from 0 to 32768
[  564.439573][ T9699] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  564.745494][ T9721] loop0: detected capacity change from 0 to 512
[  564.976375][ T9721] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1300: bg 0: block 248: padding at end of block bitmap is not set
[  564.993194][ T9721] Quota error (device loop0): write_blk: dquota write failed
[  565.000985][ T9721] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  565.011295][ T9721] EXT4-fs error (device loop0): ext4_acquire_dquot:6816: comm syz.0.1300: Failed to acquire dquot type 1
[  565.028741][ T9721] EXT4-fs (loop0): 1 truncate cleaned up
[  565.034771][ T9721] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  565.044267][ T9721] ext4 filesystem being mounted at /248/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  565.378556][ T4264] ocfs2: Unmounting device (7,2) on (node local)
[  565.517324][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  565.786909][ T9733] FAULT_INJECTION: forcing a failure.
[  565.786909][ T9733] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  565.800346][ T9733] CPU: 0 PID: 9733 Comm: syz.2.1302 Not tainted syzkaller #0
[  565.807760][ T9733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  565.817942][ T9733] Call Trace:
[  565.821339][ T9733]  <TASK>
[  565.824299][ T9733]  dump_stack_lvl+0x168/0x22e
[  565.829095][ T9733]  ? show_regs_print_info+0x12/0x12
[  565.834329][ T9733]  ? load_image+0x3b0/0x3b0
[  565.838863][ T9733]  ? __lock_acquire+0x7c50/0x7c50
[  565.843931][ T9733]  ? mark_lock+0x94/0x320
[  565.848309][ T9733]  should_fail_ex+0x399/0x4d0
[  565.853082][ T9733]  prepare_alloc_pages+0x1e2/0x5f0
[  565.858240][ T9733]  __alloc_pages+0x123/0x4e0
[  565.862874][ T9733]  ? zone_statistics+0x170/0x170
[  565.867943][ T9733]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  565.873633][ T9733]  ? lockdep_hardirqs_on+0x94/0x140
[  565.878978][ T9733]  __folio_alloc+0xe/0x30
[  565.883434][ T9733]  vma_alloc_folio+0x4a3/0x900
[  565.888425][ T9733]  handle_mm_fault+0x2242/0x3e70
[  565.893393][ T9733]  ? mt_find+0x145/0x810
[  565.897682][ T9733]  ? numa_migrate_prep+0x250/0x250
[  565.902848][ T9733]  ? lock_mm_and_find_vma+0xae/0x2f0
[  565.908252][ T9733]  do_user_addr_fault+0x51f/0xb10
[  565.913419][ T9733]  exc_page_fault+0x60/0x100
[  565.918043][ T9733]  ? clear_bhb_loop+0x60/0xb0
[  565.922760][ T9733]  asm_exc_page_fault+0x22/0x30
[  565.927636][ T9733] RIP: 0033:0x7f206c33c1eb
[  565.932337][ T9733] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  565.952080][ T9733] RSP: 002b:00007f206a5b1e10 EFLAGS: 00010246
[  565.958173][ T9733] RAX: 00007f206a5b3f30 RBX: 00007f206c597640 RCX: 0000000000000000
[  565.966599][ T9733] RDX: 00007f206a5b3f78 RSI: 00007f206c3eeca8 RDI: 00007f206a5b1e30
[  565.974598][ T9733] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  565.982595][ T9733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  565.990583][ T9733] R13: 00007f206c5c6218 R14: 00007f206c5c6180 R15: 00007ffe78ec7258
[  565.998600][ T9733]  </TASK>
[  566.002309][ T9733] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  566.190858][ T9731] loop1: detected capacity change from 0 to 512
[  566.217721][ T9731] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  566.226906][ T9731] ext4 filesystem being mounted at /238/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  566.244150][ T9731] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1303: bg 0: block 217: padding at end of block bitmap is not set
[  566.367615][ T9737] Bluetooth: MGMT ver 1.22
[  566.657690][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  566.685990][ T9743] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  566.693489][ T9743] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  566.776736][ T9743] dns_resolver: Unsupported server list version (0)
[  566.894353][ T9710] loop3: detected capacity change from 0 to 32768
[  566.980419][ T9752] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1309'.
[  566.994924][ T9751] loop1: detected capacity change from 0 to 512
[  567.003557][ T9750] loop2: detected capacity change from 0 to 512
[  567.112751][ T9710] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  567.136702][ T9751] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1308: casefold flag without casefold feature
[  567.176517][ T9750] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  567.193399][ T9750] ext4 filesystem being mounted at /267/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  567.216254][ T9751] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1308: couldn't read orphan inode 15 (err -117)
[  567.281678][ T9751] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  567.300802][ T4267] ocfs2: Unmounting device (7,3) on (node local)
[  567.398426][ T9751] overlayfs: missing 'workdir'
[  567.602287][ T9759] binder: 9758:9759 ioctl c0306201 200000000180 returned -22
[  567.809200][ T9764] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  567.901418][ T9766] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1312'.
[  567.938743][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  568.103460][ T4266] EXT4-fs (loop1): unmounting filesystem.
[  569.397687][ T9785] loop0: detected capacity change from 0 to 764
[  570.466518][ T9784] Symlink component flag not implemented
[  570.474518][ T9784] Symlink component flag not implemented (7)
[  572.058200][ T9789] loop3: detected capacity change from 0 to 512
[  572.083605][ T9795] fuse: Unknown parameter 'd'
[  572.120691][ T9789] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  572.129933][ T9789] ext4 filesystem being mounted at /261/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  572.142965][ T9789] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1318: bg 0: block 217: padding at end of block bitmap is not set
[  572.246983][ T9794] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  572.261547][ T9794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  572.269867][ T9794] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  572.316487][ T9801] dns_resolver: Unsupported server list version (0)
[  572.780884][ T9797] loop0: detected capacity change from 0 to 128
[  572.808045][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  572.871157][ T9810] loop1: detected capacity change from 0 to 764
[  573.704298][ T9806] FAULT_INJECTION: forcing a failure.
[  573.704298][ T9806] name failslab, interval 1, probability 0, space 0, times 0
[  573.717329][ T9806] CPU: 1 PID: 9806 Comm: syz.1.1323 Not tainted syzkaller #0
[  573.724798][ T9806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  573.735118][ T9806] Call Trace:
[  573.738439][ T9806]  <TASK>
[  573.741365][ T9806]  dump_stack_lvl+0x168/0x22e
[  573.746048][ T9806]  ? show_regs_print_info+0x12/0x12
[  573.751326][ T9806]  ? load_image+0x3b0/0x3b0
[  573.755839][ T9806]  ? __might_sleep+0xd0/0xd0
[  573.760461][ T9806]  ? __lock_acquire+0x7c50/0x7c50
[  573.765482][ T9806]  should_fail_ex+0x399/0x4d0
[  573.770154][ T9806]  should_failslab+0x5/0x20
[  573.774670][ T9806]  slab_pre_alloc_hook+0x59/0x310
[  573.779779][ T9806]  kmem_cache_alloc+0x56/0x2f0
[  573.784527][ T9806]  ? getname_flags+0xb7/0x500
[  573.789189][ T9806]  getname_flags+0xb7/0x500
[  573.793709][ T9806]  user_path_at_empty+0x28/0x60
[  573.798568][ T9806]  do_readlinkat+0xd4/0x480
[  573.803079][ T9806]  ? cp_new_stat+0x4e0/0x4e0
[  573.807672][ T9806]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  573.813661][ T9806]  ? lock_chain_count+0x20/0x20
[  573.818517][ T9806]  __x64_sys_readlinkat+0x96/0xb0
[  573.823532][ T9806]  do_syscall_64+0x4c/0xa0
[  573.827992][ T9806]  ? clear_bhb_loop+0x60/0xb0
[  573.832665][ T9806]  ? clear_bhb_loop+0x60/0xb0
[  573.837325][ T9806]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  573.843209][ T9806] RIP: 0033:0x7fe9c198ebe9
[  573.847615][ T9806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  573.867406][ T9806] RSP: 002b:00007fe9c277e038 EFLAGS: 00000246 ORIG_RAX: 000000000000010b
[  573.875820][ T9806] RAX: ffffffffffffffda RBX: 00007fe9c1bc6090 RCX: 00007fe9c198ebe9
[  573.883782][ T9806] RDX: 0000200000000080 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  573.891751][ T9806] RBP: 00007fe9c277e090 R08: 0000000000000000 R09: 0000000000000000
[  573.899707][ T9806] R10: 000000000000001d R11: 0000000000000246 R12: 0000000000000001
[  573.907686][ T9806] R13: 00007fe9c1bc6128 R14: 00007fe9c1bc6090 R15: 00007ffc4536eed8
[  573.915933][ T9806]  </TASK>
[  573.972811][ T9797] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  573.997816][ T9808] loop2: detected capacity change from 0 to 512
[  574.030744][ T9797] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  574.136401][ T9808] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  574.171118][ T9808] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  574.209184][ T9815] loop3: detected capacity change from 0 to 512
[  574.330566][ T9817] binder: 9816:9817 ioctl c0306201 200000000180 returned -22
[  574.382932][ T9815] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1324: casefold flag without casefold feature
[  574.505301][ T9815] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1324: couldn't read orphan inode 15 (err -117)
[  574.527440][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  574.548029][ T9815] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  574.591851][ T9815] overlayfs: missing 'workdir'
[  574.711414][ T9823] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  574.730300][ T9823] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1327'.
[  574.753013][ T9823] tipc: Resetting bearer <eth:syzkaller0>
[  574.805631][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  574.817885][ T9821] tipc: Disabling bearer <eth:syzkaller0>
[  574.984708][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  575.343099][ T9836] loop2: detected capacity change from 0 to 512
[  577.009252][ T9836] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  577.018273][ T9836] ext4 filesystem being mounted at /271/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  577.034200][ T9836] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1332: bg 0: block 217: padding at end of block bitmap is not set
[  577.129785][ T9835] loop3: detected capacity change from 0 to 512
[  577.179909][ T9835] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1330: bg 0: block 248: padding at end of block bitmap is not set
[  577.197107][ T9835] Quota error (device loop3): write_blk: dquota write failed
[  577.204826][ T9835] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  577.214829][ T9835] EXT4-fs error (device loop3): ext4_acquire_dquot:6816: comm syz.3.1330: Failed to acquire dquot type 1
[  577.252643][ T9835] EXT4-fs (loop3): 1 truncate cleaned up
[  577.258345][ T9835] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  577.267565][ T9835] ext4 filesystem being mounted at /263/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  577.305581][ T4264] EXT4-fs (loop2): unmounting filesystem.
[  577.338274][ T9862] fuse: Invalid rootmode
[  577.547649][ T4267] EXT4-fs (loop3): unmounting filesystem.
[  577.617684][ T9870] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1340'.
[  577.789280][ T9876] loop3: detected capacity change from 0 to 2048
[  577.823087][ T9876]  loop3: p1 p3 p4
[  577.834001][ T9876] loop3: p4 size 589824 extends beyond EOD, truncated
[  578.134251][ T9883] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  578.221277][ T4408] udevd[4408]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  578.232967][ T4427] udevd[4427]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  578.248190][ T4762] udevd[4762]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  578.396989][ T9887] futex_wake_op: syz.1.1346 tries to shift op by -1; fix this program
[  578.440337][   T27] audit: type=1326 audit(1756641668.774:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.0.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1797d8ebe9 code=0x7ffc0000
[  578.486114][   T27] audit: type=1326 audit(1756641668.784:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.0.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f1797d8ebe9 code=0x7ffc0000
[  578.545659][   T27] audit: type=1326 audit(1756641668.784:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9888 comm="syz.0.1347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1797d8ebe9 code=0x7ffc0000
[  579.735843][ T9917] loop0: detected capacity change from 0 to 512
[  579.740797][ T9052] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  579.776656][ T9917] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  579.790677][ T9917] UDF-fs: Scanning with blocksize 512 failed
[  579.814904][ T9917] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  579.831238][ T9917] UDF-fs: Scanning with blocksize 1024 failed
[  579.844265][ T9917] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  579.853938][ T9917] UDF-fs: Scanning with blocksize 2048 failed
[  579.868466][ T9917] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  579.878267][ T6562] usb 4-1: new low-speed USB device number 13 using dummy_hcd
[  579.897926][ T9917] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  579.942770][ T9052] usb 3-1: Using ep0 maxpacket: 16
[  579.976444][ T9052] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  579.995057][ T9917] overlayfs: upper fs needs to support d_type.
[  580.004245][ T9052] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  580.020279][ T9917] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  580.028923][ T9917] overlayfs: failed to set xattr on upper
[  580.036297][ T9917] overlayfs: ...falling back to index=off,metacopy=off.
[  580.046659][ T9052] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  580.056330][ T9052] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.067789][ T9052] usb 3-1: Product: syz
[  580.077359][ T6562] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  580.091635][ T9052] usb 3-1: Manufacturer: syz
[  580.096856][ T6562] usb 4-1: config 0 has no interface number 0
[  580.106987][ T9052] usb 3-1: SerialNumber: syz
[  580.125299][ T6562] usb 4-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  580.156512][ T6562] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  580.185142][ T6562] usb 4-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[  580.199591][ T6562] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  580.233523][ T9052] usb 3-1: config 0 descriptor??
[  580.521831][ T6562] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  580.538676][ T6562] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.560880][ T9915] loop1: detected capacity change from 0 to 32768
[  580.578499][ T6562] usb 4-1: config 0 descriptor??
[  580.603723][ T9911] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  580.645775][ T9911] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  580.679065][ T6562] ldusb 4-1:0.55: Interrupt in endpoint not found
[  580.756579][ T9915] XFS (loop1): Mounting V5 Filesystem
[  582.123902][ T4273] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  582.132981][ T4273] Bluetooth: hci0: Injecting HCI hardware error event
[  582.142536][ T4273] Bluetooth: hci0: hardware error 0x00
[  582.237749][ T9915] XFS (loop1): Ending clean mount
[  582.297679][ T9915] XFS (loop1): Quotacheck needed: Please wait.
[  582.297789][  T125] usb 3-1: USB disconnect, device number 16
[  582.403312][ T9939] loop2: detected capacity change from 0 to 1764
[  582.412382][ T9915] XFS (loop1): Quotacheck: Done.
[  582.553252][ T4266] XFS (loop1): Unmounting Filesystem
[  583.067066][ T9946] loop1: detected capacity change from 0 to 64
[  583.330391][ T8955] usb 4-1: USB disconnect, device number 13
[  584.191229][ T9954] device xfrm0 entered promiscuous mode
[  584.210918][ T4273] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  584.470827][ T6562] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  584.551224][ T8955] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  584.662375][ T6562] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  584.701389][ T6562] usb 4-1: config 0 interface 0 altsetting 12 endpoint 0x6 has invalid wMaxPacketSize 0
[  584.754145][ T8955] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  584.775135][ T8955] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  584.786778][ T6562] usb 4-1: config 0 interface 0 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  584.809946][ T8955] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  584.830735][ T6562] usb 4-1: config 0 interface 0 has no altsetting 0
[  584.838959][ T8955] usb 2-1: config 0 descriptor??
[  584.857661][ T8955] pwc: Askey VC010 type 2 USB webcam detected.
[  584.871672][ T6562] usb 4-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[  584.925623][ T6562] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  584.988780][ T6562] usb 4-1: Product: syz
[  585.020944][ T6562] usb 4-1: Manufacturer: syz
[  585.030871][ T6562] usb 4-1: SerialNumber: syz
[  585.060118][ T6562] usb 4-1: config 0 descriptor??
[  585.261155][ T8955] pwc: recv_control_msg error -32 req 02 val 2b00
[  585.287348][  T125] usb 4-1: USB disconnect, device number 14
[  585.304161][ T8955] pwc: recv_control_msg error -32 req 02 val 2700
[  585.325146][ T8955] pwc: recv_control_msg error -32 req 02 val 2c00
[  585.431678][ T8955] pwc: recv_control_msg error -32 req 04 val 1000
[  585.447177][ T8955] pwc: recv_control_msg error -32 req 04 val 1300
[  585.476621][ T8955] pwc: recv_control_msg error -32 req 04 val 1400
[  585.494903][ T8955] pwc: recv_control_msg error -32 req 02 val 2000
[  585.515021][ T8955] pwc: recv_control_msg error -32 req 02 val 2100
[  585.530357][ T8955] pwc: recv_control_msg error -32 req 04 val 1500
[  585.545159][ T8955] pwc: recv_control_msg error -32 req 02 val 2500
[  585.553034][ T8955] pwc: recv_control_msg error -32 req 02 val 2400
[  585.827108][ T8955] pwc: recv_control_msg error -71 req 02 val 2900
[  585.835807][ T8955] pwc: recv_control_msg error -71 req 02 val 2800
[  585.849112][ T8955] pwc: recv_control_msg error -71 req 04 val 1100
[  585.858011][ T8955] pwc: recv_control_msg error -71 req 04 val 1200
[  585.884444][ T8955] pwc: Registered as video103.
[  585.923760][ T8955] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input10
[  586.822767][ T8955] usb 2-1: USB disconnect, device number 18
[  586.836624][ T9998] loop0: detected capacity change from 0 to 128
[  589.090695][ T4273] Bluetooth: hci4: command 0x2016 tx timeout
[  589.448237][T10031] loop1: detected capacity change from 0 to 4096
[  589.634181][T10031] ntfs3: loop1: ino=21, "file1" fallocate(0x11) is not supported
[  589.665418][T10035] tmpfs: Unknown parameter 'usrquota'
[  589.804547][ T4266] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  589.838687][ T4266] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  589.894135][T10037] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1397'.
[  589.971374][T10037] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1397'.
[  590.093585][T10041] netlink: 'syz.4.1397': attribute type 10 has an invalid length.
[  590.224516][T10041] team0: Port device netdevsim0 added
[  590.499507][   T11] kworker/u4:1: attempt to access beyond end of device
[  590.499507][   T11] loop0: rw=1, sector=145, nr_sectors = 112 limit=128
[  590.519856][T10048] device ipvlan2 entered promiscuous mode
[  590.586725][T10048] bridge0: port 3(ipvlan2) entered blocking state
[  590.643184][T10048] bridge0: port 3(ipvlan2) entered disabled state
[  591.117345][T10065] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1409'.
[  591.154117][T10067] loop2: detected capacity change from 0 to 256
[  592.184172][T10078] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1412'.
[  592.453088][T10082] loop0: detected capacity change from 0 to 1024
[  592.510544][T10082] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  592.532653][T10082] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  592.557542][T10082] EXT4-fs error (device loop0): ext4_get_journal_inode:5737: inode #5: comm syz.0.1414: unexpected bad inode w/o EXT4_IGET_BAD
[  592.679625][T10082] EXT4-fs (loop0): no journal found
[  592.838161][T10082] EXT4-fs (loop0): can't get journal size
[  593.340280][T10082] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  593.535560][T10082] EXT4-fs (loop0): unmounting filesystem.
[  593.765665][T10094] bridge0: port 3(syz_tun) entered blocking state
[  593.772717][T10094] bridge0: port 3(syz_tun) entered disabled state
[  593.780520][T10094] device syz_tun entered promiscuous mode
[  593.787113][T10094] bridge0: port 3(syz_tun) entered blocking state
[  593.794414][T10094] bridge0: port 3(syz_tun) entered forwarding state
[  593.807727][T10094] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1416'.
[  594.339168][ T9935] Bluetooth: hci2: command 0x2016 tx timeout
[  594.616862][T10101] loop0: detected capacity change from 0 to 512
[  594.616961][T10100] device wireguard0 entered promiscuous mode
[  594.653662][T10101] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  594.960902][T10106] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  594.969243][T10106] FAT-fs (loop0): Filesystem has been set read-only
[  594.977801][T10106] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  596.102767][T10110] binder: BINDER_SET_CONTEXT_MGR already set
[  596.199706][T10110] binder: 10109:10110 ioctl 4018620d 200000004a80 returned -16
[  597.259321][ T4273] Bluetooth: hci2: command 0x0406 tx timeout
[  597.319188][T10105] loop2: detected capacity change from 0 to 32768
[  597.426792][T10134] kernel profiling enabled (shift: 9)
[  597.682390][T10105] XFS (loop2): Mounting V5 Filesystem
[  597.891055][T10105] XFS (loop2): Ending clean mount
[  598.600289][ T4264] XFS (loop2): Unmounting Filesystem
[  598.775316][T10123] loop3: detected capacity change from 0 to 40427
[  598.782021][ T5672] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  598.816987][T10123] F2FS-fs (loop3): invalid crc value
[  598.860070][T10123] F2FS-fs (loop3): Found nat_bits in checkpoint
[  599.017174][T10123] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  599.050719][ T5672] usb 1-1: Using ep0 maxpacket: 8
[  599.057848][ T5672] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  599.099115][ T5672] usb 1-1: config 179 has an invalid descriptor of length 49, skipping remainder of the config
[  599.130136][ T5672] usb 1-1: config 179 has no interface number 0
[  599.140226][ T5672] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  599.190936][ T5672] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  599.223654][ T5672] usb 1-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  599.260693][ T5672] usb 1-1: config 179 interface 65 has no altsetting 0
[  599.267731][ T5672] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  599.380832][ T5672] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.718920][ T5672] usb 1-1: USB disconnect, device number 19
[  600.193536][ T4267] syz-executor: attempt to access beyond end of device
[  600.193536][ T4267] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  600.842433][T10166] loop1: detected capacity change from 0 to 764
[  601.048583][ T9052] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  601.315466][T10168] rock: directory entry would overflow storage
[  601.322081][T10168] rock: sig=0x5850, size=36, remaining=7
[  601.492645][ T9052] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  601.512384][T10167] loop3: detected capacity change from 0 to 4096
[  601.545903][T10167] ntfs3: Unknown parameter 'windows_names'
[  601.560238][ T9052] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  601.595391][ T9052] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.678940][ T9052] usb 1-1: config 0 descriptor??
[  601.934476][ T9052] usbhid 1-1:0.0: can't add hid device: -71
[  601.943503][ T9052] usbhid: probe of 1-1:0.0 failed with error -71
[  601.988549][ T9052] usb 1-1: USB disconnect, device number 20
[  602.550759][ T5672] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  602.950779][ T5672] usb 1-1: Using ep0 maxpacket: 32
[  602.959598][ T5672] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  603.036687][ T5672] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  603.086741][ T5672] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.128998][ T5672] usb 1-1: config 0 descriptor??
[  603.151322][ T5672] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  603.211663][ T5672] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  603.558028][ T8955] usb 1-1: USB disconnect, device number 21
[  603.598344][ T8955] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  603.686070][T10177] loop1: detected capacity change from 0 to 32768
[  603.697066][T10195] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  603.707185][T10195] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  603.716123][T10195] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  603.725032][T10195] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  603.741187][T10177] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1442 (10177)
[  603.757144][T10195] batman_adv: batadv0: Adding interface: vxlan0
[  603.767141][T10195] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  603.807653][T10177] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  603.827270][T10195] batman_adv: batadv0: Interface activated: vxlan0
[  603.838348][T10177] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  603.858725][T10177] BTRFS info (device loop1): enabling ssd optimizations
[  603.869855][T10177] BTRFS info (device loop1): using spread ssd allocation scheme
[  603.880966][T10177] BTRFS info (device loop1): setting nodatacow, compression disabled
[  603.890506][T10177] BTRFS info (device loop1): not using ssd optimizations
[  603.916215][T10177] BTRFS info (device loop1): not using spread ssd allocation scheme
[  603.935904][T10177] BTRFS info (device loop1): max_inline at 0
[  603.950207][T10177] BTRFS info (device loop1): using free space tree
[  604.301774][ T4266] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  604.845287][ T8955] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  604.936406][ T8955] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  606.857691][T10255] loop0: detected capacity change from 0 to 2048
[  606.947463][T10255] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  606.970810][T10255] ext4 filesystem being mounted at /281/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  607.009748][   T27] audit: type=1800 audit(1756641697.344:49): pid=10255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1460" name="file0" dev="loop0" ino=13 res=0 errno=0
[  607.030349][    C1] vkms_vblank_simulate: vblank timer overrun
[  607.044221][T10255] fs-verity: sha256 using implementation "sha256-avx2"
[  607.455879][T10238] loop1: detected capacity change from 0 to 32768
[  607.525751][T10265] [U] 
[  607.530459][T10265] [U] K{�
[  607.540138][T10265] [U] �T �1��Š�F���Fˊ�`G�Jǘ�G���������O��/�MC�
[  607.552334][T10265] [U] T�ؖ/,�~�Ĝ��J���}8���'O1��"�7-΂JQ�K��W��Q�5C%"�H12��Y������X�`���ȼ`+��(�¿!(���Z'�TXLN�I�G�J����ݭ�P�~�7�!���"ب���(�5�OBܤ�̓J�
[  607.590654][T10238] XFS (loop1): Mounting V5 Filesystem
[  607.617197][T10265] [U] �K\&�}6�6�X�HX��Ե���.`�A�$�40|϶��9��ި����U��4��ĮVBZ��}�W�M�T���Q��ΦR�4��
[  607.645397][T10255] fs-verity (loop0, inode 13): Error -4 building Merkle tree
[  607.688025][T10265] [U] ".H6��"�KÇ[����J�4��I�N��[Z(��C|T�]Z{��3�C=��X�Ԟ˅�4�W�)\T�XJ��SH{Q;̹���T��+���G��߮D�.˂�>Y����WUH�FN����HL]S�2���\G%�O�&Z)�К'�PUL�_<�	�ذ�Ү��`ұT��ޜ���;_�"(�U{7J��2X �/�'��C���I����H�C�ճ�V�=��AI�%W�ES� R��J�Μ���G��R��͡HI
���A��6-�D��V�� I"��Nƨ ��ASC~4���8C�*�OO5/ߜJ�~���W�VK+����3��Y)��M���V��YQƽ�DTR�
OTPEM%F��EJ�A5��T_-X~�^AAۂҘ�Q��
[  607.755974][T10238] XFS (loop1): Ending clean mount
[  607.769451][ T4265] EXT4-fs (loop0): unmounting filesystem.
[  607.772809][T10265] [U] 	+�W�G?]��'A:	��)�
����' B>T���F/��<'�U�'��H�I�.+]E�.�-ɿ߿�%��>2`�^U�8F.�6��3��+�A�«���G3�P��6:�^0��T��V�'E�T����YC�N��Rϩ�N�PJ�;�Z����ۑ8!��\م�A�ʖ2��$е�­WI.��#��/BAI���`��4J��D�Y@�Z��GW�5˿B��ٜ�N�Y"VI2��
[  607.925615][T10265] [U] �T�_K5�T�YJ���9��C�$BR�L�NUL��9W���|�G�"ʃ�%�ڶ�C�؝���Q��
 ��3��Q��N^HP*��$	�.�7Yӱ�2�
[  607.968602][T10265] [U] �?���H��*����3͝7�ɍ�^#Q�"0~���(�O�XL�B�,'V��=���C�S���G�S��0�ւ��`���ه��=1(�ξ��P#�2DO*Ƀ
[  608.863918][ T4266] XFS (loop1): Unmounting Filesystem
[  608.879846][T10265] [U] �S��G������GU��D-{���|&�����ѐ2��L�C_��!`��OZ֥�B��%>�RѶ�WχݎSS�H"�YA4�O.�Y��ď�RTԶ�B�[+/<<R�B����|ФE���۠�V96#���ͤʦJ�U�%
S851���ҩS�P��\��?Q�|L��QX�0�K�1ORɴ2��|��D�F���ِ��2ޔ���0��H�}C[/����PX^��O
[  608.940477][T10265] [U] �؛���(J�Л��M��XZ�;�����؝_����*3�3��5�\�XM��U��AK!AQ`��;FЕ�I+��VUH���M�J��Ʒ��Z�C��Z���)_ǟ�	ԑ�&�֡��A�XTO���_� ڼ�:���%��P���Cֲ�Y�+_�ܛ��}U�M��ƫC�!KJ�7пG��=B�
[  609.060858][T10265] [U] ٽ�F�%�XA��L�2R*G��VW��$��J	�A��F����+ؾ9̈́VI�֗�Kپ�1}_��
��%�R6��(]��/��ؐřYܺ��Hä���R G��RN/ܫ�#!�D����%���D��-{�$�VU��T���$:MTR�E�C1V�D~��];[�����SQ����(��E,X�8�"�
��G�D�ڵ2@T8���҃����T8.RC+�@�ʦ�P�U�
P����C���'ńYL�-SS1E?�7�O���^]����C�½H]�JKR]RKQ܆��ݣ޴OTC��X���4�N�	��&����ڋ��@�:M7�~�+�W*���XM��>>��{Q���
_�՝LX8�U����{�Z��ؐ)��7?�RR;�C�R�Hײڣ����1�>)�Mă‰�T���(��Aϝ�}9�ڥ�J*Mќ�ġ�'L��Q	�DW��ظ=��|Q�	�Æ�W;5��Ž�!�DB�X`ɧ�/��E�`ƦM��X��"�\
[  609.108099][    C1] vkms_vblank_simulate: vblank timer overrun
[  609.145097][T10265] [U] {;�ե�٘_�O2��)�O��.2�W2ʲ��Y���X_  HPϱ�S�D����:]�{�����Ƚ
[  609.200800][T10265] [U] I,�>�Ӥ	��5�1��^1�N4�OǶ�'0�?֒I�9W.�_.�W�A���V��`)�Z���C6GIӹ�A��XL[����F�*��O�W)+��'\N�
[K@����2�Ǭ���P"^`���	ؿ
[  609.247877][T10265] [U] 22��Ʃ�۩X?0;3U�
[  609.369633][T10265] [U] ޜ�
ƍ�SOBX�8�W�4��(�~/���K�U��ԖOQ�E+�G�-Y�GY_
�>V�����3.H�ә]̈́�2��)�D�,	��	�D~�D���+�W;A\�F
P��Ș|$��)�
KؐI���ɿK�YT^R���Ǚ���A=�#�ܜ	�Ϳ�AE��T�1��ݯ4K�.E"R�S|П�S���:��>P��R�"Z�ڭ���#P!�KY"�}��F�N84ܳ��Hޱ�O��S��̫%DLW�MƲ�
[  609.399267][T10265] [U] [�['XN�'�����,MR��/����1D=!D�X91B�
WǻR�LF���K̤Z��#�`̑L؛�˜��B~�M���
[  609.972361][T10265] [U] �L�>�сD+�D�����"5�ʍ�H3<���IR=F^�F�N��������V���D�OIO�:U�>�Y�
[  610.015155][T10265] [U] 'B�6V�20�ķǞ��׌�"T8�{9�FW��]���̩�
[  610.042691][T10265] [U] �72މ���U�C6����τI]8C��TۨQSK�Y��I��¹ �|V'�TV/��G�$[� 9KH`�"ܑ��}��[^=��0�]��%�̂T�����F�_V�4C���
[  610.106932][T10265] [U] �EC�
[  610.176596][T10265] [U] ���|���<��:^�3$7NK~�-�@��?��/MTL��۾�I�WȬ@G~T�{��P�+�$�JP|���I�RIӍPM� ��Y� ڔ8�T���V�����,�L�,�
[  610.333906][T10261] [U] �K�����)0���~ܳʪ�IP'�F�ҜZ��R���@B�]�5��{��ʼ�'�8�ƥF��UTQUD
ǩ�K;7ͪ0C[��Y���YC���ذM��L�8�T�͚�5���RX����W� X���OQHVI'8����L�
[  611.222537][T10316] loop0: detected capacity change from 0 to 8
[  612.230448][T10295] loop2: detected capacity change from 0 to 32768
[  612.270324][T10295] XFS: noikeep mount option is deprecated.
[  612.514848][T10340] x_tables: ip_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT
[  612.710179][T10295] XFS (loop2): Mounting V5 Filesystem
[  613.241233][T10295] XFS (loop2): Ending clean mount
[  613.405170][ T4264] XFS (loop2): Unmounting Filesystem
[  613.431603][T10320] loop3: detected capacity change from 0 to 32768
[  613.564445][T10320] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  613.713318][   T27] audit: type=1800 audit(1756641704.014:50): pid=10320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1479" name="bus" dev="loop3" ino=17058 res=0 errno=0
[  613.836969][T10359] loop1: detected capacity change from 0 to 512
[  613.908125][T10359] EXT4-fs (loop1): ea_inode feature is not supported for Hurd
[  613.912473][ T4267] ocfs2: Unmounting device (7,3) on (node local)
[  614.195172][T10367] loop0: detected capacity change from 0 to 256
[  614.224905][T10367] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  617.620809][ T4316] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  617.982645][ T4316] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  618.105963][ T4316] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  618.416903][ T4316] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  618.581853][ T4316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  619.001714][ T4316] usb 3-1: config 0 descriptor??
[  619.042865][ T4316] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  619.260951][ T8955] usb 3-1: USB disconnect, device number 17
[  619.276620][T10416] loop1: detected capacity change from 0 to 512
[  619.320847][  T125] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  619.353497][ T4762] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  619.553920][  T125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  619.561051][T10416] loop1: detected capacity change from 0 to 1024
[  619.576744][ T4762] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  619.588595][T10416] EXT4-fs: inline encryption not supported
[  619.599721][  T125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  619.617528][  T125] usb 1-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00
[  619.638223][  T125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  619.711000][T10416] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.1507: lblock 2 mapped to illegal pblock 2 (length 1)
[  619.722813][  T125] usb 1-1: config 0 descriptor??
[  619.738266][T10416] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  619.755483][T10416] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.1507: lblock 0 mapped to illegal pblock 48 (length 1)
[  619.842002][T10416] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  619.865252][T10416] EXT4-fs error (device loop1): ext4_acquire_dquot:6816: comm syz.1.1507: Failed to acquire dquot type 0
[  619.938713][T10416] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5915: Corrupt filesystem
[  619.980937][ T8955] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  620.181434][ T8955] usb 3-1: Using ep0 maxpacket: 32
[  620.268256][ T8955] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  620.414888][T10414] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  620.641906][T10414] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  620.748497][ T8955] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  620.763955][ T8955] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  620.773219][ T8955] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  620.784057][ T8955] usb 3-1: config 0 descriptor??
[  620.794553][ T8955] usb 3-1: can't set config #0, error -71
[  620.798698][T10416] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.1507: mark_inode_dirty error
[  620.803289][ T8955] usb 3-1: USB disconnect, device number 18
[  620.909366][T10416] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  620.943782][  T125] usbhid 1-1:0.0: can't add hid device: -71
[  620.949880][  T125] usbhid: probe of 1-1:0.0 failed with error -71
[  620.981688][T10416] EXT4-fs (loop1): 1 orphan inode deleted
[  620.981756][  T125] usb 1-1: USB disconnect, device number 22
[  620.987480][T10416] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  621.002583][   T73] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  621.032807][T10435] loop2: detected capacity change from 0 to 164
[  621.039344][   T73] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  621.055657][   T73] EXT4-fs error (device loop1): ext4_release_dquot:6852: comm kworker/u4:4: Failed to release dquot type 0
[  621.130528][T10416] EXT4-fs (loop1): unmounting filesystem.
[  621.140475][T10416] EXT4-fs error (device loop1): __ext4_get_inode_loc:4507: comm syz.1.1507: Invalid inode table block 1 in block_group 0
[  621.275632][T10416] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5915: Corrupt filesystem
[  621.295586][T10416] EXT4-fs error (device loop1): ext4_quota_off:7122: inode #3: comm syz.1.1507: mark_inode_dirty error
[  622.206673][T10445] loop0: detected capacity change from 0 to 164
[  622.282964][T10445] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  622.316589][T10445] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  623.636795][T10450] sched: RT throttling activated
[  623.963595][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  623.970109][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  624.636507][T10467] 
[  624.638909][T10467] ======================================================
[  624.645956][T10467] WARNING: possible circular locking dependency detected
[  624.652994][T10467] syzkaller #0 Not tainted
[  624.657427][T10467] ------------------------------------------------------
[  624.664465][T10467] syz.0.1522/10467 is trying to acquire lock:
[  624.670558][T10467] ffff88807e939450 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0xd4/0xa60
[  624.682017][T10467] 
[  624.682017][T10467] but task is already holding lock:
[  624.689416][T10467] ffff88807e938130 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x251/0x530
[  624.698436][T10467] 
[  624.698436][T10467] which lock already depends on the new lock.
[  624.698436][T10467] 
[  624.708845][T10467] 
[  624.708845][T10467] the existing dependency chain (in reverse order) is:
[  624.717954][T10467] 
[  624.717954][T10467] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  624.725787][T10467]        lock_sock_nested+0x44/0x100
[  624.731081][T10467]        smc_listen_out+0x109/0x3d0
[  624.736292][T10467]        process_one_work+0x898/0x1160
[  624.741841][T10467]        worker_thread+0xaa2/0x1250
[  624.747040][T10467]        kthread+0x29d/0x330
[  624.751674][T10467]        ret_from_fork+0x1f/0x30
[  624.756624][T10467] 
[  624.756624][T10467] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  624.766892][T10467]        __lock_acquire+0x2cf8/0x7c50
[  624.772275][T10467]        lock_acquire+0x1b4/0x490
[  624.777313][T10467]        __flush_work+0xed/0xa60
[  624.782346][T10467]        __cancel_work_timer+0x3ac/0x520
[  624.788163][T10467]        smc_clcsock_release+0x5c/0xe0
[  624.793625][T10467]        __smc_release+0x661/0x7d0
[  624.798737][T10467]        smc_close_non_accepted+0xd1/0x1f0
[  624.804569][T10467]        smc_close_active+0xb00/0xea0
[  624.809945][T10467]        __smc_release+0x8d/0x7d0
[  624.814966][T10467]        smc_release+0x2ca/0x530
[  624.819988][T10467]        sock_close+0xd5/0x240
[  624.824758][T10467]        __fput+0x22c/0x920
[  624.829270][T10467]        task_work_run+0x1ca/0x250
[  624.834385][T10467]        exit_to_user_mode_loop+0xe6/0x110
[  624.840211][T10467]        exit_to_user_mode_prepare+0xb1/0x140
[  624.846281][T10467]        syscall_exit_to_user_mode+0x16/0x40
[  624.852483][T10467]        do_syscall_64+0x58/0xa0
[  624.857720][T10467]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  624.864179][T10467] 
[  624.864179][T10467] other info that might help us debug this:
[  624.864179][T10467] 
[  624.874424][T10467]  Possible unsafe locking scenario:
[  624.874424][T10467] 
[  624.881964][T10467]        CPU0                    CPU1
[  624.887323][T10467]        ----                    ----
[  624.892770][T10467]   lock(sk_lock-AF_SMC/1);
[  624.897394][T10467]                                lock((work_completion)(&new_smc->smc_listen_work));
[  624.907216][T10467]                                lock(sk_lock-AF_SMC/1);
[  624.914252][T10467]   lock((work_completion)(&new_smc->smc_listen_work));
[  624.921276][T10467] 
[  624.921276][T10467]  *** DEADLOCK ***
[  624.921276][T10467] 
[  624.929424][T10467] 2 locks held by syz.0.1522/10467:
[  624.934621][T10467]  #0: ffff888075b0f410 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  624.944840][T10467]  #1: ffff88807e938130 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x251/0x530
[  624.954258][T10467] 
[  624.954258][T10467] stack backtrace:
[  624.960149][T10467] CPU: 1 PID: 10467 Comm: syz.0.1522 Not tainted syzkaller #0
[  624.967953][T10467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  624.978023][T10467] Call Trace:
[  624.981306][T10467]  <TASK>
[  624.984240][T10467]  dump_stack_lvl+0x168/0x22e
[  624.988923][T10467]  ? load_image+0x3b0/0x3b0
[  624.993433][T10467]  ? show_regs_print_info+0x12/0x12
[  624.998670][T10467]  ? print_circular_bug+0x12b/0x1a0
[  625.004013][T10467]  check_noncircular+0x274/0x310
[  625.008978][T10467]  ? add_chain_block+0x940/0x940
[  625.013933][T10467]  ? lockdep_lock+0xdc/0x1e0
[  625.018537][T10467]  ? rcu_is_watching+0x11/0xa0
[  625.023400][T10467]  ? lock_release+0xd4/0x910
[  625.028178][T10467]  ? _find_first_zero_bit+0xcf/0x100
[  625.033482][T10467]  __lock_acquire+0x2cf8/0x7c50
[  625.038368][T10467]  ? __lock_acquire+0x7c50/0x7c50
[  625.043501][T10467]  ? is_bpf_text_address+0x28b/0x2a0
[  625.048822][T10467]  ? hlock_conflict+0x59/0x1f0
[  625.053651][T10467]  ? verify_lock_unused+0x140/0x140
[  625.058883][T10467]  ? __bfs+0x2a3/0x5c0
[  625.062965][T10467]  ? check_path+0x40/0x40
[  625.067394][T10467]  ? mark_lock+0x94/0x320
[  625.071973][T10467]  ? __lock_acquire+0x13c0/0x7c50
[  625.077025][T10467]  ? add_chain_block+0x940/0x940
[  625.081986][T10467]  lock_acquire+0x1b4/0x490
[  625.086504][T10467]  ? __flush_work+0xd4/0xa60
[  625.091111][T10467]  ? __lock_acquire+0x13c0/0x7c50
[  625.096242][T10467]  ? read_lock_is_recursive+0x10/0x10
[  625.101640][T10467]  ? verify_lock_unused+0x140/0x140
[  625.106874][T10467]  ? __flush_work+0xd4/0xa60
[  625.111520][T10467]  __flush_work+0xed/0xa60
[  625.116052][T10467]  ? __flush_work+0xd4/0xa60
[  625.120769][T10467]  ? verify_lock_unused+0x140/0x140
[  625.125995][T10467]  ? flush_work+0x20/0x20
[  625.130424][T10467]  ? try_to_grab_pending+0xf1/0x840
[  625.135639][T10467]  ? lockdep_hardirqs_off+0x70/0x100
[  625.140939][T10467]  ? mark_lock+0x94/0x320
[  625.145276][T10467]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  625.151267][T10467]  ? lock_chain_count+0x20/0x20
[  625.156127][T10467]  ? __cancel_work_timer+0x331/0x520
[  625.161512][T10467]  __cancel_work_timer+0x3ac/0x520
[  625.166634][T10467]  ? cancel_work_sync+0x20/0x20
[  625.171930][T10467]  ? __smc_release+0x659/0x7d0
[  625.176694][T10467]  ? __local_bh_enable_ip+0x12a/0x1b0
[  625.182074][T10467]  ? lockdep_hardirqs_on+0x94/0x140
[  625.187277][T10467]  ? __local_bh_enable_ip+0x12a/0x1b0
[  625.192654][T10467]  ? _local_bh_enable+0xa0/0xa0
[  625.197517][T10467]  smc_clcsock_release+0x5c/0xe0
[  625.202475][T10467]  __smc_release+0x661/0x7d0
[  625.207126][T10467]  ? do_raw_spin_unlock+0x11d/0x230
[  625.212339][T10467]  smc_close_non_accepted+0xd1/0x1f0
[  625.217646][T10467]  smc_close_active+0xb00/0xea0
[  625.222503][T10467]  ? sock_no_sendpage_locked+0x160/0x160
[  625.228136][T10467]  __smc_release+0x8d/0x7d0
[  625.232725][T10467]  ? do_raw_spin_unlock+0x11d/0x230
[  625.237930][T10467]  smc_release+0x2ca/0x530
[  625.242351][T10467]  sock_close+0xd5/0x240
[  625.246596][T10467]  ? sock_mmap+0x90/0x90
[  625.250841][T10467]  __fput+0x22c/0x920
[  625.254848][T10467]  task_work_run+0x1ca/0x250
[  625.259449][T10467]  ? task_work_cancel+0x230/0x230
[  625.264661][T10467]  ? __close_range+0x1c5/0x730
[  625.269446][T10467]  ? exit_to_user_mode_loop+0x3b/0x110
[  625.275006][T10467]  exit_to_user_mode_loop+0xe6/0x110
[  625.280392][T10467]  exit_to_user_mode_prepare+0xb1/0x140
[  625.285950][T10467]  syscall_exit_to_user_mode+0x16/0x40
[  625.291416][T10467]  do_syscall_64+0x58/0xa0
[  625.295841][T10467]  ? clear_bhb_loop+0x60/0xb0
[  625.300520][T10467]  ? clear_bhb_loop+0x60/0xb0
[  625.305200][T10467]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  625.311103][T10467] RIP: 0033:0x7f1797d8ebe9
[  625.315525][T10467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  625.335393][T10467] RSP: 002b:00007f1798cc6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  625.343851][T10467] RAX: 0000000000000000 RBX: 00007f1797fc5fa0 RCX: 00007f1797d8ebe9
[  625.352172][T10467] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000005
[  625.360144][T10467] RBP: 00007f1797e11e19 R08: 0000000000000000 R09: 0000000000000000
[  625.368119][T10467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  625.376091][T10467] R13: 00007f1797fc6038 R14: 00007f1797fc5fa0 R15: 00007ffe40e303f8
[  625.384085][T10467]  </TASK>
[  625.423609][T10470] loop3: detected capacity change from 0 to 2048
[  625.457374][T10470] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  625.486836][   T27] audit: type=1800 audit(1756641715.824:51): pid=10470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1523" name="file1" dev="loop3" ino=1346 res=0 errno=0
[  625.563625][   T27] audit: type=1800 audit(1756641715.884:52): pid=10470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1523" name="file1" dev="loop3" ino=1346 res=0 errno=0