last executing test programs:

2m51.654536166s ago: executing program 3 (id=173):
setsockopt$inet_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x0, 0x2d, 0x0, 0x0)
sched_setscheduler(0x0, 0x5, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900c1210680320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000400b9a6080000b800000100265d7aeabbc900bbc9000f30300f272d9d53bf0000c4b9e16dc30101220f01c3", 0xfffffffffffffdab}], 0x1, 0x14, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000180)={0x70003, 0x0, {[0x1, 0x1f8, 0x3, 0xffffffffefffff15, 0x3, 0x4, 0x1, 0x4]}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c001}, 0x4040004)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m50.667971507s ago: executing program 3 (id=180):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000003280)={0x73622a85, 0xa, 0x4})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@acquire], 0xffffffffffffff47, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0xfffffffffffffffd})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000a80)={0x4c, 0x0, &(0x7f00000008c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000600)={0x30, 0x30, 0x30}}, 0x40}], 0x51, 0x0, &(0x7f0000000980)="1ed2ced7a22edd08a4525da35310e9931b50e5d2bab7bee5ed9d47c138c58286359c3010e9ad05deb6bbe19d4628475d0fceb5b44fc9d792aad8603a1b362f8c595317f950cbf1a3a08e8a4df736ee16a9"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1040}], 0x0, 0x0, 0x0})

2m50.502586943s ago: executing program 3 (id=182):
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=[@nested_amd_vmsave={0x183, 0x18, 0x3}, @nested_create_vm={0x12d, 0x18}, @nested_load_code={0x12e, 0x5d, {0x0, "48b8008000000000000066ba6100b8555ad4abef2fad21e6e60c0020000f23f86592927716b9800000c00f3235000800000f30d035000100000f006080000f47dff2b00f30"}}], 0x8d})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000000)={[{0x80000004, 0x5, 0xcb, 0x4f, 0x7c, 0x2, 0x80, 0x1, 0x3, 0x44, 0x8, 0x2, 0xe}, {0xe, 0xfffd, 0x6, 0x8, 0x9, 0xff, 0x8, 0x4, 0xa, 0x13, 0x3, 0xc8, 0x1}, {0x1ff, 0x7, 0xd, 0x0, 0x25, 0x1, 0x81, 0xfb, 0x4, 0x4, 0x0, 0x2}], 0x9})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x181403, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000340)={0x0, &(0x7f0000000140)=[@code={0xa, 0x5c, {"0f20d80f22d896410f28d5d544aec4a14dc6bb005000000066ba210066b80a0066ef0f98328ee8660f71d5b366400f3833edc7442400d6001600c7442402a481eba6f3470f5d65ff407418"}}], 0x5c})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000240)={0xe0003, 0x0, {[0x8, 0x7, 0x4, 0x8, 0x3, 0x8, 0x4, 0x4]}})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xc0000102}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m49.716358659s ago: executing program 3 (id=189):
syz_emit_ethernet(0x66, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./bus\x00', 0x3010050, &(0x7f0000000600)=ANY=[], 0x41, 0x14fe, &(0x7f0000000700)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
creat(&(0x7f0000000580)='./bus\x00', 0x9e)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1084, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x7)
write(r1, &(0x7f00000001c0)='u', 0x1)
sendfile(r1, r0, 0x0, 0x7ffff000)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000180)='./file1\x00', 0x804810, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYRES32], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==")
r2 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

2m47.903489527s ago: executing program 3 (id=196):
syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX")
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000600)='./file1\x00', 0x800010, &(0x7f00000003c0)=ANY=[@ANYBLOB="756d61736b3d3030303030303030303030b04c4ca9373737370c0000000800", @ANYRESDEC=0x0, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303137372c6e6f7374726963742c766f6c756d653d30303030303030303030303030303030303030342c7569643d69676e6f72652c766f6c756d653d30303030303030303030303030303030303531312c766f6c756d653d30303030303030303030303030303030303031362c7569643d666f726765742c726f6f746469723d30303030303030303030303030303030303030362c756e686964652c6673757569643d38633737613662182d363437382d393832622d373430382dfb646132616432062c636f6e746578743d757365725f752c646566636f6e746578743d73797361646d5f752c73796e632c61756469742c00"], 0x1, 0xc26, &(0x7f0000001940)="$eJzs3U1sHOd5B/Dn3VlapNw0a8dRPpTDAg4QV44NUpQtFnIAKmKIGBBkwRRzMFCAK5FSFyaXFEkXclAkKpCgCNIWKnLIsQKcAL1VpxYIGkA9uUUQgOip6KFQW0dwb5sAaYsewmJ23yWXtD4Y64Ok/fsJ0X939pnZdzZ6dmfWMzsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89Wsnh0fSbo8CAHiczky9Pjzq8x8APlbO2f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD+UhTxnUjxzvfbaSZqG9MHTzdbb12Znpi882xDKVJUoojUWUbE4MjR0WMvvXx8rJf3nv9h+1y8NnXuZP3U4sLS8tzKytxsfbrVvLA4O7fjJTzo/Nsd6bwA9YU335q9eHGlfvTF0S0PX6ndPvDkodqJscOjb/RqpycmJ6f6aqoDH/rZPyA9vEXxEfJEFPH1SPHuC++nRkRU4sF74T7vHY/aUFTL/uusxPTEZGdF5puN1mr5YKrkqmr0vdtFjPd65DH04gMZj7ha/v9UDvhIuXpTS43lxvn5ufrZxvJqc7W52EqV7mjL9alFJcZSxFJEtIvdHjx7zUAUcSxS3P5VO52PiKLXB8+fmXp9ePT+C6g+hkHe5WlrRcRa7IOehT3qQBTxl5HiBzPDcSH3Vadt3ov4UpmvRFwu82aKa/l+Kt8gxiJ+6fME9rVqFPHzSLGY2mm21/ud7crT36i/2rq42Ffb267c9/sHj5NtE/awwSjifGeLv50+/JddAAAAAAAAAAAAAMDjUcRPIsWNhefSUvSfU9psXaqfa5yf7x4V3Dv2v57nWl9fX6+lbtZzDuccz3k250zOpZxXc17LeT3njZw3c67lvJWznTMq+flz1nMO5xzPeTbnTM6lnFdzXst5PeeNnDdzruW8lbOdM5z3BAAAAAAAAAAAAAAAAAAAwEM2FEVMRorr7/xR57rS0bku/SdPjJ2ZeKb/mvGfuc9yytoXI+InsbNr8g7ka42nSvnn4a8XcH+DUcS38vX//mS3BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOwJlSjiO5Hih79up0gRMR4xE928Vez26AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0mAq4lSk+K+vDXbur0XE5yPiN+vln4j/Xd9ut0cMAAAAAAAAAAAAAAAAAAAAH0GpiMuR4kfvtlMtIq7Ubh948lDtxNjh0TfWv51L+utfmzp3sn5qcWFpeW5lZW62Pt1qXlicndvp0w2ebrbeujI9Mfnw12Qnhh7x+IcGTy0uvb3cvPSHq3d8/ODgyfMrq8uNC3d+OIaiGjHcP+VIZ8DTE5OdQc83G63OrKlylwFWI+o7XRkAAAAAAAAAAAAAAAAAAAD2jIOpiIlI8exPj6XeeePV7jn/n+jeKzZqf/zHm78FML8te/p/P2Ant9NOB3qkc+J9fXpicnKqb3J14IOl5ZhSKuLTkeLw33+2cz58ioN3PDe+rPuzSDH2f8dyXe1wWTe+pWrwyPTEZP3MYuuFk/Pzixcaq43z83P1qaXGhR3/cAAAAAAAAAAAAAAAAAAAAADcw8FUxJ9HimOvrqXedefz+f/V7r2+8/9fiehddn4wbc0NnXP7f7dzbn/39idPjL169Nm7TX8U5/+XY0qpiN9Eiqf+6rOd6+n3zv8f3lZb1v0oUvz8u1/IdZUnyrqR3up0l3ixOT83XNY+Hym+d7ZXG53al3PtpzZrR8raf4gUT//B1trjufaZzdqjZe3tSDF55s61n96sHS1rhyLFl/+03qs9WNZ+Ndce2qx98cLi/OxOX14+nsr+/7dI8cWRr6fev/m79n/f739c3ZYbPtDz9779sPq/1jftau7r9dz/I/fp/8uR4i+ufSHXdXvvaH78qc7fm/3/vUjxe5/YWvtSrn16s3Zkp6sFu6ns/3+KFGu3/mXj33zu/9xZmx3a3/+fr27N3nbBbvX/U33Tanlco7/lawEfNytvf/PNxvz83LIbbrjhxsaN3X5nAh61cvv/vyPFVy4Xqbcfm7f/f6d7b3P//3++tbn9f2Jbbtil7f+n+6adyHstA9WIwdWFpYHPRAyuvP3NF5oLjUtzl+Zao6Njx3//2MjR4yMDT/R27jdv7fi1g/2u7P83I8WP/+afN77H3rr/f+fv/w5uyw271P+f6l+nLfs1O34p4GOn7P+/jhT/ev39jf/edK/v/3rf8z337NYc6hXtUv8/0zetnv8a65v2XBFxcqfPBQAAAAAAAAAA+8TBVMRPI8Xftv9x45r3W4//iS/2avuP/7ubvXD9fwDg3srP/6lI8bODX06935DZyfH/s9tywy4d/3uob9rsYzqveccvMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfEgpijgQKd75fjvdKsr7XYOnm623rkxPTN55tqEUKSpRdOrL/w2OHB099tLLx8d6ee/5H7bPxWtT507WTy0uLC3PrazMzdanW80Li7NzO17Cg86/3ZHOC1BfGMr3Xxzd8vCV2u0DTx6qnRg7PPpGr3Z6YnJyqq+mOvChn/0D0sNbFB8hT0QRP4sU777wfvr3IqISD94L93nveNSGolr2X2clpicmOysy32y0VssHUyVXVSNqfTON93rkMfTiAxmPuBoRlXLAR8rVm1pqLDfOz8/VzzaWV5urzcVWqnRHW65PLSoxliKWIqJd7Pbg2WsGooi/ixS3f9VO/1FEFL0+eP7M1OvDo/dfQPWRDe2eSy4frBURa7EPehb2qANRxDOR4gczw/GfRbevOm3zXsSXynwl4nKZN1Ncy/dT+QYxFvFLnyewr1WjiLORYjG103tF7v3OduXpb9RfbV1c7JZ9OzrbzvkTdb/vHzxOtk3YwwajiF90tvjb6Rc+zwEAAAAAAAAAAABgjyviK5HixsJzqXN+6MY5pc3Wpfq5xvn57mH9vWP/63mu9fX19VrqZj3ncM7xnGdzzuRcynk157Wc13PeyHkz51rOWznbOaOSnz9nPedwzvGcZ3PO5FzKeTXntZzXc97IeTPnWs5bOds5w3HSAAAAAAAAAAAAAAAAAAA8IpUo4ruR4oe/bqf1ont92Zno5i3nucJH2v8HAAD//8H3RkM=")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x40002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2000, 0x1ff06d00d42e26dc, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x0, 0x0, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m46.619705489s ago: executing program 3 (id=199):
r0 = gettid()
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000400)="4a1e495cec1abc9feda292c3875523e5eea1bb1410b0a8a179bdaadf3a6ec2b31595a476783b92582803060c08847ea38ddb0ddefbaaa2aa276131aeb8b28621f2c3a0453b", 0x45}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
r2 = dup(r1)
write$cgroup_subtree(r2, &(0x7f00000005c0)=ANY=[], 0x32600)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000140)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x1}}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0)

2m46.200282553s ago: executing program 32 (id=199):
r0 = gettid()
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000400)="4a1e495cec1abc9feda292c3875523e5eea1bb1410b0a8a179bdaadf3a6ec2b31595a476783b92582803060c08847ea38ddb0ddefbaaa2aa276131aeb8b28621f2c3a0453b", 0x45}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
r2 = dup(r1)
write$cgroup_subtree(r2, &(0x7f00000005c0)=ANY=[], 0x32600)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000140)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x1}}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, 0x0, 0x0)

1m16.959216635s ago: executing program 5 (id=476):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e4020109021b000100000000090400ff0160291d000905", @ANYRES8=r1, @ANYBLOB="7ba9"], 0x0)
r2 = syz_open_dev$audion(&(0x7f00000002c0), 0x3, 0x1)
write$P9_RVERSION(r2, &(0x7f0000002200)=ANY=[], 0xfffffcd9)
r3 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0x0)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, 0x0)
io_uring_setup(0x1c6c, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20000000)
close_range(r0, 0xffffffffffffffff, 0x0)

1m14.400727058s ago: executing program 5 (id=482):
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x80000007, 0x1}, 0x1c)
recvmmsg$unix(r0, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000005c0)=""/227, 0xe3}], 0x1}}], 0x1, 0x40000000, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)

1m13.359480942s ago: executing program 5 (id=486):
set_mempolicy(0x4005, &(0x7f00000000c0)=0x4, 0x7)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x800, &(0x7f0000000100)=ANY=[@ANYBLOB='iocharset=iso8859-9,utf8,dmask=00000000000000000000011,utf8,errors=remount-ro,utf8,fmask=00000000000000000000001,errors=remount-ro,iocharset=iso8859-5,gid=', @ANYRESHEX=0x0, @ANYBLOB="0002"], 0x1, 0x1548, &(0x7f0000000380)="$eJzs3AuYTdX7OPD3XWvtMSSdJrkMa613c5LLMkmSS5JckiRJktwSkib5SkJiyC1pSEJyGZLLEJLLxKRxv98vCU2SJklCckvW/1H8fftVv++lvl/P85v38zz7sd6z9rv22vOeM2fvdZz5psvQmo1rVWtIRPCn4C//JAFALAAMBIBrACAAgHJx5eIu9OeUmPTnDsL+Wg+lXukZsCuJ65+9cf2zN65/9sb1z964/tkb1z974/pnb1x/xrKzzdMLXstb9t14/T874/f//0OySo/9Ym3p67sCxPyzKVz/7I3r/39W8M/sxPXP3rj+2VXslZ4A+yvN/vfS+PWfHeT4wx6uf/bG9WcsO/t5HTgnXPF16Cu1QSR7fwZypZ9/jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayh9P+MgUAl9pXel6MMcYYY4wxxhj76/gcV3oGjDHGGGOMMcYY+89DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+W/lvwA94EXoCb0gCXpDH3gJ+kI/6A8DYCC8DIPgFRgMr0IyDIGh8BoMg9dhOLwBI2AkjII3YTS8BWNgLIyD8ZACE2AivA2T4B2YDFNgKkyDVJgOM+BdmAmzYDa8B3PgfZgL82A+LIA0+AAWwiJIhw9hMXwEGbAElsIyWA4rYCWsgtWwBtbCuh/7wgbYCJtgM2yBrbANtsMO2Akfwy74BHbDntfnAUAmfPZH+bD+d/NPXcqHvfApZEJXBAQUKFChwhiMwViMxVyYC3NjbsyDeTCCEYzDOMyLeTEf5sMCWADjMR4LY2E0aJCQsAgWwShGsRgWw+JYHEtiSXToMAETsAzejGWxLJbDclgey2MFrIgVsTJWxipYBatiVayG1bA6VseaWBPvxruxN9bBOlgX62I9rHdpeQobYkNshI2wMTbGJtgEm2JTbI7NsSW2xFbYCltja2yLbbEdtsP22B4TMRE7YAfsiB2xE3bCztgZu2AX7IrdsFvWCzkAX8QXsRdWF72xD/bBvpicoz8OwAH4Mg7CV/AVfBWTcQgOxdfwNXwdh+NJHIEjcRSOwiriLRyDY5HEeEzBFJyIE3ESTsLJOAWn4DRMxek4A2fgTJyFs/A9nIPv4/s4D+fhAkzDNFyIizAd03ExnsIMXIJLcRkuxxW4HFfhalyFa3EdrsUNuAE34SbcgltwG27DHbgDP0YFgJ/gHtyDyZiJmbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fC7+q0Yfl1iTDOICJZSIETEiVsSKXCKXyC1yizwij4iIiIgTcSKvyCvyiXyigCgg4kW8KCwKCyOMIBHGAICIiqgoJoqJ4qK4KClKCiecSBAJoowoI8qKsqKcuFWUF7eJCqKiaOMqi8qiimjrqoo7RTVRTVQXNURNUUvUErVFbVFH1BF1RV1RT9QT9cUDooHojf3xIXGhMo3FEGwihmJT0UzIi7/BWonh2Fq0EW3FE2IkjsD2opVLFE+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo7XqKXmIy9hZ9xDTsK/qJ/mKAmIk1xHs4J2dN8apIFkPEUPGaWICvi+HiDTFCjBSjxJtitHhLjBFjxTgxXqSICWKieFtMEu+IyWKKmCqmiVQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJNfCAWikUiXXwoFouPRIZYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lORKT4T+8TnYr/4QhwQX4os8ZU4KL4Wh8Q34rD4VhwR34mj4pg4Lr4XJ8QP4qQ4JU6LM+Ks+FGcEz+J88ILkCiFlFLJQMbIHDJW5pS55FUytwwu/nSvlXHyOplXXi/zyfyygCwo42UhWVhqaaSVJENZRBaVUXmDLCZvlMVlCVlSlpJOlpYJ8iZZRt4sy8pbZDl5qywvb5MVZEVZSVaWt8sq8g4JkV+OUV3WkDVlLXm3TIJ7ZB15r6wr75P15P2yvnxANpAPyobyIdlIPiwby0dkE/mobCqbyeayhWwpH5Ot5OOytWwj28onZDv5pGwvn5KJ8mnZQfqLT5FnZWf5nOwin5ddZTfZXf4kz0sve8peEnqD7CNfkn1lP9lfDpAD5ctykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZTpFT5TSZKqfL/hdHmi3lP8x/+3fyB/989E1ys9wit8ptcrvcIXfKj+UuuUvulrvlXrlXZspMuU/uk/vlfnlAHpBZMkselAflIXlIHpaH5RF5RB6Vx+QZ+b08IX+QJ+UpeUqekWflWXnu4s8AFCqhpFIqUDEqh4pVOVUudZXKra5WedQ1KqKuVXHqOpVXXa/yqfyqgCqo4lUhVVhpZZRVpEJVRBVVUXUDXnzCqJKqlHKqtEpQN/0r+aqYulEVVyV+lX9pfkl/ML+WqqVqpVqp1qq1aqvaqnaqnWqv2qtElag6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKkklqT7qJdVX9VP91QA1UL2sBqlBarAarJJVshqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKUSlqopqoJqlJarKarKaqqSpVpaoZaoaaqWaq2Wq2mqPmqLlqrpqv5qs0laYWqoUqXaWrxWqxylBL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVoTarzWqr2qq2q+1qp9qpdqldarfarfaqvSpTZap9ap/ar/arA+qAylJZ6qA6qA6pQ+qwOqyOqCPqqDqqjqvj6oQ6oU6qk+q0Oq3OqrPqnDqnzqvzFy77AhGIQAUqiAligtggNsgV5ApyB7mDPEGeIBJEgrggLsgbXB/kC/IHBYKCQXxQKCgc6MAENhAXix4NbgiKBTcGxYMSQcmgVOCC0kFCzMXO4JagXHBrUD64LagQVAwqBZWD24MqwR1B1eDOoFpwV1A9qBHUDGoFdwe1g3uCOsG9Qd3gvqBecH9QP3ggaBA8GDQMHgoaBQ8HjYNHgibBo0HToFnQPGgRtAxuDsr+ZeN7fzL/466n7qWTdG/dR7+k++p+ur8eoAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erKeoqfqaTpVT9cz9Lt6pp6lZ+v39Bz9vp6r5+n5eoFO0x/ohXqRTtcf6sX6I52hl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536J36Y71Lf6J36z16r/5UZ+rP9D79ud6vv9AH9Jc6S3+lD+qv9SH9jT6sv9VH9Hf6qD6mj+vv9Qn9gz6pT+nT+ow+q3/U5/RP+rz2Fy7uL7y9G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emr8lr8pl8poApYOJNvClsCpsLyJApYoqYqImaYqaYKW6Km5KmpHHGmQSTYMqYMqasKWvKmXKmvClvKpgKppKpZG43t5s7zB3mTnOnucvcZWqYGqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqapqa5aW5ampamlWllWpvWpq1pa9qZdqa9aW8STaLpYDqYjqaj6WQ6mc6ms+liupiupqvpbrqbHqaH6Wl6miSTZPqYPqav6Wv6m/5moBloBplBZrAZbJJNshlqhpphZpgZboabEWakGXXhQtW8ZcaYsWacGW9STIqZaCaaSWaSmWwmm6lmqkk1qWaGmWFmmplmtplt5pg5Zq6Za+ab+SbNpJmFZqFJN+lmsVlsMkyGWWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNLrPL7Da7zV6z12SaTLPP7DP7zX5zwBwwWSbLHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81Zk//i+6U3sTanzWWvsrnt1TaPvcb+z7iALWjjbSFb2Gqbz+b/VWystcVtCVvSlrLOlrYJ9qbfxBVsRVvJVra32yr2Dlv1N3Fte4+tY++1de19tpa9+1dxPXu/rW8fsQ0QAWwz28i2sI3tI7aJfdQ2tc1sc9vCtrNP2vb2KZton7Yd7DO/iRfaRXa1XWPX2nV2t91jT9sz9pD9xp61P9qetpcdaF+2g+wrdrB91SbbIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk210+0M+66daWf9Jk6zH9g5Nt3OtfPsfLvg5/jCnNLth3ax/chm2ACW2mV2uV1hV9pV/3+uy+wGu9FusrvsJ3ar3Wa32x1256ULYbvH7rWf2kz7mT1ov7b77Rf2gD1ss+xXP8cXzu+w/dYesd/Zo/aYPW6/tyfsD+pS9oVz/97+ZM9bb4GQgCQpCiiGclAs5aRcdBXlpqspD11DEbqW4ug6ykvXUz7KTwWoIMVTISpMmgxZIgqpCBWlKN1Al6ZXkkqRo9KUQDdRGbqZytItVI5upfJ0G1WgilSJKtPtVIXuoKp0J1Wju6g61aCaVIvuptp0D9Whe6ku3Uf16H6qTw9QA3qQGtJD1Igepsb0CDWhR6kpNaPm1IJa0mPUih6n1tSG2tIT1I6epPb0FCXS09SBnqGO9DfqRM9SZ3qOutDz1JW6UXd6gXrQi9STelES9aY+9BL1pX7UnwbQQHqZBtErNJhepWQaQkPpNRpGr9NweoNG0EgaRW/SaHqLxtBYGkfjKYUm0ER6mybROzSZptBUmkapNJ1m0Ls0k2bRbHqP5tD7NJfm0XxaQGn0AS2kRZROH9Ji+ogyaAktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtBO+ph20Se0m/bQXvqUMukz2kef0376gg7Ql5RFX9FB+poO0Td0mL71veg7OkrH6Dh9TyfoBzpJp+g0naGz9COdo5/oPHmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnvCaMhNeGceF1Yd7w+jBfmD8sEBYM48NCYeFQhya0IYVhWCQsGkbDG8Ji4Y1h8bBEWDIsFbqwdJgQ3hSWCW8Oy4a3hOXCW8Py4W1hhbBi+Mh9lcPbwyrhHWHV8M6wWnhXWD2sEdYMa4V3h7XDe8I64b1h3fC+sGx4f1g/fCBsED4YNgwfChuFD4eNw0fCJuGjYdOwWdg8bBG2DB8LW4WPh63DNmHb8ImwXfhk2D58KkwMnw47hM/83H//oj/uTwp7h33Cl8KXQu/vlfOjC6Jp0Q+iC6OLounRD6OLox9FM6JLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Le18oBDp1w0ikXuBiXw8W6nC6Xu8rldle7PO4aF3HXujh3ncvrrnf5XH5XwBV08a6QK+y0M846cqEr4oq6qLvBFXM3uuKuhCvpSjnnSrsE18K1dC1dK/e4a+3auLbuCfeEe9I96Z5yT7mnXQf3jOvo/uY6uWddZ/ece84977q6bq67e8H1cBPy/PKaTHJ9XB/X1/V1/V1/N9ANdIPcIDfYDXbJLtkNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOpbgUN9FNdJPcJDfZTXZT3VSX6lLdDDfDzXQzXZVZvxxlrpvr5rv5Ls2luYXuwjVjulvsFrsMl+GWuqVuuVvuVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na6nW6X2+V2+2t+GdRlun1un9vv9rsD7kuX5b5yB93X7pD7xh1237oj7jt31B1zx9337oT7wZ10p9xpd8addT+6c+4nd955lxKZEJkYeTsyKfJOZHJkSmRqZFokNTI9MiPybmRmZFZkduS9yJzI+5G5kXmR+ZEFkbTIB5GFkUWR9MiHkcWRjyIZkSWRpZFlkeWRFRHvC20NfRFf1Ef9Db6Yv9EX9yV8SV/KO1/aJ/ibfBl/sy/rb/Hl/K2+vL/NV/AVfSX/qG/qm/nmvoVv6R/zrfzjvrVv49v6J3w7/6Rv75/yif5p38E/4zv6v/lO/lnf2T/nu/jnfVffzXf3L/ge/kXf0/fySb637+Nf8n19P9/fD/AD/ct+kH/FD/av+mQ/xA/1r/lh/nU/3L/hR/iRflTMm370pVtkGO9T/AQ/0b/tJ/l3/GQ/xU/103yqn+5n+Hf9TD/Lz/bv+Tn+fT/Xz/Pz/QKf5j/wC/0in+4/9Iv9Rz7DL7m0qOxX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+m1+u9/hd/qP/S7/id/t9/i9/lOf6T/z+/znfr//wh/wX/os/5U/6L/2h/w3/rD/1h/x3/mj/pg/7r/3J/wP/qQ/5U/7M/6s/9Gf8z/58/ydNcYYY4yxf8qEy03x655flvN7/06O+Lud+wDA1dsKZv19/4UryvX5fmn3E/HtIgDwdK8uD13aqldPSkq6uG+GhKDoPIBLnwRd8POy8cV4CbSFJyER2kCZ351/P9HtLP2D8aO3AuT6u5xYuBxfHv9zAEz6nfEfe2LUwvLh6bj/Zfx5AMWLXs7JCZfjJdD25/WVNlD2D+afv9U/mH/OL1IAWv9dTm64HF+efwI8Ds9A4q/2ZIwxxhhjjDHGftFPVOp06f7z0v/4/L3783h1OScHXI7/0f05Y4wxxhhjjDHGrrxnu3V/6rFL39x7LDGxTaefH/lnGlX/lZ3/9UYT+E+NzI3fbXgPcOkRBQB/ckCACw353zyLLf+VYyVffLX8z67lZ3wA3Ytd/NLjX3fQ2D9fi3+ncaV+IzHGGGOMMcb+Uy5f9P/6cXWlJsQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVD/40/J3alz5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//8XnvpB")
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x50}, 0x4001000)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x76, 0x0, &(0x7f0000000180)="b44c806305624431ed3373010001000000bf7e47d5fe008c6390009c5bbd8730945636837fa980b788a1e78b46a2599f69c84033e65c1d6a53200386ce51d4a9c6ff0300008a645c2b9c0614907dac12c6d3cd73c6f7e79b50b7773a97aad715106eca76bf796a430e6c6a874a1602148380c5a6fcf0", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3}, 0x50)
r1 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x2)
ioctl$FIBMAP(r1, 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r0, 0x40084146, &(0x7f0000001900)=0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)

1m10.290337901s ago: executing program 5 (id=493):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2004de, &(0x7f0000000100), 0x3, 0x460, &(0x7f0000000380)="$eJzs3M9vFFUcAPDvzHaLBLAV8Qc/1CoaG3+0FFA5eFCjiQdMTPSgx6YtBFmooTURQhSMwZMxJt6NR/8FT3oxxpOJV70bEmK4AJ7WzO4M3d3uLrDsstD9fJJp35sffe+7b97Om3m7DWBkTWU/koitEfFXREzUs807TNV/Xb18duHa5bMLSVSr7/2b1Pa7cvnsQrFrcdyWPDOdRqRfJrG7Tbkrp88cn69Ulk7l+dnVEx/Prpw+8+KxE/NHl44undx/6NDBA3OvvLz/pb7EmdXpyq7PlvfsfPvDb985/HVT/C1x9MlUt43PVKt9Lm64tjWkk7EhVoRbUoqIrLnKtf4/EaVYa7yJeOuLoVYOGKhqtVrd0nnzuSqwgSXRnNflYVQUF/rs/rdYWgcBrw1u+DF0l16v3wBlcV/Nl/qWsUjzfcot97f9NBURH5z77/tsicE8hwAAaPJzNv55od34L42HG/a7P58bmoyIByJie0Q8GBE7IuKhiNq+j0TEo7dYfuskyfrxT3qxp8BuUjb+ezWf22oe/xWjv5gs5blttfjLyZFjlaV9+WsyHeVNWX6uSxm/vPnnN522NY7/siUrvxgL5vW4OLap+ZjF+dX524m50aXzEbvG2sWfXJ8JSCJiZ0Ts6rGMY8/9uKfTthvH30Uf5pmqP0Q8W2//c9ESfyHpPj85e19UlvbNFmfFer//ceHdTuXfVvx9cOl8FGfXuvbPTSaN87Urt17Ghb+/6nhP0+v5P568X0uP5+s+nV9dPTUXMZ4crle6cf3+tWOLfLF/dv5P723f/7fH2iuxOyKyk/ixiHg8Ip7I6/5kRDwVEXu7xP/bG09/1Hv8g5XFv9j2/a9T+68lxqN1TftE6fivPzUVOrku/mvd2/9gLTWdr7mZ97+bqVdvZzMAAADce9KI2BpJOnM9naYzM/XPy++ISCvLK6vPH1n+5ORi/TsCk1FOiyddEw3PQ+fy2/p6/nxE1D9aUGw/kD83/q60uZafWViuLA47eBhxWzr0/8w/pWHXDhg439eC0aX/w+jS/2F06f8wutr0/83DqAdw57W7/n8+hHoAd15L/zftByOj7P4fRljH/r+R//MPUNPD9T8ZRD2AO2plc9z4S/JdE8Vf6vHwDZuI8l1RjdtPVJO2jRvpsCt240Rxlbpb6nMvJYb3ngQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBP/wcAAP//vQDabw==")
r0 = open(&(0x7f00000001c0)='./file0/../file0/../file0/../file0/file0\x00', 0x4a07e, 0xdc)
fallocate(r0, 0x0, 0x0, 0x8800000)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x80000, 0x0, 0x0, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
setrlimit(0x2, &(0x7f0000000200)={0x6, 0x1})
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
chdir(&(0x7f0000000140)='./file0\x00')
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')
openat(0xffffffffffffff9c, 0x0, 0x88a6b7b52dd6778a, 0x20)

1m9.878767825s ago: executing program 5 (id=495):
openat$audio(0xffffffffffffff9c, 0x0, 0x147000, 0x0)
r0 = getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x8000000000001, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
sched_setaffinity(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vim2m(&(0x7f0000000140), 0x3, 0x2)

1m9.483896398s ago: executing program 5 (id=498):
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x0, 0x0, 0x0, 0x2}, 0x94)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)

1m9.128994159s ago: executing program 33 (id=498):
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x0, 0x0, 0x0, 0x2}, 0x94)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)

20.857652934s ago: executing program 4 (id=597):
r0 = socket(0x1d, 0x80802, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0xff, 0x4}, 0xfe}, 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r0)

19.619862314s ago: executing program 0 (id=603):
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="1400def9b1f652d8b6c900001000010000000000000000000000000a24000000060a0904000000000000000002000000040004800900020073797a3200000000140000001100010000000000000000000000000a"], 0x4c}}, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendto$inet(0xffffffffffffffff, &(0x7f0000000300)="ab", 0x1, 0x0, 0x0, 0x0)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[], 0x50, 0x40488c2}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000018000000000000000000000850000006300000095000000000000000419a78ee8d717b618661dd84873751e0b6c3adad6c884d956271446757b583ed947272bccd0e3fce596720cbcd51b7dc569212f46cf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

18.576941597s ago: executing program 2 (id=605):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f000000a100)="58785f58471eb4b5b3ff3946acaad41068511507291e72541d949ffc8a54ff637ccef1fe8511899ea7f3c82cbc6539763a34f6760c1608c911801ca672e62708ba4fc023749076ff6a0daba0caa57000acbd9ecf5e97201f7f14e715bc8c089c3d65e92fd65dedb76d61715067ccf6dfec2b56a48f2b274b564d90c3d868f2bdc07b7e636ad78904bca826fa69b7783e7be2b8e7c997b99225467747875695f6d500cb82b479fe9486bb94e06f796f89906bbfccc964830f86986760ade90c3f7a9dde3172a5124c1889075ad30b5ee2a5f257a6ac790a8e89b247ccbc8d241b7b95f8fc649deffc1bc37d51a8c3dfae38ac968eb48695de38df941f9632ef9ad6779e41ccea8a3ff1cac4fa4b47a152a8f9a1bb0094f41580bbf60fa11cfaf2c535a12c866e9414ee9b58226fbdb0d221e1bdc50e3fa300351364f6350030383856f1f809aee19f337f3d3435ae6754916be1eec24643cec1bd1007ffa38418735988cc901603895f66bd6450d54f99e1246ded898499d2a447f899c00368ce1dd4a4f4cf9cdf7d4f8b38d7b98a598ac490f1086ec712b0cb94610abfdb25b0f6947b46e1dd628897ab68445568578049fa6140250a5d821d70f102fadc2fa273a6e486f250712ec847de3b02a121e19775311e8629045f3404bdfa3207aecdac43c3571b86a9423bd716aa67cb688f9ee4f2b14ea42c89f2766c78fd4ec41ab34eebb4256e885bd7e3abe4348772993bb630aa3397084bbc66cdad664d6a9d33767cc375a44dbc0b08931053a6780a796fd31e1d7c512599f9e010883a52c07ec0938ce1acb3fe3baac6af9fb7e9d7942662e41bd3626d240d5ed34ebcbcc0ccf1c3280c76fbf6cdfb04bdb2d3b4ec6a8961b1eb036b211eff6247b95039cc67d222f2ff122340c56d74b4fffa79a202144bb10ad766f1fd6b3276342baf2fdbd26e9563dadd01fce19d7ec025d05d0494e53229379d13c1cae48ec058cff0bc1ccdc94a74b11a9bc87c580bb6a3f45fe15d15d89bf6102dc1085bfe27b2ab462aaf642b8ceed519cf88b31e9e00fdc23e8f6967a72b4c38b2458656dbf26dd75586731bb519a97d0ff43f4358cd40c7ed371ae8a24f46e320d4c4c0a1b8c42f10908a1c283d8032d76f52d4509d78c2f3a0716c37bc0c786ce9174a88d468e88a6d154e4712778aecded0ca5de28e52c04e33672ecea5135438e908aa1bf00e65ba6dacc4bd018b7bb1c30aa5d9acc679220cb5e7207f1759bd7722d10469225aae24973031a21358532a63aab42f33b1f8f40d545fec7799703ba067592b34247fbc7375acdcb3883ace7d34cf33484f2cf662f3f0e18b5c475ae311fb20f6e6b85320b2bc37e56512dc27815b37bfd9f172be1a119197eb53b535c440f97f24724e1d466309c0f8556965bd02d75c3dbe2baa0c6a515db07af1f77306577d0b38f0aa8cb188cf5523368951b8210f4bfc6afa0d058ad84656d27a46faef225e6268396ecb54a5182591bff3a86792db5454e238afe7c26eae85fd3c1c060760d89223bbdbe8966ae2558f47d799839cd959c974b69ad262cf8ab4fee554288e767ede9bc5d7f0cfba05966ef7858e41db363122680abe978345d45e4b52b73fe9f52ad26371a5b0539d88aa0c572aa01a41b079dde5a14e031ad903629d06c8d85ad82828c25a9ba7ce0fef2316eb011643e47feca7d280833f8b3008841fb2d88ea84df65b03aa5baaa29d6234ed5db8db461fc5df77aad38690277cd5dac1ed3c23c9f2778295578561f9a4d31159a826b4b62b2a867e6e8a9514edddaacad22106880e6633fb2f3b17c8d10bec633d6128489f7253b3e3e38e5942743ddd1547dfab27a152549f61891e3a5ad17f733b042f7ef915ad7423b9719fee9142407fe1d10ec8b64a21cd24fd39de4496ca3f394f07149bdbf1393181b5afee090ff40ee31d34a9c6a113e3823fac425fa85e212de1a9f7c4937ba64f3327961fccf85e6fa29be12de9589671d60d4658b1562ce7dedcde8ec79d265c13f5e197b66989c3f067d2801fcd78bb92b45e55fb4089a7cd3b179284af782ae0327ba56fc307a281772384448ee465dccefe41be8d75c8cd0eb5c0217d7ca706848f9b82500b77c2d838cbd536304556af87d3b6fb9183b5dc9cf2d0f7ecbb24d9f790151b9c6092dfb2c14decbe6448362cd7c13515f66a99c37b56134d12e8c7f1a5b75e14e47f84d8658f0b65ea91014e2e4fd361f03dbf8ca509d426ca1bba7e43ce918268393ff16b17d9e1bb49fb2b4f6eeb8b4b226c79303b19412a55b7ea7c8774ccebd8d66abe117a8be9a3c4faea730902136df57aff991b59dd71610ba4c8e1cded8287c21c56526f4fb6c502ea73ae310d56640990b3e695b278de6e1eebd51108cf7547c0e457e5fdf59691baf080dd3f5dc3c9a10bd4cc5e10ba42d4d3d9dc4f7ebe0bd2981a1d6fb06f7457dca1e56fac3f0fa7ca19ec2fb7940ee837e960d93a73bf085eaa2888fe3025aadd33cae85d63273be6ae3a92e35d78602d8e23b9460f04b7c0e0e710d10fdb0dd3fa9b880865603500d81dc7e968e8046569830b526e441f25f8b0af47d524aa80fd7dd9c3f72facec2032e2c06bc33c6b739c5368bf54e32b6acdca9d2d14276a8348ae92bfbd60f6aceecf98f3c6fe70747499b25667a96c52e21236421b27deafbc6b5e2b8a4ea2a0d3cd5ee1a10f3153b529b5c04a1961223a943842e17ee0cd114ce6983536400fc40f3d4708436954803fd60caf2b5ed7e4ce90bc75385e2424191c6a5038fa15d99aade49fa1affe63fb73078a6bb4ee560b0b521aeb33f507bdf876829f4d3f695197468e41503a10870a8e6df800608ac33dfdecc03f64d03fb6180287a684063c7edfc8db1366f6bb502fe446085f6acc4741b273a0b736f0f55da28967390bc7434db54ad0da9d1d002ceaa5c3e53efa95e7aaa792db32501a072e669da29fb734d771a6fa8c753fb2fcc204e31d668992473e7937fcf751bc79b125db1725f2a495bd2a4207e4db8d44810a4db5113705c5cb8733866ade3375d1bdbcb965cbd927e7d285f2933bf037911959088b64cfac0ff1e39244f2e9416653ed87ec564eb686af1062354a8bd7034c1022cb0d0b6996762ef4a0a3ab4f3deb459f023a867a38fcad2a10fcf0872862b386ff7c5ea7ce13abb112d1f0ed0723870eccc76d16f7e3cc00e28945bb93d9f2bd8e2017993102f0824867ec141f20df951202a2ab1cd796516ca0b4fdd9e6de8b82fcd30f9ab85cf0a5547e1ad1ef1ad5be7a878a16864d7c06b4ae002f3ba485a9bb36b8a591ecb64a4a5c0fd3b4beb015f58ea4cfe190f3b46cc4d9108d10c52a9de859814edac575d2a3d937a9b31db049e70aa76c085ab63d61c1317205c228f7027fa39125de8fec40ed7982e36a7cfa9fedca30f0b692bd4c7794f6b56d69ada1fed168cf03cc57321fe37e3a8cea4bd093e87b657fe5acb13d2591bebb526301d16707eaa38e52f913f8aa3e27b2387ca1a217ac69966e287ad5cb0286535d5d00b7006661dbc7923a066945c1a2040a4e95d7b0de4dc8217bf1d4e9b6cccc671fdd9a5770c21e749b407df8c463a3bf17e47bfcba6a890a0435d3fbb7252fe072b149b7bfeb185b088686dd70e0c9cda275497b553aff2b319f7d7b0ed64002c5f9f6ccfc3d55d8c908d314487452f37a650f4561326a84c660b6111702a87db03595b5d080c60288203f091de9f78b997e47233f4bab9b044a98ab118a6c45b7ca746cc2fb90182a923d67216412e24a955c0c2307acc47bdd319955249d8412a5ccf444437f53f524c69ba0167c920f0c1f775cd1a225636200a9e4adf61f418d20f717339d0c8c5386af0936f628cc589a8d5581c1c8cad0b564a3f38b606473280a3fa586a5ba932fd38eeb23096df29a92ab54c409f88ef4f03217f0bb90fea539e629d8a025c802f6b5c3d735fe950c8ff7136e6db287851dfbffea1ef81491a50cb75a103367e85afa3484d6af865dfbca91dc05632b0d94aa384ee0c585424a5ddf80babe0b913b0a2eedda34c7ea7814642a69f8eae868274b16fe0f52fb60b201e6685dad3f419413d5b8186992855a25ffe0d4773a14c7977181a120cbc42af4f9acca3fee1d54ccc125ea49b62ab60c58a0ecdf50ee7c16f3b6b12b254fc08fcc85d409eef7c3f30cf705617f926a17e6588a9fd7e34be9fd863a7b157a2d9a336356d568c2d2dbaf76c2d2b2ff8703748b860e36f02b04d6e4f2fd49511f12ce395dc18622cd51948a32cc432cd797d8a68838cebbbdd9bcb6f2e85719785706012e894cb043bb9a53998131fd4aae3321d81fc001e718c4a99c0580af1d4a0c81665cc5adcf337c8bc00fc0fb3c7be0d5e5ff6a6fae5891858eafedbed69223170ccc71ce36ae439d769c3520972601fbab93f54808d6950cb7cf1e5a3b32d8c6a975e3adccca0b2ee28a4eb5ca3b0ceb9d31a8f767c3f4486a62215171738007675a55abf5916513f7eb9b21ff291f2b4b48bbfcf394cf861fe016b3680be422a8bff49963ce096d1bc17186822b1392e68b1a05fa6c70bd2d9a164f12301a6e78caa8f4cd437497320d383e752dd224aeef80794d3f206741363e74fa181c9f1dc47557553de620794f096c59ccd74a178f5adb466ad5a62fffc1886f56ebceca4ed46ed2396bcbc31160b4eb1b7d69642e33315e3adbdbe1b9794931e7babf745ecfca37dd4190013793d530df12d6521bc069a05a94e0ffe91900a0c2209a6914d2f85bd161ff77284198129a9b1ba600bda3e52769d39c1bd61c4a70c627c3ad89aa0bdf0c93a2c35e166da9a08b4d2f92deacb6e9034274305b6d254c4052868ba32bec9aa3cec75debe24e78e43374efffe444722a983935f9007fe3de37dd83c52be16e034d09592a179275dd0c91281be579cd19c0162123886893713f25cdae19cf258926bf2070741111eee6b3df708c3fc416b7d046c948bf8500779c0cd5460e640bb1f860f58052b8087e6eb2f16e48f4984c9f9fc9fb2652ac5305861ece5362db08ae912ba055af766da1322057d0bfa647d98b8d4f1e7ed43ecdf1050c0eb19dae93b8014da57241cdab4ffacf0ec1348d4a89b3e8ff187098d83d8eba34e5c7ad4215f1977968a9d337d08fd1188754e7cf41baf0189ccaa5f3b1005f807b0255ce1920ca7d919e4684af70c3d089a99922727c607a2b06e713dd61122842a913036f6cd64dfb313fbdf639fcbd712852bb85337d056685b0a54225ae27e1e8c7ce5acd1f017b8f712c268b9cc0ee26d26c63f0a8b0a40fccec5f945431a2e81c35720d178feb481092e4f51978493c5fd502f252bc0152f145f268ead14932990069169483ecc7abc901657460c8730715c078b61059bd2621f50fb838376e0b808a3f118f761efea45bbac4274016960063cc67c428e72e516685552dc3bf473e442d76f2d3ed07b319694490054302a538b52e3b8496b7e37fbf4a2ffff2b484f98fdb14c66ecb8447834733f8a7a5a3c83de34b6647842dd56d8201f9d9240f3b3a5b5cbccf174a08853d06fd164fe74e04608ae12df8a35b73517d22a87c7ebca60942932d03102ff7e8644611b5520b5ebce950945498ce19210c866e48284d18fb7e049deaa43ee5283e3dfad7316ba85490e93182d13efe7ba64ee5ceeaabcff3eb24d46a3a129dd5a6b82e8c48210cb1e6564833f3e15dda4dec383b4319741cebf6374cf2c5d64722afccf7c4e2d81ae28d45f2c35b764281f1f08fec8f8e9277277ae1ae8a8981f85e041d2450afc9374e978f73b66da9aadb2087223f28e21e946eb07710ec86cdcad0948d4ca93827ea34e28806d172c3feb83471ed2d4d7ada2360b209d16b9d35861082d85b6be3c3589a6bdaf6f9b5d52ac8fd7388e32b24f1d5d34b5442c1ceebde311decd709f075d064f07bc60ab14c101ef51039eed56ae1e0a374e3e956603737b3a16db684a81e9b8998a0bb9b17a0876a92b2a3b9924f44b16ae4c7ff376ea8a8c91b504c1dbeb522cf846fc3ec6b9a01f452eeb35cade34c6a0463b92c46e013ee7906ee934141870ddd1464ae688805933504a2dc7cb1f947e28bf22f5eea6afb5de3b950056bf44065b84fd5589385d0feec4ef1db4fb4b595957130e575dc383e3686f4674143debb23e17b398f32683fb4805f297369d0e5f2e63af6891491e4e37186b4a3dffbbdcfff63d1fea4e12d24ef96fde3ed7a323a3605cdf5eaa43da738004556c2c20aa30c40079bc2e9ebe102c1fcf5259f1e3acc6b2a2bc9da4d0b1252433c58a1810581152a235e93deabf7f728eace350bcc4db4f249d4234bbd858c4e61a0eda4e3db0ae530c78eb63425502d651fd0cb986341ba69c44ede18eb3ebf25b2336cdda02447a9e20426d8206368c63b5fd6828612d3b99f627e331bab0009579de8270c36aa03861c300d34f2a3703870712325190073e6c17d8699f6744acb1b5468f93b57ab0366796181a4f543511d7ea2b32606c33cda61e81ed1c2194d305be47a3f1a9145d023620af12e79ec188573526ec35b9ce44e95fdb3530bd0431dd12a227d0ffe317cda1bbd787979261d6c9cf728b3d6bec3ba6ae15a595a30fc242bc5f25d837c1c642219afcfe043bb68a82965574b8b2139789235b262cf4af95a538e6954acf8e27ac3c95328df6e4bd615a376cd96bbc9e0d9802fbb40f80a848225e076219e26e0e63f57330b8bda69ec8dbd8b3272798cbfbb085b1885a1c22b3e2df2a879020ac1110b7af4f53ac97f556596ba0e164df0c85842026a87cf9631c9c9d851549efd8ca37e3b863e88436d5da5f4d3b5b5528e2d08d92b0d3ac6a06a0699653718e93a25b5afe254a068e300751eb6c67e3f5a1813d58d428f1ec108b88ec81444ccb50e8452941510c11f2e80bfd712f64b32b686c92ce922baf6c8eed1e9f0717a654d53b3ce1001880de80b5b15362b20286db9dfdf6c41f48aae84d5ab12ac45310f0eefc56e54113bcf95c1b2a259895af2ae9c679de4e2b898bf8a40a199a2059f8248c1303351dca3fb38906a682f66a94ee660debd6eaaee7b2f1051781084b3c9d626263d011a3daf971b708750a77614753b89b5e1a77a52510ced5708083fb48c554dfd6aacfcf97650f3a3b3f97566050e76da968d4eceb83bc1e005ed1596d6e0ec5e2c90231e62496d7435ec5b28f805e3b7aefdd3718e4ff53065b8e4b15175d80eec59218d8278e711c6049bf6d62ae7069578e957135463d7616b37c1e4bf44d60dac6c7aa04cbbc4a64bb0cc0b059abb6b26f8ed5203232ddd8a6c5882e6e6c53068a71bc84c5834104e85bc96db2163798a3881929248b8c788e5bdc9e46e5f7f3f6ad43fad6fa381a0b924bd938702470b330fb90ba73d557c0d203d55edaed6e3a01aeb53b061dad57713ab27e1a9e0d06b534a65d85beb061bb5258bbb38179ea612a6f402affb8ca018ebf0d6f61d44d5a657c080c7d2dbc9b08c07713b17b0f173ada59b57abb401212f4f1fa026491b48d08cf46a704ab43e46de8ea596d68658523b61a156278b3b77bd1f4491381bfd874ed72b00675fd5b4b7c0ec13c6837434ba8e22230d32e7bb1287e488e14f5c5602cd4ca88012b244c7f23f4897e27027aa862ca139bc8b5fe14be7554832ab02e4ba19699a1e66825d94c7c44451062819a38d3376f0a3716b210c7adf4bfbbc303058aa2e054b3bd53539764f177b11b05451705550f90196997de3d1d480e500cd9d234078cb1a09c63d8911381d327402702c2765fe92b8ba3a0189b2b11b7460996c36eaae3ecb4f4e63bfafd7953ff086dfc0b12e616bbdca4707631467b830d244bd3f4371744bc8a4baac728a397818875d1b6a4a2f0d10be607122a6fe813f52e4456b8a5eb6c9ee0cf889f777a03cc26a055f9f259cfc4f8552b568a4b371260af062619dfb215ecfe7b318f8d627d2777bd5103d6ca2948d19d5812112962b63c2bf3d090ff19185dbc5ad49a580451de717c0baa288cd96669babe88a8b1ab6d0936c4c407878786695f46f59ef06c5c2166b661542c598b6e0551d490946182841184a7a0e669c6ccd73a342f65c4525dc7522dccab15fa72bd07588b5bca71635b9466ca72a504c74cca1c573e8d40d83d1b5c5326481ff8a2055a2e0fb997fe8e4787deaa2a8a57afe74a971e7f1f280895f2fc9d99c41416adef7b70ec47e7a12d0ca3c0ab1dba3c2d65bb172fde1fcd7f97692d3d8c9657e3277ce95947d59bf37dde3f35f7a5d76575f5c14caf7f0926c0896995a5f42efd0d38c42de202bea5b5db39bf697f9a96b54aefec723db523893186634763e7399bfa8029c2708dc817984528601c77a1d78bd4b2c85f10f5ca9363badcdab51a1b315cafa5c2ef64f60395f53efb9d60d89e1b2a5f147508c90d2b09476eee3cb9b5957669a77cd2c522909480dea9be3406d1779ffe4539f2e03efb5f8c2d040f0ea776ff869a36862246294d0ced556a129ef78327617052dc1ef5cfb4e5986ba2f0e063b90e1657d8977b58827a3c4e3d556eb3cf0540685f7c9eda461aa2ecc539fec3d2d56be99a518f11752f2be2f670c5fbe8010ac4eae0ede31c1a48f747ff2eac9fc069d3700a40bf5fcda80a3a4f5fa920f117a72de6da51195d2d7f0cc92ff7835bce2ba6b564832f582df56b24cf30c8297a826a4bbfe0afeb1da3e986b3d0a95509e0037d212a70178ecb246061e067238ea9238e4c4a9a7c6fc5dcba290970f50c52598423336c523f2de7580d059fb53934cb0beb208585e897fafeba30853e54badefa197478fe6b9f26ed0d33babb53acee7b7221d8e0cad7a6bd0d9383ced6391bf88ca7aa50c75c136075e87b92445f02fbbc92f7cb65fe2bbe0bf0c9fc2577da63a56f1efbeb276c1f4d01da6f6f7a842212d96dd45edcd2aee7f2c553ace15eb9336bb1804ec252998c5c8b25033894b05c01ce7c77b73ec0e239478c67d5378fe5a53fe6269025d54006e9bb1cbd09b81a39615517c609f3d74e377888f641587121f0f097b48d8be85800295ebab9407978a9cd379966577cb6e1f5261e4305696a2cdd50d8cb1964d3ae18ec730d40f9c782533efba47db8378c6aa15ce85985e211fff2659729599802a7b585cbef3a2762595f67e2054a0fb4457b146e7a656abb2c4b2387d760f7e5b8b7864132317d5ba29a662f50af8dc182d2fbe216db8e997ac856bc59855ca48999699cd6c5576cc47bf8a8c30638c7e08847e5083aa82068940409461d1065c2b53292d3ab145d5bb590bcd278e48ebd34920b18a2e1731c1855ae5a3ed637ff568d205a08cf98c58f5d79c99912e6c1ab257ece0d68ef13d69a56364419aac7df43f43d5faa9ad851c9810648f9050012e55475109ca3ada3452b78a7964377e0d862e022c73ca3ed6cee8c5fbb2d7c12f91c4851fea7c5b02e0a3c5364b7fcca110f20f8858465c498d7e9c6049417fc5c7d4e0059852a6d794af426e938a401cf43b2ba9f4f3f6f0f2eb710ecf3c0c36c4b3072597f805eca9cb14602292ec7d5601e6b1555c8d024aa4bb81a4cff98cb03725cb184ea7dbed6814106a1402bf68a2e51660af930a500d5530651a0dbf2fdc01a31a99be25350b5c8a5fe01155343d028c03e09009ef2c386a24eba8d842cac581402c8faec7dca1623afe25a230d8d4a8bd23df3cf12abedc2a50e387285acf1b3105011a2bdefb204a53b20be213b50f5244511f25852271e05c03fb9a799ac7ea675ffbde8de181368748a9707674e7e70f28a75e4036b6cf9e0693f91a65be4478b6630067ad8dae030a4b7b9784a206b2f7cfeeefc65aae11fc20190f4d6387bab05fa6de640bfbfb0c4f604878771aeace0676d12325e61b19a5317c4d4bb9fe6f3fc8b171f1116528b7cbcc4a91c26a729b512196828075f4d0aeac98887e2a6a19b4e1f1f66233962961c0d49df14c3e6123c9ec8dd7152ad045000107365fd5ed7ce6a6d65ae0736a7e227f77c9b0903d4589ac58ceb691583cdb93ae3fc792c886663cb7c5b0640deb66e29b3c69d2f1a3d1d47d7b672ee3c49e90bd406aa84a0189808924c4e67c5495b045e779c58ca65b42889f52d7315c66be3716dc8592b4875629cd0cb02c29d42bdf9ca5c16bc9051c2a6c09d0695bfba58c19a995838c022e9936c407d8999aa65e4a9d6d8eff99f8dcfac9b561375b6d1293441b9d32533161062c053c63ef09f6100cd748700a710f5bfc2a6297b15242b1f41e21bd004b885d6429a0d334a8c115f7d53d278dad24c9d295b97c50eb340d1e6d523f1757e2014c1605c3bd35f0cfdb74f79850423a37e2f95dfe41c56df09724d21065377f1818311f0c70aaf6fb2d4fc8d9eef576136617371d85481770ce9c390859eacfebba34e75a238ce80bcccadd6c42e8e186be3c15451131fbe9e345c05ab8e23f917d269686a9b5f06dd474f95757b9e5a3328416595539cbdfa69efa9702e5a268b1a70c6e5ff2c118a6e574bfecf17b1576e4f2f7ee566b0b2b5388476a68562991ac01412fa463b0f9e586ad4bde59e91a4b303268b5d8644cb7996cfbba422facd59875ed6ac057e563412255c412be0928a0b6fdb6f35d7008b5d5528ca796a4a69bd90b993a52da9c7d62f4b71a2763f822bb39f3ed39cc5ad5a4d51b5c27d31d105000f3f1e705ed5c42067106f3fe6d30151021bcab7f3a1ad9175b3d3644325aa676b9e057bf9d9aa3348b1d9b31bd639c59bb63f46a6c18794ae006db3b1ee20368160a82e26aee5a9fdc6b44df8be294f3ac0a1275e57ebf5e384b141ce89dd51aaf2248274468894645ba54bc4e6b9788b1eb5043c1f0dffe2e13c6179d0238d8cd037b6fe3e484445ab458fa09e4e8010d3288aa6e6cdbfba4b62c7984d058da8993d5de1df75a1ce8e3bd5875709fd2ede4cd5843e7102ed4031ed096a0c6e3ae9d522ad95ef4af83599507dd32fe3325819cdd7718c9797e921e6e365175e1dd53991edcd2baf27df8b1670d01967e97b3e3e75d297f908deedf2e3b91bd61973e8aa75a5a6f9db11525dd35556bbd13873602a320af74677832f93bd01f1e0631c882c8ab254a26b73a60a6c90cf9b96bd576e05b9befbce882c5d29198451bd15acaa894a5276ea9d870f49a33ee9d2429ef35a905b281deb75be54fa0c9e47be5876d7dce01986f2d0e7ae6df9b87a0ba6cfa55cec0c65dd386db5adc427eac18a00c9aded475417add4ebb8880ef3dd218a9ec3e6e13456f8de1630774e918fe5288dbaec3dd2a74698ec9e28ad573761b9e78af3d5c7a61e3eefc1a54c25bb841529b3fc9137836a2e7eff5ffae8e44f0257160da51ec0b3d144b92f1f43d2782513705baf5930903602d40cb4de87feca7243d2248a78a5d684e303ae147acc96e0b755eea77092b5f6efa723afc6c9a44c575738725815a9af1ced500", 0x2000, &(0x7f0000000200)={&(0x7f0000000400)={0x50, 0x0, 0x100000001, {0x7, 0x28, 0x7a, 0x2143040, 0x4, 0x9, 0x2, 0xfffffffc, 0x0, 0x0, 0x190, 0xfffffffd}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$FUSE(r1, &(0x7f00000080c0)={0x2020}, 0x2020)
read$FUSE(r1, &(0x7f0000006080)={0x2020, 0x0, <r2=>0x0}, 0x2020)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040), 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r3=>0x0)
io_submit(r3, 0x0, &(0x7f0000001300))
write$FUSE_INTERRUPT(r1, &(0x7f0000000040)={0x10, 0xffffffffffffffda, r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x180, 0x0)

18.51904059s ago: executing program 0 (id=606):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r4, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r4, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf1c)

17.025203108s ago: executing program 0 (id=607):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0xd, &(0x7f0000000380)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe}, [@printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}]}, &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpgrp(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
fanotify_init(0x8, 0x1)
connect$unix(r1, &(0x7f00000027c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x2d, 0x20040040)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000600)="87fc5d85da21530562070095c108", 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x40}, 0x50)

14.947200835s ago: executing program 2 (id=610):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000005180)={0x2020}, 0x2020)

13.303622168s ago: executing program 2 (id=612):
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
ioctl$SG_NEXT_CMD_LEN(0xffffffffffffffff, 0x2283, &(0x7f0000000140)=0x4000068)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
syz_open_dev$dvb_frontend(0x0, 0x59d14cbb, 0x882)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$SIOCPNDELRESOURCE(0xffffffffffffffff, 0x89ef, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
connect$inet6(r0, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

13.089671346s ago: executing program 4 (id=613):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)

11.796693517s ago: executing program 6 (id=614):
mkdirat(0xffffffffffffff9c, 0x0, 0x30)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x10012, 0xffffffffffffffff, 0x1000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
futex(&(0x7f000000cffc), 0xb, 0x0, &(0x7f0000fd7ff0), &(0x7f0000048000)=0x1, 0x0)

11.40676844s ago: executing program 4 (id=615):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x200200, 0x0, 0x5a, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
io_setup(0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000006200), &(0x7f0000006240)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
add_key$fscrypt_provisioning(&(0x7f0000006100), &(0x7f0000006140)={'syz', 0x3}, &(0x7f0000006180)={0x1, 0x0, @a}, 0x48, r4)

10.582994387s ago: executing program 6 (id=616):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket(0xa, 0xa, 0x300)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0)
getpeername(r0, 0x0, &(0x7f0000000080))

8.218167383s ago: executing program 0 (id=617):
socket(0x2000000000000021, 0x2, 0x10000000000002)
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f00000001c0), 0x1, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x14, r4, 0x1}, 0x14}}, 0x0)

8.217219343s ago: executing program 4 (id=619):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x18, 0x52, 0x1, 0x3, 0x0, {0x1c}, [@typed={0x4, 0x1}]}, 0x18}}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x1e, 0x1, 0x0)
connect$tipc(r4, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10)

7.316232222s ago: executing program 1 (id=620):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
socket(0x40000000015, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket(0x2, 0x80805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008000200fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r2], 0x5c}, 0x1, 0x0, 0x0, 0x40800}, 0x0)

5.472530352s ago: executing program 6 (id=621):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="0000000000004a641c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff0000000001000000000000d7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000980)=ANY=[@ANYBLOB="3c0000001000030425bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0005000082180000140012800b00010062726964676500000400028008000a00", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x24000884}, 0x8000)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00030000000000001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8], 0x4c}}, 0x884)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)

5.271965989s ago: executing program 1 (id=622):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r2)
r3 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x86)
fchdir(r4)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r5, 0xff, 0x2)
getdents(r5, 0x0, 0x0)

5.271583649s ago: executing program 2 (id=623):
openat(0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x141042, 0xdda01e4938171605)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xe)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
listen(r0, 0x5)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x103)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x80800, 0x0)
signalfd(0xffffffffffffffff, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x10, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

3.744116758s ago: executing program 1 (id=624):
socket$netlink(0x10, 0x3, 0x0)
syz_io_uring_setup(0x5d99, 0x0, &(0x7f0000000140), &(0x7f00000003c0), &(0x7f0000000000))
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x8001, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}, {0x0, 0x0, 0x0, 0x800, 0x7}, {0x0, 0x0, 0xe6}, 0x0, 0x0, 0x0, 0x0, 0x2}, {{@in=@remote, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close(r0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@multicast1, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe, 0x4}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfc, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8, 0x4}, {0x0, 0x8}}}, 0xb8}}, 0x0)

3.557374644s ago: executing program 0 (id=625):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000300), 0x802, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x1008, 0x1, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff5, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x4000004}, @TCA_TBF_PBURST={0x8, 0x7, 0x22b}, @TCA_TBF_PARMS={0x28, 0x1, {{0xfb, 0x2, 0x0, 0x2, 0x0, 0x4}, {0x2, 0x2, 0xffff, 0x8, 0x22, 0x10}, 0xfffff, 0x3, 0x229d}}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r6)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.439690398s ago: executing program 2 (id=626):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0xd, 0x8b, 0xd, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xe, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x4, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffe00, {0x0, 0x0, 0x0, r7, {0x8}, {0xffff}, {0xfff2, 0xffe1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xe, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0x8, 0x6, 0x6, 0x1, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x5, 0x7fff, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x8000, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0x3, 0x5, 0x2, 0xfff5, 0x4, 0x8, 0x7, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffe00, {0x0, 0x0, 0x0, r10, {0xc}, {0x8}, {0xfff2, 0xffe1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xe, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x6, 0x1, 0xc, 0x4, 0x10, 0x4], 0x3, [0xb, 0x5, 0x7fff, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x8000, 0xb, 0x3, 0x5, 0x6, 0xd, 0x1], [0x2, 0x5, 0x2, 0xfff5, 0x4, 0x8, 0x7, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
close(0x3)

3.317185982s ago: executing program 1 (id=627):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x4000000000091}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
listen(r3, 0x8)
accept4(r3, 0x0, 0x0, 0x0)
r4 = socket(0x2, 0x805, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f00000007c0)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8)
bpf$MAP_LOOKUP_BATCH(0x19, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x2, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x8, 0x4}, {0xb, 0x5}}}}, 0x11)

2.966315403s ago: executing program 4 (id=628):
kexec_load(0x3, 0x5, &(0x7f00000005c0)=[{&(0x7f0000000000)="6509534a17aa723cba21a9d63c6a556b30b910a580cb50d65e9fab1ed59a7eb00a7109e4a355bed417bce60d6a5baab4bbecc5b2faaf2eba28c331345b612f1f4cbfdfa7bcb9bd2a0fbc8d7786bb68cff61167b98ef0adfbb79545bbb2c409be3adb3b54846920f1b194db5258279e8d06b863d51c0f90", 0x77, 0x5, 0xff}, {&(0x7f0000000100)="047715ac7141c111fab2fcda5de4dc8b278029bcb1bd17524f177856cac105f463c77e2d2ab44d875217dc82baa911f236f959fb9227524d4fe6b621a19823457d04c399283edbac755852623c82f7206d26e918a2981c8f68476969bf8c4bcd37ba24e4ba1683339879a11b854a7478f898805f327af12eaab8ac918c201b7f932e124796f1aba03e031312bd7e67403651abac282b310f420dbcdea31d52854783d695", 0xa4, 0x5, 0xffffffff}, {0x0, 0x0, 0x5, 0x4}, {&(0x7f0000000340)="8c4e55be8948c65379def4df90ce301f71e7d4e4921490b3aacd4082ccf6531bb82dbd4d13dbfbeb16", 0x29, 0x100, 0x9}, {0x0, 0x0, 0x7, 0x2}], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002840)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x20}, 0x1c, 0x0}}], 0x1, 0x14018891)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.13682164s ago: executing program 1 (id=629):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000001280)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x138, 0x10, 0x1, 0xbffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@empty, 0x1, 0x3, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a, 0x0, 0xee00}, {@in=@loopback, 0x4d4, 0x6c}, @in=@empty, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0x83}, {0xfffffffffffffffc, 0x7fff, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x0, 0x2, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0xc801}, 0x10)
syz_pidfd_open(0x0, 0x0)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x80080, 0x0, 0xff, &(0x7f0000000140), 0x0})

2.105279962s ago: executing program 6 (id=630):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x1c1102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
syz_open_procfs$pagemap(0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4c840)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r2, 0xb)
accept4(r2, 0x0, 0x0, 0x80000)

1.299923388s ago: executing program 1 (id=631):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000180)={[{@init_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@nodiscard}]}, 0x3, 0x466, &(0x7f0000000800)="$eJzs27tvHMUfAPDvrl/xL/lhE8IjD8AQEBYPO054pKCACCSKICFBQWvZThRyiVFsJBJFkCAUKkRDjyj5F6igQYgKiRZ6FClCaZJQHdq7XfvecS5nn5P7fKT1zezOeuZ7u3M3u3MbwMCayv4kEbsi4s+ImKhm6wtMVV9uXr+4cOv6xYUkyuX3/0kq5W5cv7hQFC3225lnptOI9Msk9reod+X8hdPzpdLSuTw/u3rm49mV8xdeOnVm/uTSyaWzh48effnI3GuvHn6lJ3Fmbbqx77PlA3vfSYbfPf51ti4t4m+Io0emOm18tlzucXX99f+adDLcx4ZwR4YiIjtcI5X+PxFDsX7wJuLtL/raOGBTlcvl8s72my+VgftYEvV5XR4GRfFFn13/FkvjIOCNzRt+9N21N6sXQFncN/OlumU40hivpEYarm97aSoiPrz073fZEptzHwIAoM5P2fjnxVbjvzQeqSn3QD43NBkRD0bE7oh4KCL2RMTDEZWyj0bEY3n58Q3W3zhJ0jz+Sa92HdwGZOO/1/O5rfrxX1oUmRyq5MYqY8DJGElOnCotHcrfk+kYGcvycx3q+PmtP75pt612/JctWf3FWDBvx9Xhsfp9FudX5+8m5lrXLkfsG24Vf7I2E5BExN6I2NdlHaee/+FAu223j7+DHswzlb+PeK56/C9FQ/yFpPP85OyOKC0dmi3Oima//X7lvXb131X8PZAd//+1PP/X4p9MaudrV+68jit/fdX2mqbb8380+aCSHs3XfTq/unpuLmI0OV5tdO36w+v7FvmifBb/9MHW/X93rL8T+yMiO4kfj4gnIuLJvO1PRcTTEXGwQ/y/Hnvmo+7j31xZ/It3dPzXE6PRuKZ1Yuj0Lz/WVTrZFP+tDsd/LTWdvzZ//g01xbWRdnV3NgMAAMC9J7u63hVJOrOWTtOZmerv5fdEpKXlldUXTix/cnax+ozAZERa3OmaqLkfOpdf1lfzlyOi+tOCYvuR/L7xt0PjlfzMwnJpsd/Bw4Db2ab/Z/5uvq0G3G88rwWDS/+HwXW7/v/5FrUD2Hrdf/8f2+jvPIFtqkX/169hIIy1/P435ofB0ND/TfvBAGno/zv61Q5g63V//2+0p+0Atp75fxhIK+Nx+4fkOyaK/9Tl7vdtIka2RTM2LRHptmjGtk2M3OP9on+fSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL30XwAAAP//cBbcWg==")
chdir(&(0x7f0000000140)='./bus\x00')
socket$inet(0xa, 0x801, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x84c18000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x10, 0x78}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
mkdir(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x142)
rename(&(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.286265908s ago: executing program 2 (id=632):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)

724.086366ms ago: executing program 0 (id=633):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff2}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000011c0)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r9, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x7, 0x0, 0x3, 0x0, 0xff, 0xfffffffa}, {0xfa, 0x1, 0x0, 0x1, 0x2, 0x2}, 0x8, 0x4, 0xac6}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmmsg(r0, &(0x7f00000023c0)=[{{&(0x7f0000000040)=@ll={0x11, 0x17, r10, 0x1, 0x4}, 0x80, 0x0}}], 0x1, 0x40000)

209.124623ms ago: executing program 6 (id=634):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000200)={&(0x7f0000708000/0x4000)=nil, &(0x7f000081f000/0x3000)=nil, 0x4000, 0x1})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x4d, 0x400c080)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x27)
add_key$keyring(&(0x7f0000000340), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900})
r4 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})
ioctl$VIDIOC_QUERYMENU(r4, 0xc008561c, &(0x7f0000000100)={0x980900, 0x3, @name="6c14f9104c575323652bb05c9764e27d0235e28510452c132c1eaa54d11e47a7"})
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000180), 0x4)

151.856485ms ago: executing program 4 (id=635):
socket$unix(0x1, 0x1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@local})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
inotify_init()
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0x8})
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 6 (id=636):
r0 = socket(0x1d, 0x80802, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x1, {0x0, 0xff, 0x4}, 0xfe}, 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r0)

kernel console output (not intermixed with test programs):

alid wMaxPacketSize 0
[   78.454917][ T4319] usb 4-1: config 0 interface 89 has no altsetting 0
[   78.506655][ T4319] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[   78.544861][ T4319] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.554945][ T4319] usb 4-1: Product: syz
[   78.559184][ T4319] usb 4-1: Manufacturer: syz
[   78.588648][ T4319] usb 4-1: SerialNumber: syz
[   78.611368][ T4319] usb 4-1: config 0 descriptor??
[   78.636041][ T4319] em28xx 4-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[   78.663150][ T4319] em28xx 4-1:0.89: Video interface 89 found:
[   78.679548][  T127] em28xx 1-1:0.0: read from i2c device at 0xa0 failed with unknown error (status=65)
[   78.699190][  T127] em28xx 1-1:0.0: board has no eeprom
[   78.894931][ T4533] loop1: detected capacity change from 0 to 256
[   78.913842][ T4533] exfat: Deprecated parameter 'utf8'
[   78.930736][ T4533] exfat: Deprecated parameter 'utf8'
[   78.951792][  T127] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[   78.963184][  T127] em28xx 1-1:0.0: dvb set to bulk mode.
[   78.986462][ T4315] em28xx 1-1:0.0: Binding DVB extension
[   79.005056][ T4533] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[   79.021887][  T127] usb 1-1: USB disconnect, device number 3
[   79.058960][  T127] em28xx 1-1:0.0: Disconnecting em28xx
[   79.085418][ T4535] loop4: detected capacity change from 0 to 512
[   79.147795][ T4535] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   79.233049][ T4315] em28xx 1-1:0.0: Registering input extension
[   79.250427][  T127] em28xx 1-1:0.0: Closing input extension
[   79.258531][ T4535] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   79.266774][ T4319] em28xx 4-1:0.89: unknown em28xx chip ID (0)
[   79.291362][ T4535] EXT4-fs (loop4): orphan cleanup on readonly fs
[   79.308300][  T127] em28xx 1-1:0.0: Freeing device
[   79.309368][ T4535] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated!
[   79.323410][ T4535] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota
[   79.333333][ T4535] EXT4-fs error (device loop4): ext4_acquire_dquot:6841: comm syz.4.46: Failed to acquire dquot type 1
[   79.352854][ T4535] EXT4-fs (loop4): Remounting filesystem read-only
[   79.362171][ T4535] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.46: bg 0: block 40: padding at end of block bitmap is not set
[   79.402447][ T4535] EXT4-fs (loop4): Remounting filesystem read-only
[   79.409094][ T4535] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6180: Corrupt filesystem
[   79.419831][ T4535] EXT4-fs (loop4): Remounting filesystem read-only
[   79.427704][ T4535] EXT4-fs (loop4): 1 truncate cleaned up
[   79.433808][ T4535] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   79.473895][ T3600] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   79.577044][ T4284] EXT4-fs (loop4): unmounting filesystem.
[   79.656728][ T4548] loop4: detected capacity change from 0 to 2048
[   79.675620][ T3600] usb 3-1: Using ep0 maxpacket: 32
[   79.700718][ T3600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   79.731003][ T3600] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   79.747738][ T3600] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   79.760112][ T3600] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.777544][ T3600] usb 3-1: config 0 descriptor??
[   79.785407][ T4548] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   79.794064][ T3600] hub 3-1:0.0: USB hub found
[   79.812337][   T26] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   79.892275][ T4548] process 'syz.4.50' launched './file1' with NULL argv: empty string added
[   79.893684][ T4319] em28xx 4-1:0.89: board has no eeprom
[   79.906000][ T4548] EXT4-fs error (device loop4): __ext4_get_inode_loc:4520: comm syz.4.50: Invalid inode table block 0 in block_group 0
[   79.929436][ T4548] EXT4-fs error (device loop4): ext4_map_blocks:747: inode #15: block 1803188595: comm syz.4.50: lblock 0 mapped to illegal pblock 1803188595 (length 1)
[   79.949033][ T4548] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[   79.968026][ T4548] EXT4-fs (loop4): This should not happen!! Data will be lost
[   79.968026][ T4548] 
[   79.995021][ T3600] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19)
[   80.017747][ T4328] EXT4-fs error (device loop4): __ext4_get_inode_loc:4520: comm kworker/u4:6: Invalid inode table block 0 in block_group 0
[   80.037634][   T26] usb 2-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[   80.047517][ T4328] EXT4-fs error (device loop4): ext4_ind_map_blocks:604: inode #15: comm kworker/u4:6: Can't allocate blocks for non-extent mapped inodes with bigalloc
[   80.064602][   T26] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.072711][   T26] usb 2-1: Product: syz
[   80.077134][   T26] usb 2-1: Manufacturer: syz
[   80.083709][ T4328] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 117
[   80.096528][   T26] usb 2-1: SerialNumber: syz
[   80.097543][ T4328] EXT4-fs (loop4): This should not happen!! Data will be lost
[   80.097543][ T4328] 
[   80.123051][ T4328] EXT4-fs error (device loop4): __ext4_get_inode_loc:4520: comm kworker/u4:6: Invalid inode table block 0 in block_group 0
[   80.140195][ T4328] EXT4-fs error (device loop4): __ext4_get_inode_loc:4520: comm kworker/u4:6: Invalid inode table block 0 in block_group 0
[   80.158157][ T4284] EXT4-fs (loop4): Inode 15 (ffff888054808000): i_reserved_data_blocks (1) not cleared!
[   80.169211][ T4284] EXT4-fs (loop4): unmounting filesystem.
[   80.183002][ T4319] em28xx 4-1:0.89: Identified as Terratec Grabby (card=67)
[   80.190235][ T4319] em28xx 4-1:0.89: analog set to bulk mode.
[   80.199894][   T14] em28xx 4-1:0.89: Registering V4L2 extension
[   80.224071][ T4319] usb 4-1: USB disconnect, device number 2
[   80.263236][ T4319] em28xx 4-1:0.89: Disconnecting em28xx
[   80.345554][   T14] em28xx 4-1:0.89: Config register raw data: 0xffffffed
[   80.353995][   T14] em28xx 4-1:0.89: AC97 chip type couldn't be determined
[   80.361060][   T14] em28xx 4-1:0.89: No AC97 audio processor
[   80.372445][   T14] usb 4-1: Decoder not found
[   80.377084][   T14] em28xx 4-1:0.89: failed to create media graph
[   80.385091][   T14] em28xx 4-1:0.89: V4L2 device video103 deregistered
[   80.394301][   T14] em28xx 4-1:0.89: Registering snapshot button...
[   80.405232][   T14] input: em28xx snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.89/input/input6
[   80.414948][ T3600] hid-generic 0003:046D:C31C.0001: unknown main item tag 0x0
[   80.432291][   T14] em28xx 4-1:0.89: Remote control support is not available for this card.
[   80.445074][ T3600] hid-generic 0003:046D:C31C.0001: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.2-1/input0
[   80.457969][ T4319] em28xx 4-1:0.89: Closing input extension
[   80.465777][ T4319] em28xx 4-1:0.89: Deregistering snapshot button
[   80.519203][   T26] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x04B8 pid 0x0202
[   80.520287][ T4319] em28xx 4-1:0.89: Freeing device
[   80.570880][ T4563] binder: 4562:4563 ioctl c0306201 200000000080 returned -14
[   80.626734][ T4565] binder: 4562:4565 ioctl c0306201 2000000003c0 returned -14
[   80.904881][ T4573] loop3: detected capacity change from 0 to 512
[   80.970977][ T4573] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   80.991987][ T4573] ext4 filesystem being mounted at /8/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   81.127267][ T4540] usb 3-1: reset high-speed USB device number 2 using dummy_hcd
[   81.308051][ T4277] EXT4-fs (loop3): unmounting filesystem.
[   81.556430][ T4540] usbhid 3-1:0.0: reset_resume error -1
[   81.739567][ T4595] binder: 4594:4595 ioctl c0306201 200000000080 returned -14
[   81.793219][ T4595] binder: 4594:4595 ioctl c0306201 2000000003c0 returned -14
[   81.803381][   T26] usb 3-1: USB disconnect, device number 2
[   82.261774][  T129] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[   82.443452][    C1] usblp0: nonzero write bulk status received: -71
[   82.451115][   T26] usb 2-1: USB disconnect, device number 2
[   82.496159][  T129] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[   82.651203][  T129] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 280, setting to 64
[   82.850949][  T129] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e
[   83.006256][  T129] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.138822][  T129] usb 1-1: Product: syz
[   83.196169][  T129] usb 1-1: Manufacturer: syz
[   83.261094][  T129] usb 1-1: SerialNumber: syz
[   83.392337][  T129] usb 1-1: config 0 descriptor??
[   83.397992][ T4598] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   83.418572][ T4544] usblp0: removed
[   83.424123][ T4611] loop4: detected capacity change from 0 to 512
[   83.434059][  T129] hub 1-1:0.0: bad descriptor, ignoring hub
[   83.440510][  T129] hub: probe of 1-1:0.0 failed with error -5
[   83.514145][  T129] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input7
[   83.530817][ T4611] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   83.823618][    C0] usbtouchscreen 1-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -1
[   83.861801][ T4317] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   83.869695][   T26] usb 1-1: USB disconnect, device number 4
[   84.084571][ T4317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.102354][ T4317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.117875][ T4317] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   84.137917][ T4317] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   84.152809][ T4317] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.178017][ T4317] usb 5-1: config 0 descriptor??
[   84.595471][ T4317] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[   84.624364][ T4317] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[   84.889471][ T4645] binder: 4644:4645 ioctl c0306201 200000000080 returned -14
[   84.898392][ T4647] loop0: detected capacity change from 0 to 512
[   84.908762][ T4645] binder: 4644:4645 ioctl c0306201 2000000003c0 returned -14
[   84.961095][ T4647] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   84.987417][ T4647] ext4 filesystem being mounted at /15/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   85.247892][ T4276] EXT4-fs (loop0): unmounting filesystem.
[   85.273916][ T4276] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5952: Out of memory
[   85.291333][ T4276] EXT4-fs (loop0): Remounting filesystem read-only
[   85.298415][ T4276] EXT4-fs error (device loop0): ext4_quota_off:7147: inode #4: comm syz-executor: mark_inode_dirty error
[   85.325640][ T4276] EXT4-fs (loop0): Remounting filesystem read-only
[   86.131750][ T4317] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   86.175641][ T4676] loop0: detected capacity change from 0 to 2048
[   86.192954][ T4676] EXT4-fs: Ignoring removed nobh option
[   86.257295][ T4676] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   86.337412][ T4317] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[   86.355130][ T4317] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.401482][ T4317] usb 2-1: Product: syz
[   86.419672][ T4317] usb 2-1: Manufacturer: syz
[   86.438671][ T4317] usb 2-1: SerialNumber: syz
[   86.458381][ T4284] EXT4-fs (loop4): unmounting filesystem.
[   86.697269][ T4317] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[   86.722188][ T4317] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[   86.756263][   T22] usb 5-1: USB disconnect, device number 2
[   86.796774][ T4686] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.805479][ T4686] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.840409][ T4686] device bridge_slave_1 left promiscuous mode
[   86.848349][ T4686] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.861364][ T4686] device bridge_slave_0 left promiscuous mode
[   86.869955][ T4686] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.929821][ T4276] EXT4-fs (loop0): unmounting filesystem.
[   87.083612][ T4322] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   87.123557][ T4322] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   87.171245][ T4690] binder: BINDER_SET_CONTEXT_MGR already set
[   87.190434][ T4690] binder: 4689:4690 ioctl 4018620d 200000004a80 returned -16
[   87.621602][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   87.681857][ T4319] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   87.903405][ T4319] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   87.964266][ T4319] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   88.068021][ T4319] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   88.181008][ T4319] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   88.247770][ T4319] usb 5-1: SerialNumber: syz
[   88.354988][ T4317] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000080. ret = -71
[   88.402509][ T4317] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[   88.412957][ T4317] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[   88.430214][ T4317] lan78xx: probe of 2-1:1.0 failed with error -71
[   88.440718][ T4317] usb 2-1: USB disconnect, device number 3
[   88.545375][ T4319] usb 5-1: 0:2 : does not exist
[   88.607723][ T4319] usb 5-1: USB disconnect, device number 3
[   89.463926][ T4725] loop0: detected capacity change from 0 to 256
[   89.671449][ T4731] loop1: detected capacity change from 0 to 2048
[   89.681680][ T4319] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   89.691023][ T4731] EXT4-fs: Ignoring removed nobh option
[   89.741529][ T4735] loop4: detected capacity change from 0 to 128
[   89.911361][ T4731] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   89.921692][ T4319] usb 3-1: Using ep0 maxpacket: 32
[   90.090247][ T4735] =======================================================
[   90.090247][ T4735] WARNING: The mand mount option has been deprecated and
[   90.090247][ T4735]          and is ignored by this kernel. Remove the mand
[   90.090247][ T4735]          option from the mount to silence this warning.
[   90.090247][ T4735] =======================================================
[   90.564522][ T4319] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[   90.572869][ T4319] usb 3-1: config 0 has no interface number 0
[   90.579256][ T4735] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   90.592113][ T4319] usb 3-1: config 0 interface 1 altsetting 9 has an invalid endpoint with address 0x0, skipping
[   90.602678][ T4319] usb 3-1: config 0 interface 1 has no altsetting 0
[   90.611348][ T4735] hpfs: filesystem error: improperly stopped
[   90.618021][ T4735] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   90.626266][ T4735] hpfs: You really don't want any checks? You are crazy...
[   90.634132][ T4319] usb 3-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[   90.643344][ T4735] hpfs: hpfs_map_sector(): read error
[   90.647202][ T4743] binder: 4742:4743 ioctl c0306201 200000000080 returned -14
[   90.648786][ T4319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.664263][ T4735] hpfs: code page support is disabled
[   90.670743][ T4319] usb 3-1: Product: syz
[   90.675277][ T4319] usb 3-1: Manufacturer: syz
[   90.679882][ T4319] usb 3-1: SerialNumber: syz
[   90.686899][ T4319] usb 3-1: config 0 descriptor??
[   90.712341][ T4735] hpfs: hpfs_map_4sectors(): unaligned read
[   90.722799][ T4735] hpfs: hpfs_map_4sectors(): unaligned read
[   90.728843][ T4735] hpfs: filesystem error: unable to find root dir
[   90.730475][ T4283] EXT4-fs (loop1): unmounting filesystem.
[   90.759106][ T4743] binder: 4742:4743 ioctl c0306201 2000000003c0 returned -14
[   90.780642][ T4735] hpfs: hpfs_map_4sectors(): unaligned read
[   90.809583][ T4735] hpfs: hpfs_map_sector(): read error
[   90.824556][ T4735] hpfs: hpfs_map_4sectors(): unaligned read
[   90.830621][ T4735] hpfs: hpfs_map_sector(): read error
[   90.846180][ T4735] hpfs: hpfs_map_4sectors(): unaligned read
[   90.854803][ T4735] hpfs: hpfs_map_sector(): read error
[   90.861273][ T4735] hpfs: hpfs_map_4sectors(): unaligned read
[   90.884006][ T4735] hpfs: hpfs_map_sector(): read error
[   90.959817][ T4319] cx231xx 3-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[   90.987712][ T4319] cx231xx 3-1:0.1: Failed to read PCB config
[   91.663737][ T4319] cx231xx: probe of 3-1:0.1 failed with error -71
[   91.678809][ T4319] usb 3-1: USB disconnect, device number 3
[   92.063215][ T4768] capability: warning: `syz.4.113' uses deprecated v2 capabilities in a way that may be insecure
[   92.081770][ T4319] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   92.281650][ T4319] usb 3-1: Using ep0 maxpacket: 32
[   92.293703][ T4319] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[   92.323376][ T4319] usb 3-1: config 0 has no interface number 0
[   92.329509][ T4319] usb 3-1: config 0 interface 1 altsetting 9 has an invalid endpoint with address 0x0, skipping
[   92.349257][ T4777] loop0: detected capacity change from 0 to 2048
[   92.370482][ T4319] usb 3-1: config 0 interface 1 has no altsetting 0
[   92.428694][ T4777] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   92.464673][ T4319] usb 3-1: string descriptor 0 read error: -71
[   92.477164][ T4319] usb 3-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[   92.521657][ T4319] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.577173][ T4319] usb 3-1: config 0 descriptor??
[   92.602587][ T4319] usb 3-1: can't set config #0, error -71
[   92.649609][ T4319] usb 3-1: USB disconnect, device number 4
[   93.665625][ T4786] loop0: detected capacity change from 0 to 4096
[   93.910524][ T4797] binder: 4795:4797 ioctl c0306201 0 returned -14
[   94.055209][ T4786] EXT4-fs: Ignoring removed orlov option
[   94.099454][ T4786] EXT4-fs (loop0): Test dummy encryption mode enabled
[   94.156022][ T4786] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   94.493519][ T4786] fscrypt (loop0): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[   94.669128][ T4276] EXT4-fs (loop0): unmounting filesystem.
[   94.971697][   T22] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   94.999083][ T4801] loop4: detected capacity change from 0 to 32768
[   95.081378][ T4819] loop3: detected capacity change from 0 to 512
[   95.162000][   T22] usb 2-1: Using ep0 maxpacket: 32
[   95.163243][ T4819] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   95.169762][   T22] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[   95.186396][   T22] usb 2-1: config 0 has no interface number 0
[   95.199915][   T22] usb 2-1: config 0 interface 1 altsetting 9 has an invalid endpoint with address 0x0, skipping
[   95.211013][ T4822] loop2: detected capacity change from 0 to 512
[   95.217872][   T22] usb 2-1: config 0 interface 1 has no altsetting 0
[   95.229577][   T22] usb 2-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[   95.240759][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.248859][   T22] usb 2-1: Product: syz
[   95.253200][   T22] usb 2-1: Manufacturer: syz
[   95.259186][   T22] usb 2-1: SerialNumber: syz
[   95.268120][ T4822] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   95.268826][   T22] usb 2-1: config 0 descriptor??
[   95.318238][ T4822] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   95.406646][ T4822] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082]
[   95.426412][ T4822] System zones: 1-12
[   95.436764][ T4822] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2802: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   95.495910][   T22] cx231xx 2-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[   95.533145][   T22] cx231xx 2-1:0.1: Failed to read PCB config
[   95.539194][   T22] cx231xx: probe of 2-1:0.1 failed with error -71
[   95.591712][ T4322] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   95.599573][ T4822] EXT4-fs (loop2): 1 truncate cleaned up
[   95.611703][ T4822] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   95.629751][   T22] usb 2-1: USB disconnect, device number 4
[   95.785310][ T4322] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.790269][ T4824] loop0: detected capacity change from 0 to 32768
[   95.823772][ T4322] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.852141][ T4322] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   95.867734][ T4322] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   95.878096][ T4322] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.889450][ T4322] usb 4-1: config 0 descriptor??
[   95.947956][ T4824] XFS (loop0): Mounting V5 Filesystem
[   96.016373][ T4824] XFS (loop0): Ending clean mount
[   96.059872][ T4824] XFS (loop0): Quotacheck needed: Please wait.
[   96.120062][ T4824] XFS (loop0): Quotacheck: Done.
[   96.132546][ T4272] EXT4-fs (loop2): unmounting filesystem.
[   96.191730][   T22] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   96.285882][   T27] audit: type=1800 audit(1780418042.404:2): pid=4824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.129" name="file1" dev="loop0" ino=9286 res=0 errno=0
[   96.310467][ T4322] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[   96.335261][ T4322] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[   96.358713][   T27] audit: type=1800 audit(1780418042.454:3): pid=4824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.129" name="file1" dev="loop0" ino=9286 res=0 errno=0
[   96.411693][   T22] usb 2-1: Using ep0 maxpacket: 32
[   96.436947][   T22] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[   96.455840][   T22] usb 2-1: config 0 has no interface number 0
[   96.467101][   T22] usb 2-1: config 0 interface 1 altsetting 9 has an invalid endpoint with address 0x0, skipping
[   96.487994][   T22] usb 2-1: config 0 interface 1 has no altsetting 0
[   96.497166][   T22] usb 2-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[   96.524173][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.541707][ T4322] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   96.550088][   T22] usb 2-1: Product: syz
[   96.554367][   T22] usb 2-1: Manufacturer: syz
[   96.559172][   T22] usb 2-1: SerialNumber: syz
[   96.579672][   T22] usb 2-1: config 0 descriptor??
[   96.741760][ T4322] usb 5-1: Using ep0 maxpacket: 32
[   96.754257][ T4276] XFS (loop0): Unmounting Filesystem
[   96.772994][ T4322] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[   96.781726][ T4322] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   96.790435][ T4322] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[   96.800644][ T4322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   96.811153][ T4322] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   96.832409][ T4322] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   96.854544][   T22] cx231xx 2-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[   96.863625][ T4322] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   96.879106][   T22] cx231xx 2-1:0.1: bad scenario!!!!!
[   96.879106][   T22] config_info=0
[   96.892498][ T4322] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.902973][   T22] cx231xx 2-1:0.1: Failed to read PCB config
[   96.923055][ T4322] usb 5-1: config 0 descriptor??
[   97.106521][ T4850] netlink: 40 bytes leftover after parsing attributes in process `syz.0.134'.
[   97.121771][   T22] usb 2-1: USB disconnect, device number 5
[   97.136874][ T4322] usblp 5-1:0.0: usblp1: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   97.411168][   T22] usb 5-1: USB disconnect, device number 4
[   97.633212][   T22] usblp1: removed
[   98.514529][ T4277] EXT4-fs (loop3): unmounting filesystem.
[   99.137598][    T7] usb 4-1: USB disconnect, device number 3
[   99.280325][ T4894] loop2: detected capacity change from 0 to 512
[   99.357393][ T4894] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   99.389356][ T4894] EXT4-fs error (device loop2): ext4_orphan_get:1405: inode #15: comm syz.2.149: inode has both inline data and extents flags
[   99.440708][ T4894] EXT4-fs error (device loop2): ext4_orphan_get:1410: comm syz.2.149: couldn't read orphan inode 15 (err -117)
[   99.474989][ T4873] loop3: detected capacity change from 0 to 40427
[   99.512573][ T4894] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   99.523584][ T4873] F2FS-fs (loop3): Wrong segment_count / block_count (64 > 16384)
[   99.563256][ T4873] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   99.726229][ T4873] F2FS-fs (loop3): Found nat_bits in checkpoint
[   99.748394][ T4272] EXT4-fs (loop2): unmounting filesystem.
[   99.893648][ T4873] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   99.914920][ T4873] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   99.936169][ T4913] loop2: detected capacity change from 0 to 2048
[   99.978148][ T4913] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  100.259936][ T4277] syz-executor: attempt to access beyond end of device
[  100.259936][ T4277] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  100.731303][ T4920] binder_alloc: 4919: binder_alloc_buf size 16384 failed, no address space
[  100.746853][ T4920] binder_alloc: allocated: 4096 (num: 1 largest: 4096), free: 8192 (num: 1 largest: 8192)
[  103.411765][    T7] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  103.558963][ T4965] loop2: detected capacity change from 0 to 256
[  103.615955][    T7] usb 1-1: Using ep0 maxpacket: 32
[  103.623892][    T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.658399][    T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.691124][    T7] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  103.725747][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.759437][    T7] usb 1-1: config 0 descriptor??
[  103.786389][    T7] hub 1-1:0.0: USB hub found
[  103.845946][ T4967] loop2: detected capacity change from 0 to 512
[  103.933080][ T4967] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  103.990884][    T7] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  104.026724][ T4967] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  104.037141][ T4967] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.171: Corrupt directory, running e2fsck is recommended
[  104.054624][ T4967] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117
[  104.106063][ T4967] EXT4-fs error (device loop2): ext4_iget_extra_inode:4763: inode #15: comm syz.2.171: corrupted in-inode xattr
[  104.207634][ T4967] EXT4-fs error (device loop2): ext4_orphan_get:1410: comm syz.2.171: couldn't read orphan inode 15 (err -117)
[  104.242207][ T4967] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  104.265741][ T4967] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.277806][ T4967] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  104.288311][ T4967] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.171: Corrupt directory, running e2fsck is recommended
[  104.327474][   T27] audit: type=1800 audit(1780418050.434:4): pid=4956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.166" name="bus" dev="ramfs" ino=36572 res=0 errno=0
[  104.369126][ T4967] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.399984][    T7] hid-generic 0003:046D:C31C.0005: unknown main item tag 0x0
[  104.449803][    T7] hid-generic 0003:046D:C31C.0005: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.0-1/input0
[  104.481662][ T4967] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  104.503776][ T4967] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.171: Corrupt directory, running e2fsck is recommended
[  104.522901][ T4967] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.558144][ T4967] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  104.584610][ T4967] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.171: Corrupt directory, running e2fsck is recommended
[  104.664324][ T4967] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.707838][ T4967] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 3: comm syz.2.171: path /35/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  104.764332][ T4967] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 8: comm syz.2.171: path /35/file0: bad entry in directory: inode out of bounds - offset=0, inode=16810477, rec_len=1024, size=1024 fake=0
[  104.870197][ T4272] EXT4-fs (loop2): unmounting filesystem.
[  105.232229][ T4997] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  105.278758][ T4997] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  105.369065][ T5000] binder: 4999:5000 ioctl c0306201 200000000080 returned -14
[  105.418188][ T4960] usb 1-1: reset high-speed USB device number 5 using dummy_hcd
[  105.777445][ T5006] kvm [5005]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0xc1) = 0x800
[  105.820688][ T4960] usbhid 1-1:0.0: reset_resume error -1
[  105.828908][ T5006] kvm [5005]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0xc2) = 0x800
[  105.867016][ T5006] kvm [5005]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0x11e) = 0xbe702911
[  105.930393][ T5006] kvm [5005]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0x186) = 0x800
[  105.960134][ T5006] kvm [5005]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0x187) = 0x800
[  106.052540][ T4715] usb 1-1: USB disconnect, device number 5
[  106.202079][    T7] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  106.401832][    T7] usb 3-1: Using ep0 maxpacket: 16
[  106.415805][    T7] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  106.536149][    T7] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  106.694321][    T7] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  106.842567][    T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.975101][    T7] usb 3-1: Product: syz
[  107.023170][    T7] usb 3-1: Manufacturer: syz
[  107.062627][ T5022] loop3: detected capacity change from 0 to 256
[  107.085567][    T7] usb 3-1: SerialNumber: syz
[  107.217739][ T5022] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  107.256006][ T5025] tipc: Started in network mode
[  107.261154][ T5025] tipc: Node identity ac14140f, cluster identity 4711
[  107.299231][ T5022] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  107.325514][ T5025] tipc: New replicast peer: 255.255.255.255
[  107.337584][ T5032] Zero length message leads to an empty skb
[  107.345964][ T5025] tipc: Enabled bearer <udp:syz2>, priority 10
[  107.350919][ T5022] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  107.385598][ T5025] tipc: Cannot configure node identity twice
[  107.403221][ T5025] tipc: Cannot configure node identity twice
[  107.432188][    T7] usb 3-1: 0:2 : does not exist
[  107.442342][    T7] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  107.501039][    T7] usb 3-1: USB disconnect, device number 5
[  107.615941][ T5035] loop0: detected capacity change from 0 to 256
[  107.759269][   T27] audit: type=1800 audit(1780418053.874:5): pid=5035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.192" name="file1" dev="loop0" ino=1048603 res=0 errno=0
[  107.782039][ T5035] exFAT-fs (loop0): hint_cluster is invalid (17)
[  107.794591][ T5035] exFAT-fs (loop0): error, invalid dentry access beyond EOF (clu : 5, eidx : 129)
[  107.809086][ T5035] exFAT-fs (loop0): Filesystem has been set read-only
[  107.826543][ T5035] exFAT-fs (loop0): error, invalid dentry access beyond EOF (clu : 5, eidx : 129)
[  107.905700][ T5022] exFAT-fs (loop3): error, invalid access to FAT (entry 0x00000005) bogus content (0x75757575)
[  107.931737][ T5022] exFAT-fs (loop3): Filesystem has been set read-only
[  108.080690][ T4277] exFAT-fs (loop3): error, invalid access to FAT (entry 0x00000005) bogus content (0x75757575)
[  108.105607][ T5040] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  108.126960][ T4277] exFAT-fs (loop3): error, invalid access to FAT (entry 0x00000005) bogus content (0x75757575)
[  108.355017][   T22] tipc: Node number set to 2886997007
[  109.418147][ T4606] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.663562][ T4606] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.768125][ T4606] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.865168][ T4606] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.922257][ T5056] ax25_connect(): syz.0.201 uses autobind, please contact jreuter@yaina.de
[  109.947029][ T5061] loop2: detected capacity change from 0 to 256
[  109.989326][ T5061] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  110.037470][ T5061] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  110.153139][ T5061] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  110.764058][ T5080] loop1: detected capacity change from 0 to 512
[  110.804264][ T5080] EXT4-fs: Ignoring removed nomblk_io_submit option
[  110.851548][ T5080] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  110.879095][ T5080] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8800c01d, mo2=0102]
[  110.893905][ T5080] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  110.928450][ T5080] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  110.941463][ T5080] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  110.950903][ T4289] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  110.962688][ T4287] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  110.970453][ T4289] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  110.978208][ T4289] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  110.986320][ T4287] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  110.993638][ T4287] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  110.994983][ T5080] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.207: dx entry: limit 65535 != root limit 120
[  111.161854][ T5080] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.207: Corrupt directory, running e2fsck is recommended
[  111.201424][ T5080] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.207: dx entry: limit 65535 != root limit 120
[  111.234605][ T5080] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.207: Corrupt directory, running e2fsck is recommended
[  111.302782][ T5092] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.207: dx entry: limit 65535 != root limit 120
[  111.356360][ T5092] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.207: Corrupt directory, running e2fsck is recommended
[  111.387339][ T5080] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.207: dx entry: limit 65535 != root limit 120
[  111.430092][ T5080] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.207: Corrupt directory, running e2fsck is recommended
[  111.459269][ T5095] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.207: dx entry: limit 65535 != root limit 120
[  111.483612][ T5098] loop4: detected capacity change from 0 to 1024
[  111.490479][ T5095] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.207: Corrupt directory, running e2fsck is recommended
[  111.595809][ T5092] EXT4-fs error (device loop1): ext4_readdir:263: inode #2: block 3: comm syz.1.207: path /39/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  111.633626][ T5088] chnl_net:caif_netlink_parms(): no params data found
[  111.761319][ T4283] EXT4-fs (loop1): unmounting filesystem.
[  111.870290][ T5106] loop2: detected capacity change from 0 to 512
[  111.996176][ T5088] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.011298][ T5106] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  112.035471][ T5088] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.048692][ T5106] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.118290][ T5088] device bridge_slave_0 entered promiscuous mode
[  112.224139][ T5088] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.238334][ T5088] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.263099][ T5088] device bridge_slave_1 entered promiscuous mode
[  112.289958][ T4272] EXT4-fs (loop2): unmounting filesystem.
[  112.571158][ T5088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  112.651444][ T5139] loop1: detected capacity change from 0 to 1024
[  112.686886][ T5139] EXT4-fs: Ignoring removed oldalloc option
[  112.715333][ T5139] EXT4-fs: Ignoring removed oldalloc option
[  112.751734][ T5139] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  112.775564][ T5088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.811752][ T4715] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  112.848473][ T5139] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  112.913205][ T4606] device hsr_slave_0 left promiscuous mode
[  112.931318][ T4606] device hsr_slave_1 left promiscuous mode
[  112.968041][ T4606] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.981802][ T4606] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.001882][ T4715] usb 3-1: Using ep0 maxpacket: 32
[  113.008070][ T4606] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.016694][ T4715] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  113.032702][ T4606] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.039969][ T4715] usb 3-1: config 0 interface 0 has no altsetting 0
[  113.046749][ T4715] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  113.056061][ T4715] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.071827][ T4278] Bluetooth: hci2: command 0x0409 tx timeout
[  113.072222][ T4715] usb 3-1: config 0 descriptor??
[  113.130507][ T4606] device veth1_macvtap left promiscuous mode
[  113.170131][ T4606] device veth0_macvtap left promiscuous mode
[  113.191733][  T129] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  113.195823][ T4606] device veth1_vlan left promiscuous mode
[  113.229207][ T4606] device veth0_vlan left promiscuous mode
[  113.323544][ T4715] usbhid 3-1:0.0: can't add hid device: -71
[  113.331334][ T4715] usbhid: probe of 3-1:0.0 failed with error -71
[  113.378937][ T4715] usb 3-1: USB disconnect, device number 6
[  113.383442][  T129] usb 2-1: config index 0 descriptor too short (expected 12336, got 441)
[  113.412639][  T129] usb 2-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[  113.458508][  T129] usb 2-1: config 48 has an invalid descriptor of length 0, skipping remainder of the config
[  113.505711][  T129] usb 2-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[  113.558360][  T129] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  113.587425][  T129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.033294][  T129] usb 2-1: string descriptor 0 read error: -71
[  114.072990][  T129] usb 2-1: USB disconnect, device number 6
[  114.611625][    T0] NOHZ tick-stop error: local softirq work is pending, handler #38a!!!
[  114.621632][    T0] NOHZ tick-stop error: local softirq work is pending, handler #38a!!!
[  114.631613][    T0] NOHZ tick-stop error: local softirq work is pending, handler #38a!!!
[  114.641611][    T0] NOHZ tick-stop error: local softirq work is pending, handler #38a!!!
[  114.651614][    T0] NOHZ tick-stop error: local softirq work is pending, handler #38a!!!
[  114.861632][    T0] NOHZ tick-stop error: local softirq work is pending, handler #38a!!!
[  114.871618][    T0] NOHZ tick-stop error: local softirq work is pending, handler #38a!!!
[  114.991630][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  115.001627][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  115.351086][ T4278] Bluetooth: hci2: command 0x041b tx timeout
[  115.472402][ T4283] EXT4-fs (loop1): unmounting filesystem.
[  116.967633][ T4606] team0 (unregistering): Port device team_slave_1 removed
[  117.048029][ T4606] team0 (unregistering): Port device team_slave_0 removed
[  117.107111][ T4606] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  117.188098][ T4606] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  117.421991][ T4278] Bluetooth: hci2: command 0x040f tx timeout
[  118.225733][ T4606] bond0 (unregistering): Released all slaves
[  118.264718][ T5088] team0: Port device team_slave_0 added
[  118.273984][ T5088] team0: Port device team_slave_1 added
[  118.329548][ T5088] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.361631][ T5088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.387520][    C0] vkms_vblank_simulate: vblank timer overrun
[  118.472119][ T5088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.488132][ T5088] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.502021][ T5088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.599745][ T5088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.662144][ T5210] device syzkaller0 entered promiscuous mode
[  118.777105][ T5088] device hsr_slave_0 entered promiscuous mode
[  118.801990][ T5088] device hsr_slave_1 entered promiscuous mode
[  118.828956][ T5088] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  118.846260][ T5088] Cannot create hsr debugfs directory
[  118.852923][ T5208] loop4: detected capacity change from 0 to 32768
[  119.395657][ T5088] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  119.448287][ T5088] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  119.471832][ T4289] Bluetooth: hci2: command 0x0419 tx timeout
[  119.524233][ T5088] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  119.532555][ T4322] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  119.557536][ T5088] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  119.741836][ T4322] usb 5-1: Using ep0 maxpacket: 16
[  119.749398][ T4322] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  119.793997][ T4322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  119.842197][ T4322] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  119.844125][ T5088] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.882959][ T4322] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  119.905946][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  119.921797][ T4322] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  119.925257][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  119.969685][ T4322] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  119.988903][ T5088] 8021q: adding VLAN 0 to HW filter on device team0
[  120.006890][ T4322] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  120.014451][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  120.032964][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  120.042612][ T4322] usb 5-1: Manufacturer: syz
[  120.062350][ T4322] usb 5-1: config 0 descriptor??
[  120.063152][ T5119] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.074456][ T5119] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.139881][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  120.174577][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  120.197585][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  120.231544][ T5119] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.238698][ T5119] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.277027][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  120.636927][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  120.878232][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  120.914657][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  120.965849][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  120.991720][ T4322] rc_core: IR keymap rc-hauppauge not found
[  120.997736][ T4322] Registered IR keymap rc-empty
[  121.009897][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  121.032146][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.065250][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  121.101703][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.110577][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  121.133369][ T4322] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  121.158129][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  121.172745][ T4322] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input8
[  121.174519][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  121.202316][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  121.212380][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  121.258976][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.311824][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.351861][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.391864][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.431872][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.461693][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.503323][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.532161][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.601789][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.614596][ T5275] pit: kvm: requested 181028 ns i8254 timer period limited to 200000 ns
[  121.640418][ T5275] pit: kvm: requested 138285 ns i8254 timer period limited to 200000 ns
[  121.671898][ T4322] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  121.679509][ T5275] pit: kvm: requested 31847 ns i8254 timer period limited to 200000 ns
[  121.703005][ T4322] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  121.709340][ T5284] loop1: detected capacity change from 0 to 2048
[  121.717685][ T4322] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  121.734618][ T5275] pit: kvm: requested 117333 ns i8254 timer period limited to 200000 ns
[  121.757092][ T4322] usb 5-1: USB disconnect, device number 5
[  121.777584][ T5275] pit: kvm: requested 5866 ns i8254 timer period limited to 200000 ns
[  121.810708][ T5275] pit: kvm: requested 40228 ns i8254 timer period limited to 200000 ns
[  121.837080][ T5284] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  121.848036][ T5275] pit: kvm: requested 125714 ns i8254 timer period limited to 200000 ns
[  121.862089][ T5275] pit: kvm: requested 109790 ns i8254 timer period limited to 200000 ns
[  121.901112][ T5125] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  121.926119][ T5125] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  121.934274][ T5275] pit: kvm: requested 46933 ns i8254 timer period limited to 200000 ns
[  121.948095][ T5275] pit: kvm: requested 165942 ns i8254 timer period limited to 200000 ns
[  121.990074][ T5088] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.166847][ T5284] EXT4-fs error (device loop1): ext4_map_blocks:637: inode #2: block 16: comm syz.1.243: lblock 0 mapped to illegal pblock 16 (length 1)
[  122.236752][ T5292] EXT4-fs error (device loop1): __ext4_get_inode_loc:4520: comm syz.1.243: Invalid inode table block 0 in block_group 0
[  122.322198][ T5292] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5952: Corrupt filesystem
[  122.368758][ T5292] EXT4-fs error (device loop1): ext4_setattr:5634: inode #15: comm syz.1.243: mark_inode_dirty error
[  122.399962][ T5292] EXT4-fs error (device loop1) in ext4_setattr:5695: Corrupt filesystem
[  122.418271][ T5292] EXT4-fs error (device loop1): __ext4_get_inode_loc:4520: comm syz.1.243: Invalid inode table block 0 in block_group 0
[  122.458107][ T5292] EXT4-fs error (device loop1): ext4_map_blocks:747: inode #15: block 1803188595: comm syz.1.243: lblock 0 mapped to illegal pblock 1803188595 (length 1)
[  122.500262][ T5282] EXT4-fs error (device loop1): __ext4_get_inode_loc:4520: comm syz.1.243: Invalid inode table block 0 in block_group 0
[  122.506867][ T5292] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  122.639041][ T5292] EXT4-fs (loop1): This should not happen!! Data will be lost
[  122.639041][ T5292] 
[  122.694267][ T5318] device syzkaller0 entered promiscuous mode
[  122.717256][ T5318] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  122.732837][ T5317] tipc: Resetting bearer <eth:syzkaller0>
[  122.828742][ T5119] EXT4-fs error (device loop1): __ext4_get_inode_loc:4520: comm kworker/u4:14: Invalid inode table block 0 in block_group 0
[  122.864492][ T5317] tipc: Disabling bearer <eth:syzkaller0>
[  122.897157][ T5119] EXT4-fs error (device loop1): __ext4_get_inode_loc:4520: comm kworker/u4:14: Invalid inode table block 0 in block_group 0
[  122.967945][ T4283] EXT4-fs (loop1): Inode 15 (ffff888074366e58): i_reserved_data_blocks (1) not cleared!
[  123.011806][ T4283] EXT4-fs (loop1): unmounting filesystem.
[  123.032006][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  123.058583][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  123.138827][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  123.471139][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  123.611466][ T5088] device veth0_vlan entered promiscuous mode
[  123.622624][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  123.650197][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  123.684329][ T5088] device veth1_vlan entered promiscuous mode
[  123.804245][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  123.867764][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  123.907671][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  123.917858][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  123.943542][ T5088] device veth0_macvtap entered promiscuous mode
[  123.999832][ T5088] device veth1_macvtap entered promiscuous mode
[  124.026558][ T5342] loop0: detected capacity change from 0 to 1024
[  124.058247][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.076708][ T5342] EXT4-fs: Ignoring removed orlov option
[  124.084199][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.094489][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.106009][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.116178][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.136957][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.147864][ T5342] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  124.153992][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  124.171154][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.190627][ T5088] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.210732][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  124.277394][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  124.281691][ T4315] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  124.303291][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.329301][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.349682][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.387846][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.399644][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.414237][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.425460][ T5088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.450296][ T5088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.474841][ T5088] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.483129][ T4276] EXT4-fs (loop0): unmounting filesystem.
[  124.491469][ T4315] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  124.497486][ T5088] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.521158][ T5088] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.530082][ T4315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.547227][ T4315] usb 3-1: Product: syz
[  124.551425][ T4315] usb 3-1: Manufacturer: syz
[  124.557440][ T4315] usb 3-1: SerialNumber: syz
[  124.561758][ T5088] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.586802][ T4319] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  124.601113][ T5088] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.636269][ T4392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  124.656177][ T4392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  124.678245][   T27] audit: type=1326 audit(1780418070.794:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5356 comm="syz.0.257" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb2abf9ce59 code=0x0
[  124.783442][ T4315] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  124.801820][ T4319] usb 5-1: Using ep0 maxpacket: 16
[  124.807958][ T4610] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.818225][ T4319] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  124.831871][ T4610] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.841384][ T4315] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  124.853744][ T4319] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  124.885822][ T5119] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  124.904363][ T4319] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  124.925757][ T4319] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.941997][ T4319] usb 5-1: Product: syz
[  124.948455][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.952054][ T4319] usb 5-1: Manufacturer: syz
[  124.956890][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.971165][ T4319] usb 5-1: SerialNumber: syz
[  124.991351][ T4610] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  125.613468][ T4319] usb 5-1: 0:2 : does not exist
[  126.225434][ T4319] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  126.266877][ T4319] usb 5-1: USB disconnect, device number 6
[  126.482826][ T4410] udevd[4410]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  127.025600][ T4315] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000080. ret = -71
[  127.355466][ T4315] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  127.365069][ T4315] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  127.376429][ T4315] lan78xx: probe of 3-1:1.0 failed with error -71
[  127.389671][ T5378] loop0: detected capacity change from 0 to 2048
[  127.391839][ T4315] usb 3-1: USB disconnect, device number 7
[  127.548909][ T5378] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  127.584588][ T5390] loop4: detected capacity change from 0 to 256
[  127.687551][ T5390] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  127.761711][ T5390] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  127.820992][ T5390] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  128.931116][ T5378] EXT4-fs error (device loop0): ext4_map_blocks:637: inode #2: block 16: comm syz.0.259: lblock 0 mapped to illegal pblock 16 (length 1)
[  128.990849][ T5378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4520: comm syz.0.259: Invalid inode table block 0 in block_group 0
[  129.779276][ T5378] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5952: Corrupt filesystem
[  129.790491][ T5378] EXT4-fs error (device loop0): ext4_setattr:5634: inode #15: comm syz.0.259: mark_inode_dirty error
[  129.816731][ T5378] EXT4-fs error (device loop0) in ext4_setattr:5695: Corrupt filesystem
[  129.881119][ T5377] EXT4-fs error (device loop0): __ext4_get_inode_loc:4520: comm syz.0.259: Invalid inode table block 0 in block_group 0
[  130.072462][ T5378] EXT4-fs error (device loop0): __ext4_get_inode_loc:4520: comm syz.0.259: Invalid inode table block 0 in block_group 0
[  130.097066][ T5377] EXT4-fs error (device loop0): ext4_map_blocks:747: inode #15: block 1803188595: comm syz.0.259: lblock 0 mapped to illegal pblock 1803188595 (length 1)
[  130.874446][ T5426] loop5: detected capacity change from 0 to 64
[  130.971137][ T5377] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  131.060233][ T5377] EXT4-fs (loop0): This should not happen!! Data will be lost
[  131.060233][ T5377] 
[  131.353206][ T5119] EXT4-fs error (device loop0): __ext4_get_inode_loc:4520: comm kworker/u4:14: Invalid inode table block 0 in block_group 0
[  131.387388][ T5119] EXT4-fs error (device loop0): __ext4_get_inode_loc:4520: comm kworker/u4:14: Invalid inode table block 0 in block_group 0
[  131.444782][ T4276] EXT4-fs (loop0): Inode 15 (ffff8880257a6e58): i_reserved_data_blocks (1) not cleared!
[  131.475674][ T4276] EXT4-fs (loop0): unmounting filesystem.
[  132.595642][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  132.602819][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  132.671362][ T5436] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.678670][ T5436] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.076782][ T5426] Trying to free block not in datazone
[  133.130631][   T27] audit: type=1800 audit(1780418079.244:7): pid=5426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.272" name="file1" dev="loop5" ino=5 res=0 errno=0
[  133.150717][    C1] vkms_vblank_simulate: vblank timer overrun
[  134.749787][ T5436] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.833932][ T5436] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.382008][ T5436] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  136.411700][ T5436] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  136.440344][ T5436] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  136.459914][ T5436] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  136.705254][ T5504] xt_nat: multiple ranges no longer supported
[  137.448834][ T5460] device syzkaller0 entered promiscuous mode
[  137.475883][ T5499] batman_adv: batadv0: Adding interface: dummy0
[  137.509217][ T5506] IPVS: set_ctl: invalid protocol: 60 255.255.255.255:20003
[  137.521672][ T5499] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.600029][ T5499] batman_adv: batadv0: Interface activated: dummy0
[  137.688072][ T5500] batadv0: mtu less than device minimum
[  137.744830][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  137.757486][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  137.768860][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  137.780336][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  137.791800][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  137.803596][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  137.814959][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  137.826319][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  137.837870][ T5500] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  138.168449][ T5516] device syzkaller0 entered promiscuous mode
[  140.052469][ T5538] Illegal XDP return value 4294967294 on prog  (id 13) dev syz_tun, expect packet loss!
[  141.829177][ T5567] loop4: detected capacity change from 0 to 512
[  141.937297][ T5567] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  141.949492][ T5567] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  141.959543][ T5567] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  142.085347][ T5570] netlink: 4 bytes leftover after parsing attributes in process `syz.1.304'.
[  142.095756][ T5570] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.247406][ T5567] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  142.406902][ T5567] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e041e01c, mo2=0180]
[  142.464581][ T5567] EXT4-fs (loop4): failed to initialize system zone (-117)
[  142.524647][ T5570] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.537925][ T5567] EXT4-fs (loop4): mount failed
[  146.381943][ T5639] device syzkaller0 entered promiscuous mode
[  146.401679][ T3600] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  146.616158][ T3600] usb 6-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  146.640455][ T3600] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.668008][ T3600] usb 6-1: Product: syz
[  146.692135][ T3600] usb 6-1: Manufacturer: syz
[  146.697271][ T3600] usb 6-1: SerialNumber: syz
[  147.069679][ T3600] net_ratelimit: 10 callbacks suppressed
[  147.069726][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  147.244177][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  148.591923][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -32
[  149.640022][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000044. ret = -71
[  149.704613][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -71
[  149.736468][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -71
[  149.759061][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -71
[  149.779460][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -71
[  149.791824][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -71
[  149.833228][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -71
[  149.961780][ T4315] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  150.181698][ T4315] usb 1-1: Using ep0 maxpacket: 8
[  150.206003][ T4315] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  150.354337][ T4315] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.447794][ T4315] usb 1-1: Product: syz
[  150.492623][ T4315] usb 1-1: Manufacturer: syz
[  150.544360][ T4315] usb 1-1: SerialNumber: syz
[  150.665037][ T4315] usb 1-1: config 0 descriptor??
[  150.739575][ T4315] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  150.752441][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  150.762157][ T3600] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  150.782909][ T3600] lan78xx: probe of 6-1:1.0 failed with error -71
[  150.800848][ T3600] usb 6-1: USB disconnect, device number 2
[  151.696622][ T4315] gspca_sonixj: reg_r err -110
[  151.701542][ T4315] sonixj: probe of 1-1:0.0 failed with error -110
[  152.654774][ T5719] loop5: detected capacity change from 0 to 1024
[  152.682653][ T5719] EXT4-fs: Ignoring removed orlov option
[  152.780988][ T5719] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  153.850402][ T5088] EXT4-fs (loop5): unmounting filesystem.
[  153.857517][   T22] usb 1-1: USB disconnect, device number 6
[  154.068589][ T5736] hub 8-0:1.0: USB hub found
[  154.075092][ T5736] hub 8-0:1.0: 1 port detected
[  154.092125][ T5736] loop1: detected capacity change from 0 to 256
[  157.061325][ T5767] netlink: 4 bytes leftover after parsing attributes in process `syz.5.346'.
[  157.267332][ T5767] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  157.734356][ T5767] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.071341][ T5775] device syzkaller0 entered promiscuous mode
[  159.094343][ T5787] device syzkaller0 entered promiscuous mode
[  159.152207][ T5787] net_ratelimit: 2 callbacks suppressed
[  159.152220][ T5787] TC_ACT_REPEAT abuse ?
[  159.204301][ T5791] binder_alloc: 5790: binder_alloc_buf, no vma
[  159.435604][ T5793] loop0: detected capacity change from 0 to 1024
[  159.482514][ T5793] EXT4-fs: Ignoring removed bh option
[  159.579909][ T5793] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  159.791755][  T129] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  160.007644][  T129] usb 6-1: unable to get BOS descriptor or descriptor too short
[  160.060579][  T129] usb 6-1: not running at top speed; connect to a high speed hub
[  160.225615][  T129] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  160.403988][  T129] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 120, changing to 4
[  160.598167][  T129] usb 6-1: New USB device found, idVendor=0b05, idProduct=1743, bcdDevice= 1.40
[  160.679926][  T129] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.697869][  T129] usb 6-1: Product: syz
[  160.721892][  T129] usb 6-1: Manufacturer: syz
[  161.102564][ T5816] sctp: failed to load transform for md5: -2
[  161.149943][  T129] usb 6-1: SerialNumber: syz
[  161.272492][ T5793] EXT4-fs error (device loop0): __ext4_get_inode_loc:4520: comm syz.0.355: Invalid inode table block 0 in block_group 0
[  161.326896][ T5793] EXT4-fs (loop0): Remounting filesystem read-only
[  161.443796][ T5121] EXT4-fs error (device loop0): __ext4_get_inode_loc:4520: comm kworker/u4:16: Invalid inode table block 0 in block_group 0
[  161.444761][  T129] usb 6-1: 1:1 : unknown format tag 0x5 is detected.  processed as MPEG.
[  161.505547][ T5121] EXT4-fs (loop0): Remounting filesystem read-only
[  161.518369][ T5826] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  161.528789][ T4276] EXT4-fs (loop0): unmounting filesystem.
[  161.534675][  T129] usb 6-1: found format II with max.bitrate = 512, frame size=4095
[  161.552059][  T129] usb 6-1: 1:1 : unknown format tag 0x5 is detected.  processed as MPEG.
[  161.591497][ T5826] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.599248][  T129] usb 6-1: found format II with max.bitrate = 512, frame size=4095
[  161.627435][ T5826] batadv0: mtu less than device minimum
[  161.673040][ T5826] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  161.685360][ T5826] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  161.697638][ T5826] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  161.709894][ T5826] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  161.722228][ T5826] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  161.734542][ T5826] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  161.746775][ T5826] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  161.824054][  T129] usb 6-1: USB disconnect, device number 3
[  161.874291][ T4557] udevd[4557]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  161.931749][    T7] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  162.218533][    T7] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  162.350360][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.555012][    T7] usb 1-1: config 0 descriptor??
[  162.627435][    T7] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  162.655290][ T5826] batman_adv: batadv0: Removing interface: batadv_slave_1
[  162.891395][ T5849] loop2: detected capacity change from 0 to 128
[  162.944676][ T5849] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  163.009229][ T5849] hpfs: filesystem error: improperly stopped
[  163.034557][ T5849] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  163.083431][ T5849] hpfs: You really don't want any checks? You are crazy...
[  163.129440][ T5849] hpfs: hpfs_map_sector(): read error
[  163.149932][ T5849] hpfs: code page support is disabled
[  163.156471][ T5854] device syzkaller0 entered promiscuous mode
[  163.163486][ T5849] hpfs: hpfs_map_4sectors(): unaligned read
[  163.170144][ T5849] hpfs: hpfs_map_4sectors(): unaligned read
[  163.181382][ T5849] hpfs: filesystem error: unable to find root dir
[  163.287463][ T5849] hpfs: hpfs_map_4sectors(): unaligned read
[  163.309635][ T5849] hpfs: hpfs_map_sector(): read error
[  163.343661][ T5858] hpfs: hpfs_map_4sectors(): unaligned read
[  163.363133][ T5858] hpfs: hpfs_map_sector(): read error
[  163.382889][ T5849] hpfs: hpfs_map_4sectors(): unaligned read
[  163.409904][ T5849] hpfs: hpfs_map_sector(): read error
[  163.441019][ T5858] hpfs: hpfs_map_4sectors(): unaligned read
[  163.450127][ T5858] hpfs: hpfs_map_sector(): read error
[  164.754007][   T22] usb 1-1: USB disconnect, device number 7
[  165.892096][   T14] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  166.141877][   T14] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  166.204627][   T14] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.295039][   T14] usb 3-1: Product: syz
[  166.323984][   T14] usb 3-1: Manufacturer: syz
[  166.388389][   T14] usb 3-1: SerialNumber: syz
[  166.640037][   T14] net_ratelimit: 13 callbacks suppressed
[  166.640054][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  166.688812][ T5895] binder: transaction release 110 bad handle 1, ret = -22
[  166.700312][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  166.702974][ T4289] Bluetooth: min 6 > max 0
[  166.847257][ T4318] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  167.051760][ T4318] usb 5-1: Using ep0 maxpacket: 16
[  167.089137][ T4318] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  167.256704][ T5911] fuse: Bad value for 'fd'
[  167.308011][ T4318] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  167.492595][ T4318] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  167.531734][ T4318] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.608311][ T4318] usb 5-1: Product: syz
[  167.620606][ T4318] usb 5-1: Manufacturer: syz
[  167.632686][ T4318] usb 5-1: SerialNumber: syz
[  167.727239][ T5920] loop5: detected capacity change from 0 to 128
[  167.788180][ T5920] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  167.850407][ T5920] hpfs: filesystem error: improperly stopped
[  167.863673][ T5920] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  167.869292][ T4318] usb 5-1: 0:2 : does not exist
[  167.891284][ T4318] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  167.898228][ T5920] hpfs: You really don't want any checks? You are crazy...
[  167.924486][ T5920] hpfs: hpfs_map_sector(): read error
[  167.942025][ T4318] usb 5-1: USB disconnect, device number 7
[  167.943914][ T5920] hpfs: code page support is disabled
[  167.965391][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -32
[  167.969486][ T5920] hpfs: hpfs_map_4sectors(): unaligned read
[  168.010810][ T5920] hpfs: hpfs_map_4sectors(): unaligned read
[  168.017980][ T5920] hpfs: filesystem error: unable to find root dir
[  168.101412][ T5920] hpfs: hpfs_map_4sectors(): unaligned read
[  168.127610][ T5920] hpfs: hpfs_map_sector(): read error
[  168.147286][ T5920] hpfs: hpfs_map_4sectors(): unaligned read
[  168.156980][ T5920] hpfs: hpfs_map_sector(): read error
[  168.167562][ T5920] hpfs: hpfs_map_4sectors(): unaligned read
[  168.176068][ T5920] hpfs: hpfs_map_sector(): read error
[  168.185728][ T5920] hpfs: hpfs_map_4sectors(): unaligned read
[  168.194367][ T5920] hpfs: hpfs_map_sector(): read error
[  168.244521][ T5836] udevd[5836]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  168.492386][ T5937] loop5: detected capacity change from 0 to 16
[  168.517243][ T5937] erofs: (device loop5): mounted with root inode @ nid 36.
[  168.607535][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000044. ret = -71
[  168.647782][ T5937] syz.5.388: attempt to access beyond end of device
[  168.647782][ T5937] loop5: rw=0, sector=48, nr_sectors = 16 limit=16
[  168.666389][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -71
[  168.684807][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 41 @ nid 36
[  168.698695][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -71
[  168.711321][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 39 @ nid 36
[  168.726162][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -71
[  168.739750][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.761693][ T4289] Bluetooth: hci4: command 0x2021 tx timeout
[  169.640565][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 37 @ nid 36
[  169.650050][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  169.659804][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 36 @ nid 36
[  169.669180][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 34 @ nid 36
[  169.670348][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -71
[  169.678394][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 32 @ nid 36
[  169.699056][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 28 @ nid 36
[  169.708205][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  169.717713][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 25 @ nid 36
[  169.726830][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  169.736183][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 24 @ nid 36
[  169.745521][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 23 @ nid 36
[  169.754636][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  169.764500][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 21 @ nid 36
[  169.775041][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  169.784634][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 20 @ nid 36
[  169.793779][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  169.803147][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 19 @ nid 36
[  169.812407][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  169.817182][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -71
[  169.822187][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 18 @ nid 36
[  169.842635][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 17 @ nid 36
[  169.861662][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 16 @ nid 36
[  169.890615][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 14 @ nid 36
[  169.927028][ T5937] syz.5.388: attempt to access beyond end of device
[  169.927028][ T5937] loop5: rw=524288, sector=13478624040, nr_sectors = 40 limit=16
[  169.927533][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -71
[  169.989520][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  170.037418][   T14] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  170.057082][ T5937] syz.5.388: attempt to access beyond end of device
[  170.057082][ T5937] loop5: rw=524288, sector=56, nr_sectors = 8 limit=16
[  170.093042][   T14] lan78xx: probe of 3-1:1.0 failed with error -71
[  170.131479][ T5937] syz.5.388: attempt to access beyond end of device
[  170.131479][ T5937] loop5: rw=524288, sector=8, nr_sectors = 48 limit=16
[  171.651972][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 84 @ nid 36
[  171.771876][   T14] usb 3-1: USB disconnect, device number 8
[  171.784398][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 83 @ nid 36
[  171.794003][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 78 @ nid 36
[  171.803803][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 77 @ nid 36
[  171.818375][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 75 @ nid 36
[  171.829622][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 74 @ nid 36
[  171.839191][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.849168][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 71 @ nid 36
[  171.858428][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.868319][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 70 @ nid 36
[  171.878249][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.888043][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 69 @ nid 36
[  171.897312][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.907290][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 68 @ nid 36
[  171.917142][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 65 @ nid 36
[  171.926843][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 64 @ nid 36
[  171.936666][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.946470][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 61 @ nid 36
[  171.955757][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.965967][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 60 @ nid 36
[  172.035842][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 57 @ nid 36
[  173.993506][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 56 @ nid 36
[  174.550854][ T5967] loop0: detected capacity change from 0 to 256
[  174.724816][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  174.752642][ T5967] exfat: Deprecated parameter 'utf8'
[  174.757993][ T5967] exfat: Deprecated parameter 'utf8'
[  174.772752][ T5967] exfat: Deprecated parameter 'utf8'
[  174.802386][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 54 @ nid 36
[  174.818710][ T5937] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  174.828792][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 53 @ nid 36
[  174.844634][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 52 @ nid 36
[  174.855914][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 50 @ nid 36
[  174.868197][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 49 @ nid 36
[  174.880297][ T5937] erofs: (device loop5): z_erofs_readahead: readahead error at page 48 @ nid 36
[  174.900062][ T5937] syz.5.388: attempt to access beyond end of device
[  174.900062][ T5937] loop5: rw=524288, sector=64, nr_sectors = 32 limit=16
[  174.918846][ T5937] syz.5.388: attempt to access beyond end of device
[  174.918846][ T5937] loop5: rw=524288, sector=8, nr_sectors = 24 limit=16
[  174.966833][ T5967] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  174.977396][ T5937] syz.5.388: attempt to access beyond end of device
[  174.977396][ T5937] loop5: rw=524288, sector=15495015288, nr_sectors = 32 limit=16
[  174.994449][ T5937] syz.5.388: attempt to access beyond end of device
[  174.994449][ T5937] loop5: rw=524288, sector=15495015272, nr_sectors = 16 limit=16
[  175.016503][ T5937] syz.5.388: attempt to access beyond end of device
[  175.016503][ T5937] loop5: rw=524288, sector=15353996136, nr_sectors = 8 limit=16
[  175.031373][ T5937] syz.5.388: attempt to access beyond end of device
[  175.031373][ T5937] loop5: rw=524288, sector=13612835600, nr_sectors = 8 limit=16
[  175.065467][ T5967] capability: warning: `syz.0.396' uses 32-bit capabilities (legacy support in use)
[  175.066451][ T5937] syz.5.388: attempt to access beyond end of device
[  175.066451][ T5937] loop5: rw=524288, sector=14552337248, nr_sectors = 16 limit=16
[  175.174918][ T5967] program syz.0.396 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  175.374882][ T5937] syz.5.388: attempt to access beyond end of device
[  175.374882][ T5937] loop5: rw=524288, sector=14546590680, nr_sectors = 8 limit=16
[  175.747084][ T5937] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -2 in[1, 1440] out[1677]
[  176.014730][ T5991] loop5: detected capacity change from 0 to 4096
[  176.026256][ T5991] EXT4-fs: Ignoring removed orlov option
[  176.049986][ T5991] EXT4-fs (loop5): Test dummy encryption mode enabled
[  176.090243][ T5991] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  176.151695][   T26] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  176.261720][   T22] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  176.349193][ T5991] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  176.357642][   T26] usb 3-1: Using ep0 maxpacket: 16
[  176.366617][   T26] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  176.377654][ T5991] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  176.393073][   T26] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  176.406681][   T26] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  176.420906][   T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.441734][   T26] usb 3-1: Product: syz
[  176.446057][   T26] usb 3-1: Manufacturer: syz
[  176.450654][   T26] usb 3-1: SerialNumber: syz
[  176.465633][   T22] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  176.481838][   T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.512244][   T22] usb 5-1: Product: syz
[  176.516475][   T22] usb 5-1: Manufacturer: syz
[  176.542192][   T22] usb 5-1: SerialNumber: syz
[  176.558979][ T5088] EXT4-fs (loop5): unmounting filesystem.
[  176.710977][   T26] usb 3-1: 0:2 : does not exist
[  176.734569][   T26] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  176.774079][   T26] usb 3-1: USB disconnect, device number 9
[  176.800631][   T22] net_ratelimit: 2 callbacks suppressed
[  176.800648][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  176.865057][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  177.067159][ T4356] udevd[4356]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  178.102692][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -32
[  178.727530][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000044. ret = -71
[  178.739817][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -71
[  178.751676][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -71
[  178.764034][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -71
[  178.776504][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -71
[  178.788488][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -71
[  178.800326][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -71
[  178.812437][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  178.822238][   T22] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  178.831625][   T22] lan78xx: probe of 5-1:1.0 failed with error -71
[  178.842677][   T22] usb 5-1: USB disconnect, device number 8
[  179.320537][ T6073] loop2: detected capacity change from 0 to 128
[  180.788911][ T6086] loop5: detected capacity change from 0 to 256
[  180.833419][ T6086] FAT-fs (loop5): Directory bread(block 64) failed
[  180.840298][ T6086] FAT-fs (loop5): Directory bread(block 65) failed
[  180.854018][ T6086] FAT-fs (loop5): Directory bread(block 66) failed
[  180.860570][ T6086] FAT-fs (loop5): Directory bread(block 67) failed
[  180.872101][ T6086] FAT-fs (loop5): Directory bread(block 68) failed
[  180.878651][ T6086] FAT-fs (loop5): Directory bread(block 69) failed
[  180.885644][ T6086] FAT-fs (loop5): Directory bread(block 70) failed
[  180.892489][ T6086] FAT-fs (loop5): Directory bread(block 71) failed
[  180.899192][ T6086] FAT-fs (loop5): Directory bread(block 72) failed
[  180.906000][ T6086] FAT-fs (loop5): Directory bread(block 73) failed
[  182.886797][ T6118] loop4: detected capacity change from 0 to 32768
[  183.023053][ T6118] XFS (loop4): Mounting V5 Filesystem
[  183.086717][ T6134] binder_alloc: 6130: binder_alloc_buf size 16384 failed, no address space
[  183.140431][ T6134] binder_alloc: allocated: 4096 (num: 1 largest: 4096), free: 8192 (num: 1 largest: 8192)
[  183.183332][ T6118] XFS (loop4): Ending clean mount
[  183.192307][ T6118] XFS (loop4): Quotacheck needed: Please wait.
[  183.257164][ T6118] XFS (loop4): Quotacheck: Done.
[  183.977903][ T4284] XFS (loop4): Unmounting Filesystem
[  185.624885][ T6167] raw_sendmsg: syz.2.428 forgot to set AF_INET. Fix it!
[  185.864001][ T6182] loop2: detected capacity change from 0 to 512
[  185.871772][ T4289] Bluetooth: hci3: command 0x0406 tx timeout
[  185.877806][ T4289] Bluetooth: hci4: command 0x0406 tx timeout
[  185.883973][ T4278] Bluetooth: hci0: command 0x0406 tx timeout
[  185.883990][ T4287] Bluetooth: hci1: command 0x0406 tx timeout
[  186.057036][ T6182] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[  186.177907][ T6182] System zones: 1-12
[  186.222794][ T6186] binder_alloc: 6185: binder_alloc_buf size 16384 failed, no address space
[  186.295910][ T6182] EXT4-fs error (device loop2): ext4_iget_extra_inode:4763: inode #15: comm syz.2.431: corrupted in-inode xattr
[  186.350003][ T6186] binder_alloc: allocated: 4096 (num: 1 largest: 4096), free: 8192 (num: 1 largest: 8192)
[  186.458688][ T6182] EXT4-fs error (device loop2): ext4_orphan_get:1410: comm syz.2.431: couldn't read orphan inode 15 (err -117)
[  186.628339][ T6182] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  187.527621][ T6203] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  187.536947][ T6203] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  187.545874][ T6203] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  187.554838][ T6203] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  187.573544][ T4272] EXT4-fs (loop2): unmounting filesystem.
[  187.608264][ T6203] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  189.723488][ T6225] netlink: 20 bytes leftover after parsing attributes in process `syz.5.442'.
[  191.150009][ T6246] loop0: detected capacity change from 0 to 16
[  191.242138][ T6246] erofs: (device loop0): mounted with root inode @ nid 36.
[  191.284536][   T27] audit: type=1800 audit(1780418137.404:8): pid=6246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.446" name="file1" dev="loop0" ino=86 res=0 errno=0
[  191.290425][ T6246] syz.0.446: attempt to access beyond end of device
[  191.290425][ T6246] loop0: rw=0, sector=34359738360, nr_sectors = 1152 limit=16
[  191.353968][ T6247] device batadv_slave_0 entered promiscuous mode
[  191.361130][ T6247] device batadv_slave_1 entered promiscuous mode
[  192.373782][ T6245] device batadv_slave_1 left promiscuous mode
[  192.380613][ T6245] device batadv_slave_0 left promiscuous mode
[  192.767442][ T6255] loop5: detected capacity change from 0 to 16
[  192.805877][ T6255] erofs: (device loop5): mounted with root inode @ nid 36.
[  193.197620][ T6260] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  193.306147][ T6260] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117]
[  194.212112][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  194.391233][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  194.814230][ T6281] kvm [6280]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0xc1) = 0x800
[  194.826685][ T6281] kvm [6280]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0xc2) = 0x800
[  194.861123][ T6281] kvm [6280]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0x11e) = 0xbe702911
[  195.677401][ T6281] kvm [6280]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0x186) = 0x800
[  195.721155][ T6281] kvm [6280]: vcpu0, guest rIP: 0x79 Unhandled WRMSR(0x187) = 0x800
[  195.831785][ T6279] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  196.041743][ T6279] usb 6-1: Using ep0 maxpacket: 32
[  196.053259][ T6279] usb 6-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  196.066597][ T6279] usb 6-1: config 0 interface 0 has no altsetting 0
[  196.081284][ T6279] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  196.278143][ T6279] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.779408][ T6279] usb 6-1: config 0 descriptor??
[  198.181992][ T6279] usbhid 6-1:0.0: can't add hid device: -71
[  198.188025][ T6279] usbhid: probe of 6-1:0.0 failed with error -71
[  198.230821][ T6323] loop5: detected capacity change from 0 to 2048
[  198.246568][ T6279] usb 6-1: USB disconnect, device number 4
[  198.305504][ T6323] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  198.711837][ T4316] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  198.730861][ T6330] binder: 6329:6330 ioctl c0306201 200000000080 returned -14
[  198.924677][ T4316] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  198.941259][ T4316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.979241][ T4316] usb 5-1: config 0 descriptor??
[  198.997483][ T4316] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  199.013297][ T6336] loop0: detected capacity change from 0 to 256
[  199.090031][ T6336] FAT-fs (loop0): Directory bread(block 64) failed
[  199.126724][ T6336] FAT-fs (loop0): Directory bread(block 65) failed
[  199.133541][ T6336] FAT-fs (loop0): Directory bread(block 66) failed
[  199.140124][ T6336] FAT-fs (loop0): Directory bread(block 67) failed
[  199.181794][ T6336] FAT-fs (loop0): Directory bread(block 68) failed
[  199.188373][ T6336] FAT-fs (loop0): Directory bread(block 69) failed
[  199.225998][ T6336] FAT-fs (loop0): Directory bread(block 70) failed
[  199.239041][ T6336] FAT-fs (loop0): Directory bread(block 71) failed
[  199.247381][ T6336] FAT-fs (loop0): Directory bread(block 72) failed
[  199.255435][ T6336] FAT-fs (loop0): Directory bread(block 73) failed
[  199.351780][ T6279] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  199.581320][ T6279] usb 6-1: config 0 interface 0 altsetting 255 endpoint 0x4 has an invalid bInterval 0, changing to 10
[  199.682162][ T6279] usb 6-1: config 0 interface 0 altsetting 255 endpoint 0x4 has invalid maxpacket 169, setting to 64
[  199.878111][ T6279] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.068243][ T6279] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  200.200264][ T6279] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  200.414492][ T6279] usb 6-1: Product: syz
[  200.418741][ T6279] usb 6-1: Manufacturer: syz
[  200.423811][ T6279] usb 6-1: SerialNumber: syz
[  200.437847][ T6279] usb 6-1: config 0 descriptor??
[  200.444699][ T6338] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  200.456220][ T6279] usb 6-1: selecting invalid altsetting 0
[  200.709238][ T6338] usb 6-1: BOGUS urb xfer, pipe 0 != type 1
[  200.789299][ T6350] device batadv_slave_0 entered promiscuous mode
[  200.898153][ T4316] usb 6-1: USB disconnect, device number 5
[  201.038112][ T6279] usb 5-1: USB disconnect, device number 9
[  201.105197][ T6347] device batadv_slave_0 left promiscuous mode
[  202.828911][ T6378] loop5: detected capacity change from 0 to 256
[  202.955307][ T6378] exfat: Deprecated parameter 'utf8'
[  202.960981][ T6378] exfat: Deprecated parameter 'utf8'
[  202.966831][ T6378] exfat: Deprecated parameter 'utf8'
[  203.435345][ T6378] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  203.916085][ T6378] program syz.5.486 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  205.341605][    C0] sched: RT throttling activated
[  205.868696][ T6411] loop5: detected capacity change from 0 to 512
[  205.907301][ T6411] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  205.975316][ T6411] EXT4-fs (loop5): 1 truncate cleaned up
[  205.981809][ T6411] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  206.058088][ T6409] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  206.101701][ T4316] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  206.142153][ T5088] EXT4-fs (loop5): unmounting filesystem.
[  206.292572][ T4316] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  206.312037][ T4316] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  206.327870][ T4316] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  206.338536][ T4316] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  206.359413][ T4316] usb 1-1: SerialNumber: syz
[  206.359528][ T6419] netlink: 'syz.1.497': attribute type 12 has an invalid length.
[  206.536045][ T5125] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.590587][ T4316] usb 1-1: 0:2 : does not exist
[  206.638009][ T4316] usb 1-1: USB disconnect, device number 8
[  206.740046][ T5125] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.878853][ T6412] loop4: detected capacity change from 0 to 40427
[  206.913873][ T5125] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.055899][ T5125] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.147429][ T6412] loop4: detected capacity change from 0 to 4096
[  208.275313][ T4288] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  208.284938][ T4288] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  208.294449][ T4288] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  208.316280][ T4288] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  208.326757][ T4288] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  208.358209][ T4320] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  208.366071][ T4288] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  208.585512][ T4320] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  208.664171][ T4320] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  208.842369][ T4320] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  208.955516][ T4320] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  209.049679][ T4320] usb 1-1: SerialNumber: syz
[  209.254392][ T6443] loop2: detected capacity change from 0 to 128
[  209.424017][ T4320] usb 1-1: 0:2 : does not exist
[  209.438206][ T6443] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  209.548241][ T4320] usb 1-1: USB disconnect, device number 9
[  209.565618][ T6443] ext4 filesystem being mounted at /106/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  209.702512][ T4356] udevd[4356]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  210.431841][ T4288] Bluetooth: hci2: command 0x0409 tx timeout
[  210.573839][ T4272] EXT4-fs (loop2): unmounting filesystem.
[  212.776029][ T4287] Bluetooth: hci2: command 0x041b tx timeout
[  213.931689][ T6433] chnl_net:caif_netlink_parms(): no params data found
[  214.857583][ T4288] Bluetooth: hci2: command 0x040f tx timeout
[  215.087161][ T6498] netlink: 4 bytes leftover after parsing attributes in process `syz.0.516'.
[  215.480938][ T6498] team0: Port device team_slave_0 removed
[  215.736153][ T6433] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.744638][ T6433] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.753392][ T6433] device bridge_slave_0 entered promiscuous mode
[  215.770515][ T6433] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.780413][ T6433] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.796281][ T6433] device bridge_slave_1 entered promiscuous mode
[  215.836165][ T6433] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.848772][ T6433] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.949154][ T6433] team0: Port device team_slave_0 added
[  216.911731][ T4288] Bluetooth: hci2: command 0x0419 tx timeout
[  217.145944][ T6433] team0: Port device team_slave_1 added
[  217.206453][ T6433] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.224530][ T6433] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.298939][ T6433] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.588344][ T5125] device hsr_slave_0 left promiscuous mode
[  217.706175][ T5125] device hsr_slave_1 left promiscuous mode
[  217.848795][ T5125] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.900330][ T5125] batman_adv: batadv0: Removing interface: batadv_slave_0
[  218.047439][ T5125] device bridge_slave_1 left promiscuous mode
[  218.056233][ T5125] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.097672][ T5125] device bridge_slave_0 left promiscuous mode
[  218.152627][ T5125] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.207940][ T6537] loop4: detected capacity change from 0 to 8192
[  218.249876][ T6547] loop2: detected capacity change from 0 to 2048
[  218.267117][ T5125] device veth1_macvtap left promiscuous mode
[  218.273239][ T5125] device veth0_macvtap left promiscuous mode
[  218.279438][ T5125] device veth1_vlan left promiscuous mode
[  218.285692][ T5125] device veth0_vlan left promiscuous mode
[  218.287594][ T6537] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  218.327441][ T6549] loop0: detected capacity change from 0 to 2048
[  218.364761][ T6537] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  218.376460][ T6537] REISERFS (device loop4): using ordered data mode
[  218.383542][ T6537] reiserfs: using flush barriers
[  218.384313][ T6547] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  218.390768][ T6537] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  218.418370][ T6537] REISERFS (device loop4): checking transaction log (loop4)
[  218.468256][ T6549] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  218.593755][ T6537] REISERFS (device loop4): Using r5 hash to sort names
[  218.671018][ T6547] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1126: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  218.688723][ T6547] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  218.701294][ T6547] EXT4-fs (loop2): This should not happen!! Data will be lost
[  218.701294][ T6547] 
[  218.711266][ T6547] EXT4-fs (loop2): Total free blocks count 0
[  218.718333][ T6547] EXT4-fs (loop2): Free/Dirty block details
[  218.725605][ T6547] EXT4-fs (loop2): free_blocks=2415919504
[  218.731391][ T6547] EXT4-fs (loop2): dirty_blocks=48
[  218.736553][ T6547] EXT4-fs (loop2): Block reservation details
[  218.742622][ T6547] EXT4-fs (loop2): i_reserved_data_blocks=3
[  218.821095][ T6537] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  218.951038][ T4272] EXT4-fs (loop2): unmounting filesystem.
[  219.521573][ T6566] loop0: detected capacity change from 0 to 512
[  219.539996][ T6566] EXT4-fs: Ignoring removed i_version option
[  219.799113][ T6566] EXT4-fs: Ignoring removed nobh option
[  219.821788][ T6566] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  220.093823][ T6566] EXT4-fs (loop0): 1 truncate cleaned up
[  220.107061][ T6566] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  221.242500][ T4276] EXT4-fs (loop0): unmounting filesystem.
[  225.925642][ T5125] team0 (unregistering): Port device team_slave_1 removed
[  226.059060][ T5125] team0 (unregistering): Port device team_slave_0 removed
[  226.223359][ T5125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  226.361023][ T5125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.262130][ T6629] loop4: detected capacity change from 0 to 8192
[  227.341757][  T129] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  227.442377][ T6629] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  227.583257][  T129] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.615999][ T6629] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  227.648177][  T129] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  227.718693][ T6629] REISERFS (device loop4): using ordered data mode
[  227.745262][  T129] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.748071][ T6629] reiserfs: using flush barriers
[  227.786698][ T6629] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  227.813364][  T129] usb 1-1: config 0 descriptor??
[  227.819576][ T6629] REISERFS (device loop4): checking transaction log (loop4)
[  227.834928][ T6629] REISERFS (device loop4): Using r5 hash to sort names
[  227.859155][ T6629] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  229.430395][  T129] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[  229.448767][  T129] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0006/input/input9
[  229.468668][ T5125] bond0 (unregistering): Released all slaves
[  230.315917][  T129] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  230.382034][ T6433] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.418982][ T6433] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.501683][ T6433] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.552830][ T6573] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  230.719396][ T6433] device hsr_slave_0 entered promiscuous mode
[  230.745528][ T6433] device hsr_slave_1 entered promiscuous mode
[  230.763457][ T6433] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  230.776958][ T6433] Cannot create hsr debugfs directory
[  231.598155][ T6279] usb 1-1: USB disconnect, device number 10
[  231.612845][ T6654] Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  231.715885][ T4320] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  232.047690][ T4320] usb 3-1: config 0 interface 0 altsetting 255 endpoint 0x4 has an invalid bInterval 0, changing to 10
[  232.126031][   T27] audit: type=1800 audit(1780418178.244:9): pid=6658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.551" name="/" dev="fuse" ino=1 res=0 errno=0
[  232.211629][ T4320] usb 3-1: config 0 interface 0 altsetting 255 endpoint 0x4 has invalid maxpacket 169, setting to 64
[  232.254160][ T4320] usb 3-1: config 0 interface 0 has no altsetting 0
[  232.310765][ T4320] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  232.357341][ T6662] loop0: detected capacity change from 0 to 1024
[  232.366451][ T4320] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  232.416492][ T4320] usb 3-1: Product: syz
[  232.420685][ T4320] usb 3-1: Manufacturer: syz
[  232.486739][ T4320] usb 3-1: SerialNumber: syz
[  232.521365][ T4320] usb 3-1: config 0 descriptor??
[  232.540297][ T6433] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  232.553483][ T6652] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  232.565337][ T4320] usb 3-1: selecting invalid altsetting 0
[  232.681028][ T6433] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  232.739989][ T6433] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  232.793699][ T6433] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  232.824612][ T6671] sch_tbf: burst 4095 is lower than device lo mtu (65550) !
[  232.976605][ T4319] usb 3-1: USB disconnect, device number 10
[  232.976654][    C1] usb 3-1: Unable to submit urb #0: -19 at snd_usb_queue_pending_output_urbs
[  232.992007][    C1] dummy_hcd dummy_hcd.2: timer fired with no URBs pending?
[  233.100762][ T6433] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.139878][ T5125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  233.154674][ T5125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  233.169731][ T6433] 8021q: adding VLAN 0 to HW filter on device team0
[  233.194380][ T5125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  233.208325][ T5125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  233.250651][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.257785][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.282194][ T5125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  233.313715][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  233.332092][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  233.370394][ T4328] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.377594][ T4328] bridge0: port 2(bridge_slave_1) entered forwarding state
[  233.399196][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  233.411033][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  233.439132][ T6433] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  233.471726][ T6433] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  233.493028][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  233.505789][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  233.525867][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  233.556356][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  233.574996][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  233.588374][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  233.652322][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  233.692298][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  233.730840][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  233.779485][ T4606] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  236.087281][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  236.168650][ T4328] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  236.328463][ T6433] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.992190][ T6735] loop0: detected capacity change from 0 to 128
[  240.192342][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  240.214032][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  240.245268][ T6760] device syzkaller0 entered promiscuous mode
[  240.273077][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  240.297068][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  240.343186][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  240.352293][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  240.444962][ T6433] device veth0_vlan entered promiscuous mode
[  240.503729][ T6433] device veth1_vlan entered promiscuous mode
[  240.606262][ T6433] device veth0_macvtap entered promiscuous mode
[  240.633526][ T5124] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  240.656780][ T5124] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  240.783068][ T5124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  240.823095][ T5124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  240.892355][ T5124] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  241.308480][ T6433] device veth1_macvtap entered promiscuous mode
[  241.379474][ T6433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  241.421169][ T6433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.441619][    C0] hrtimer: interrupt took 44447 ns
[  241.469526][ T6433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  241.564158][ T6433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.740096][ T6433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  241.902634][ T6433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.184155][ T6433] batman_adv: batadv0: Interface activated: batadv_slave_0
[  242.226278][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  242.273486][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  242.515525][ T6433] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  242.637935][ T6433] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.850839][ T6433] batman_adv: batadv0: Interface activated: batadv_slave_1
[  243.084155][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  243.116880][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  243.128476][ T6433] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  243.141828][ T6433] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  243.150534][ T6433] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  243.162183][ T6433] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  243.381894][ T4320] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  243.478761][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  243.481498][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  243.487322][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  243.507089][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  244.121707][ T4320] usb 3-1: Using ep0 maxpacket: 16
[  245.544369][ T4320] usb 3-1: unable to get BOS descriptor or descriptor too short
[  245.594487][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.602914][ T4320] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  245.615748][ T5125] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  245.626579][ T4320] usb 3-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  245.691740][ T4320] usb 3-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[  246.917735][ T4320] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.926096][ T4320] usb 3-1: Product: syz
[  246.930280][ T4320] usb 3-1: Manufacturer: syz
[  246.935174][ T4320] usb 3-1: SerialNumber: syz
[  246.941922][ T4320] usb 3-1: can't set config #1, error -71
[  246.948978][ T4320] usb 3-1: USB disconnect, device number 11
[  247.951685][ T6279] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  248.151405][ T6279] usb 7-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  248.253462][ T6279] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.620763][ T6279] usb 7-1: config 0 descriptor??
[  248.781511][ T6279] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  248.905694][   T27] audit: type=1800 audit(1780418195.024:10): pid=6838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.585" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  249.906517][ T6844] loop0: detected capacity change from 0 to 2048
[  250.110552][ T6844] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0x58 != 0xd4
[  250.161947][ T6844] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  250.257047][ T6844] UDF-fs: error (device loop0): udf_read_inode: (ino 1376) failed !bh
[  250.287170][ T6857] netlink: 'syz.2.588': attribute type 10 has an invalid length.
[  250.300230][ T6857] 8021q: adding VLAN 0 to HW filter on device team0
[  250.308840][ T6857] bond0: (slave team0): Enslaving as an active interface with an up link
[  250.355305][ T6844] UDF-fs: error (device loop0): udf_fill_super: Error in udf_iget, block=64, partition=0
[  250.602508][ T6279] gspca_stv06xx: Photobit pb0100 sensor detected
[  250.900744][ T6279] input: STV06xx as /devices/platform/dummy_hcd.6/usb7/7-1/input/input10
[  251.031846][ T6279] usb 7-1: USB disconnect, device number 2
[  251.101264][ T6875] xt_CT: You must specify a L4 protocol and not use inversions on it
[  253.026597][ T6279] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  253.831726][ T6279] usb 7-1: Using ep0 maxpacket: 16
[  253.845766][ T6279] usb 7-1: unable to get BOS descriptor or descriptor too short
[  253.881336][ T6279] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  253.917287][ T6279] usb 7-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  255.213005][ T6279] usb 7-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[  255.241157][ T6279] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.293366][ T6279] usb 7-1: can't set config #1, error -71
[  255.327183][ T6279] usb 7-1: USB disconnect, device number 3
[  255.502173][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  255.508507][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  257.624723][ T6934] fuse: Bad value for 'fd'
[  257.831164][ T6938] loop6: detected capacity change from 0 to 4096
[  258.962750][ T6938] ntfs: (device loop6): ntfs_read_inode_mount(): Incorrect mft record size 2048 in superblock, should be 4096.
[  258.974712][ T6938] ntfs: (device loop6): ntfs_read_inode_mount(): Failed. Marking inode as bad.
[  258.983697][ T6938] ntfs: (device loop6): ntfs_fill_super(): Failed to load essential metadata.
[  263.484492][ T6974] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[  270.560719][ T7010] loop0: detected capacity change from 0 to 8192
[  270.593641][ T7010] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  270.616907][ T7010] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  270.627023][ T7010] REISERFS (device loop0): using ordered data mode
[  270.633809][ T7010] reiserfs: using flush barriers
[  270.643864][ T7019] netlink: 'syz.6.621': attribute type 1 has an invalid length.
[  270.670073][ T7010] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  270.688434][ T7010] REISERFS (device loop0): checking transaction log (loop0)
[  270.751039][ T7010] REISERFS (device loop0): Using r5 hash to sort names
[  270.789281][ T7010] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  272.311772][   T27] audit: type=1804 audit(1780418218.424:11): pid=7025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.623" name="/newroot/126/bus/file1" dev="overlay" ino=710 res=1 errno=0
[  272.697912][ T7039] sch_tbf: burst 555 is lower than device syzkaller0 mtu (1514) !
[  272.750408][ T7039] device syzkaller0 entered promiscuous mode
[  272.999625][ T7039] tipc: Started in network mode
[  273.006800][ T7039] tipc: Node identity 4e70218047cc, cluster identity 4711
[  273.024990][ T7039] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  273.791947][ T7038] tipc: Resetting bearer <eth:syzkaller0>
[  274.630279][ T7038] tipc: Disabling bearer <eth:syzkaller0>
[  274.665369][ T4318] tipc: Node number set to 163324288
[  275.637595][ T7063] loop2: detected capacity change from 0 to 2048
[  275.793649][ T7068] device syzkaller0 entered promiscuous mode
[  275.800716][ T7063] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  276.200556][ T7082] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1126: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  276.217845][ T7082] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  276.696235][ T7082] EXT4-fs (loop2): This should not happen!! Data will be lost
[  276.696235][ T7082] 
[  276.736219][ T7082] EXT4-fs (loop2): Total free blocks count 0
[  276.742553][ T7082] EXT4-fs (loop2): Free/Dirty block details
[  276.748545][ T7082] EXT4-fs (loop2): free_blocks=2415919504
[  276.755696][ T7082] EXT4-fs (loop2): dirty_blocks=48
[  276.760919][ T7082] EXT4-fs (loop2): Block reservation details
[  276.767026][ T7082] EXT4-fs (loop2): i_reserved_data_blocks=3
[  276.805655][ T7084] 
[  276.808014][ T7084] ============================================
[  276.814163][ T7084] WARNING: possible recursive locking detected
[  276.820328][ T7084] syzkaller #0 Not tainted
[  276.824741][ T7084] --------------------------------------------
[  276.830888][ T7084] syz.4.635/7084 is trying to acquire lock:
[  276.836780][ T7084] ffffffff8d3f4f98 (qp_broker_list.mutex){+.+.}-{3:3}, at: vmci_qp_broker_detach+0x114/0xf00
[  276.846990][ T7084] 
[  276.846990][ T7084] but task is already holding lock:
[  276.854351][ T7084] ffffffff8d3f4f98 (qp_broker_list.mutex){+.+.}-{3:3}, at: vmci_qp_broker_detach+0x114/0xf00
[  276.864543][ T7084] 
[  276.864543][ T7084] other info that might help us debug this:
[  276.872600][ T7084]  Possible unsafe locking scenario:
[  276.872600][ T7084] 
[  276.880051][ T7084]        CPU0
[  276.883328][ T7084]        ----
[  276.886607][ T7084]   lock(qp_broker_list.mutex);
[  276.891461][ T7084]   lock(qp_broker_list.mutex);
[  276.896314][ T7084] 
[  276.896314][ T7084]  *** DEADLOCK ***
[  276.896314][ T7084] 
[  276.904449][ T7084]  May be due to missing lock nesting notation
[  276.904449][ T7084] 
[  276.912764][ T7084] 1 lock held by syz.4.635/7084:
[  276.917696][ T7084]  #0: ffffffff8d3f4f98 (qp_broker_list.mutex){+.+.}-{3:3}, at: vmci_qp_broker_detach+0x114/0xf00
[  276.928331][ T7084] 
[  276.928331][ T7084] stack backtrace:
[  276.934247][ T7084] CPU: 0 PID: 7084 Comm: syz.4.635 Not tainted syzkaller #0
[  276.941530][ T7084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  276.951594][ T7084] Call Trace:
[  276.954876][ T7084]  <TASK>
[  276.957795][ T7084]  dump_stack_lvl+0x188/0x24e
[  276.962463][ T7084]  ? show_regs_print_info+0x12/0x12
[  276.967651][ T7084]  ? load_image+0x400/0x400
[  276.972150][ T7084]  __lock_acquire+0x123e/0x7d10
[  276.977004][ T7084]  ? __lock_acquire+0x7d10/0x7d10
[  276.982025][ T7084]  ? verify_lock_unused+0x140/0x140
[  276.987213][ T7084]  ? mark_lock+0x94/0x320
[  276.991532][ T7084]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  276.997502][ T7084]  ? lock_chain_count+0x20/0x20
[  277.002348][ T7084]  lock_acquire+0x1bb/0x4a0
[  277.006843][ T7084]  ? vmci_qp_broker_detach+0x114/0xf00
[  277.012294][ T7084]  ? __might_sleep+0xd0/0xd0
[  277.016869][ T7084]  ? read_lock_is_recursive+0x10/0x10
[  277.022233][ T7084]  ? kasan_set_track+0x60/0x70
[  277.026986][ T7084]  ? kasan_save_free_info+0x2d/0x50
[  277.032171][ T7084]  ? ____kasan_slab_free+0x126/0x1e0
[  277.037450][ T7084]  ? slab_free_freelist_hook+0x131/0x1a0
[  277.043071][ T7084]  __mutex_lock+0x12d/0xaf0
[  277.047559][ T7084]  ? vmci_qp_broker_detach+0x114/0xf00
[  277.053012][ T7084]  ? exit_to_user_mode_loop+0xe6/0x110
[  277.058462][ T7084]  ? exit_to_user_mode_prepare+0xee/0x180
[  277.064171][ T7084]  ? do_syscall_64+0x58/0xa0
[  277.068752][ T7084]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  277.074809][ T7084]  ? vmci_qp_broker_detach+0x114/0xf00
[  277.080270][ T7084]  ? mutex_lock_nested+0x10/0x10
[  277.085199][ T7084]  ? mark_lock+0x94/0x320
[  277.089520][ T7084]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  277.095494][ T7084]  vmci_qp_broker_detach+0x114/0xf00
[  277.100774][ T7084]  ? kasan_quarantine_put+0xd4/0x220
[  277.106047][ T7084]  ? lockdep_hardirqs_on+0x94/0x140
[  277.111234][ T7084]  ? qp_notify_peer+0x1f0/0x1f0
[  277.116072][ T7084]  ? slab_free_freelist_hook+0x131/0x1a0
[  277.121693][ T7084]  ? vmci_ctx_put+0x5ca/0xc40
[  277.126359][ T7084]  ? __kmem_cache_free+0xb6/0x1f0
[  277.131373][ T7084]  vmci_ctx_put+0x629/0xc40
[  277.135866][ T7084]  ? vmci_ctx_put+0x13e/0xc40
[  277.140532][ T7084]  ? preempt_schedule_common+0xa5/0xd0
[  277.145991][ T7084]  ? vmci_ctx_destroy+0xf0/0xf0
[  277.150846][ T7084]  ? preempt_schedule+0xbc/0xd0
[  277.155691][ T7084]  ? schedule_preempt_disabled+0x20/0x20
[  277.161309][ T7084]  ? __lock_acquire+0x7d10/0x7d10
[  277.166323][ T7084]  ? __rwlock_init+0x140/0x140
[  277.171072][ T7084]  vmci_ctx_enqueue_datagram+0x3a7/0x420
[  277.176700][ T7084]  vmci_datagram_dispatch+0x449/0xc10
[  277.182061][ T7084]  ? vmci_is_context_owner+0xd0/0xd0
[  277.187334][ T7084]  vmci_qp_broker_detach+0x8ca/0xf00
[  277.192610][ T7084]  ? qp_notify_peer+0x1f0/0x1f0
[  277.197449][ T7084]  ? vmci_ctx_put+0x5ca/0xc40
[  277.202111][ T7084]  ? __kmem_cache_free+0xb6/0x1f0
[  277.207123][ T7084]  vmci_ctx_put+0x629/0xc40
[  277.211618][ T7084]  ? vmci_ctx_put+0x13e/0xc40
[  277.216286][ T7084]  ? vmci_ctx_destroy+0xf0/0xf0
[  277.221121][ T7084]  ? do_raw_spin_lock+0x128/0x2f0
[  277.226144][ T7084]  ? __rwlock_init+0x140/0x140
[  277.230896][ T7084]  ? do_raw_spin_unlock+0x11d/0x230
[  277.236081][ T7084]  vmci_host_close+0x97/0x160
[  277.240748][ T7084]  ? vmci_host_open+0xe0/0xe0
[  277.245415][ T7084]  __fput+0x22c/0x920
[  277.249387][ T7084]  task_work_run+0x1d0/0x260
[  277.253968][ T7084]  ? task_work_cancel+0x220/0x220
[  277.258982][ T7084]  ? exit_to_user_mode_loop+0x3b/0x110
[  277.264433][ T7084]  exit_to_user_mode_loop+0xe6/0x110
[  277.269725][ T7084]  exit_to_user_mode_prepare+0xee/0x180
[  277.275273][ T7084]  syscall_exit_to_user_mode+0x16/0x40
[  277.280721][ T7084]  do_syscall_64+0x58/0xa0
[  277.285124][ T7084]  ? clear_bhb_loop+0x60/0xb0
[  277.289791][ T7084]  ? clear_bhb_loop+0x60/0xb0
[  277.294458][ T7084]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  277.300340][ T7084] RIP: 0033:0x7f57aff9ce59
[  277.304756][ T7084] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  277.324352][ T7084] RSP: 002b:00007f57b0e94028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  277.332757][ T7084] RAX: 0000000000000000 RBX: 00007f57b0216090 RCX: 00007f57aff9ce59
[  277.340715][ T7084] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000005
[  277.348680][ T7084] RBP: 00007f57b0032d6f R08: 0000000000000000 R09: 0000000000000000
[  277.356636][ T7084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  277.364595][ T7084] R13: 00007f57b0216128 R14: 00007f57b0216090 R15: 00007ffe69e3b0e8
[  277.372565][ T7084]  </TASK>
[  277.387784][ T4272] EXT4-fs (loop2): unmounting filesystem.