last executing test programs:

2m30.217598469s ago: executing program 0 (id=1268):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xb, &(0x7f0000000000)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20008000}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x38, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2m30.015468951s ago: executing program 0 (id=1270):
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x1, 0x15, 0x0, "89753015418ab0cb0900245518580ce0c8bf604cca41f31c108938fcfa393ef569e0bcf244bb4b23555b130900000000000000d0f08e8ad896ba67a07673defa", "8b609009aaa722681a1e2513d754f688a9e306ee1dba533f02e1b69da6e26ec889fee40080000027cc7d24fdc26f1a95d702020000e4b8fb1703e47463b969e4", "ca1bf5ffffffffffffff6570128218a0d22915ff6eddb10000800400", [0xc]})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @dstopts_2292={{0x1c8, 0x29, 0x4, {0x4, 0x35, '\x00', [@generic={0xfe, 0x6d, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b14420ab124b11de36afb16ef4fc1cf3f4e4fa0e647cd1b07b068d3894180b6aa7527a4a8252f6836a0d67a7782c675a838ea989e567e4774de1f52d18"}, @generic={0x80, 0x14, "09e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad"}, @calipso={0x7, 0x30, {0x1, 0xa, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x400, 0xb]}}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @pad1, @ra={0x5, 0x2, 0xbf4}, @generic={0xfd, 0xd3, "1535ebfdb99e0d39d28fb7f215a54151de67b9687327f73080bb73c35bad11f299c8b1f644acb1a95df98c8149faff35640b1df83d4aa03c3b99cf5dbe2746a6d54410686a5e46ff586dba7fed5df29dd37cbf320287e08f602021944b6b09ea13002d7b3a54c3c5c1da49595a1af9008fb4d75b14f3b2dd6064c5eeae6f6bfa6439ded277798140d3cfd9e105570b848ebf79b34b89945b336eb3dc2682644a086ba1ef6ab36b568807c440dabfeaa65229d6be10a7122f4b935858215daa71d1b3d1130cc791323eae973c40eee8599a40c9"}, @generic={0x93, 0xf, "e80ee304ecb784ec4655260cecea14"}]}}}, @hoplimit={{0x14}}, @hopopts={{0x98, 0x29, 0x36, {0x5e, 0x10, '\x00', [@generic={0xff, 0x38, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21c34b45ef9de99984e143ca7c3509a971b2ec429ee1edc0"}, @pad1, @pad1, @calipso={0x7, 0x28, {0x3, 0x8, 0x0, 0xfff, [0x2, 0x4, 0x966, 0xfffffffffffffff8]}}, @calipso={0x7, 0x8, {0x0, 0x0, 0x7, 0x6}}, @generic={0x8}, @calipso={0x7, 0x8, {0x3, 0x0, 0x3}}]}}}], 0x290}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2m29.043786987s ago: executing program 0 (id=1275):
openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f000000acc0)=[{{0x0, 0x0, &(0x7f0000003c40)=[{0x0}], 0x1}, 0x727}], 0x1, 0x60, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x181240, 0x4e)
r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff4000/0xa000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0xac9, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x10000008, 0x11b})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
sendfile(r0, r2, 0x0, 0x20000000000006)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000240)=0x9, 0x4)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
r4 = socket$caif_stream(0x25, 0x1, 0x4)
setsockopt$CAIFSO_LINK_SELECT(r4, 0x116, 0x7f, 0x0, 0x0)

2m28.887298017s ago: executing program 0 (id=1277):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x21008, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
chroot(&(0x7f0000000080)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00')

2m28.747432865s ago: executing program 0 (id=1280):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40)
semctl$GETALL(0x0, 0x0, 0xd, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000001c0)={0x48, r2, 0x1, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x2a, 0x33, @action={{{}, {}, @device_b, @device_a, @initial, {0x0, 0x2}}, @delba={0x3, 0x2, {{0x0, 0x1}, 0x12, {0xbd, 0x6}}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20028805}, 0x24000846)

2m28.340987689s ago: executing program 0 (id=1285):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x78, r4, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'ip_vti0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x8800}, 0x1)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f00000011c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr=0x64010102, @multicast1=0xe0000300}, @redirect={0x5, 0x0, 0x0, @loopback, {0x5, 0x4, 0x1, 0x0, 0x1, 0x66, 0x6, 0x3, 0x6c, 0x0, @broadcast, @local}}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe000031f, 0x0, "ff00000058b274e6d845167fefe428970548fc3c7b00000000000000fcff00", 0xb2, 0xb, 0x6, 0x6}, 0x3c)

2m28.027950957s ago: executing program 32 (id=1285):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x78, r4, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'ip_vti0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x8800}, 0x1)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f00000011c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr=0x64010102, @multicast1=0xe0000300}, @redirect={0x5, 0x0, 0x0, @loopback, {0x5, 0x4, 0x1, 0x0, 0x1, 0x66, 0x6, 0x3, 0x6c, 0x0, @broadcast, @local}}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe000031f, 0x0, "ff00000058b274e6d845167fefe428970548fc3c7b00000000000000fcff00", 0xb2, 0xb, 0x6, 0x6}, 0x3c)

1m26.786106339s ago: executing program 3 (id=1567):
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}, 0xc44}], 0x1, 0x1820b, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mlock(&(0x7f0000a93000/0x4000)=nil, 0x4000)
io_submit(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000000)={0x0, 0x0})
memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\x04\x00\x00\x00\x00\x00\x00\x00\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\xdf$2dUU\x18\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xedZd\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\xb2W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\x14\x16\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11\xb2', 0x3)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r2, 0x400454d1, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, 0x0, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f00000000c0)={0x6, "1f938a7b853b3a9b0b00000000000000008900", <r4=>0xffffffffffffffff})
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000080)={0x1ff, "1f138a91b80f3795181800c70511603979e1ef3b3a9b0b8c7d6a34f124708900", <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000140)={"50edd24983fde74e78682dbc67d293c19050af5f39c0ce29436807917da2c17e", r6, <r7=>0xffffffffffffffff})
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2c, &(0x7f0000000280)={0x7, {{0xa, 0x4e21, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}}, {{0xa, 0x4e24, 0x2, @mcast2, 0x4}}}, 0x108)
poll(&(0x7f00000001c0)=[{r7}], 0x1, 0x0)
socket$inet6(0xa, 0x3, 0x7)
sendto$inet6(r1, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)

1m24.488042672s ago: executing program 3 (id=1579):
unshare(0x6a040000)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3)
close_range(r0, r0, 0x2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)
socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2}, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

1m23.553831997s ago: executing program 3 (id=1584):
r0 = socket$netlink(0x10, 0x3, 0x0)
creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
r5 = syz_open_pts(r4, 0x141601)
write(r5, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[], 0x4c}}, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@version_u}]}})

1m22.827234479s ago: executing program 3 (id=1586):
rename(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000050, &(0x7f0000000180)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@jqfmt_vfsv0}, {@resgid}, {@mblk_io_submit}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@quota}]}, 0x10, 0x4e0, &(0x7f0000000400)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveC9F28lLdrdpLFt8KFWEPtUsNb3GpNNCNlkQ3bTNqFIiu8KIir45JMvgn+AIP0TRCjou1RRRFt98EFd2dnZ2sbdbEq3OyX5fGA6Z+Zs5vs9DTkzZ+awE8Cx9WFEXIuIsYg4HxGT+f40X6636292Pvf0yf3F9pJEq3Xrr0kk+b7usZJ8fSYi9iLiZER8/XrEt5L/j9vY2V1bqNWqW/l2pbm+WWns7F5YXV9Yqa5UN+bmZi/PX5m/ND8zlHZORcTVr/zxh9/72Vev/urzd39/+8/nvt1OayKvf74dA/Voz8EfLWX/F13jEbF1+EO80cbydalP/XfHRpgMAAADta/xPx4Rn8mu/ydjLLs6BQAAAI6S1pcm4l9JRAsAAAA4stJsDmySlvO5ABORpuVyZw7vJ+N0Wqs3mp9brm9vLHXmyk5FKV1erVVn8rnCU1FK2tuz+Rzb7vbFfdtzEfFORPxg8lS2XV6s15aKvvkBAAAAx8SZfeP/f0xm4/8TRecFAAAADNlU0QkAAAAAr53xPwAAABx9xv8AAABwpH3txo320uq+/3rpzs72Wv3OhaVqY628vr1YXqxvbZZX6vWV7Dv71gcdr1avb34hNrbvVZrVRrPS2Nm9vV7f3mjeXn3hFdgAAADACL3zwcPfJRGx98VT2dL2VtFJASORDKjPXhLyON/4wwgSAkZmrOgEgMKMF50AUJhS0QkAhRt0H6Dv5J1fDz8XAADg9Zj+VP/n/+4NwNGWFp0AADBynv/D8VV6cQbgpeIyAYrysQH1r/78v9V6qYQAAIChm8iWJC3nzwInIk3L5Yi3s9cClJLl1Vp1Jh8f/HaydKK9PZv9ZDJwzjAAAAAAAAAAAAAAAAAAAAAAAAAA0NFqJdECAAAAjrSI9E9J9m3+EdOTZyf23x94K/nnZLaOiLs/ufWjewvN5tZse//fnu1v/jjff7GIOxgAAADAft1xenccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADD9PTJ/cXuMsq4f/lyREz1jP/ByWx1MkoRcfrvSYw/93NJRIwNIf7eg4h4t1f8pJ1WTEUni17xTxUYP42IM0OID8fZw3b/c63X318aH2br3n9/4/nyqvr3f2l0+7+xPv3P24eM8d6jX1T6xn8Q8d547/6nGz/pE/+jQ8b/5jd2d/vVtX4aMd3z/JO8EKvSXN+sNHZ2L6yuL6xUV6obc3Ozl+evzF+an6ksr9aq+b89Y3z/07/8z0HtP90n/tSA9p89ZPv//ejek090iqVe8c991Pv8+26f+Gl+7vtsXm7XT3fLe53y897/+W/eP6j9S33a/+z33+NE24557pDtP3/zO48P+VEAYAQaO7trC7VadeuVCsM6zksW0iggqMJrKpx4M9JQ6BQO6jWS0XVQAADA0Pzvor/oTAAAAAAAAAAAAAAAAAAAAOD4GsXXie2PuVdMUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADvTfAAAA///tT9il")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, r0, 0x0, 0xa100000f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00004093'], 0x2a, 0xfffffffffffffffc)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='s', 0x1, 0xfffffffffffffffe)
keyctl$read(0xb, r4, &(0x7f0000000240)=""/112, 0x349b7f55)

1m21.576284592s ago: executing program 3 (id=1593):
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000004", @ANYRES16=0x0, @ANYBLOB="00082dbd7000fbdbdf2501000000040003"], 0x18}, 0x1, 0x0, 0x0, 0x8004}, 0xa4)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
openat$null(0xffffffffffffff9c, 0x0, 0x400000, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m18.311998353s ago: executing program 3 (id=1602):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f00000003c0)={0x0, 0x9})

1m17.83946493s ago: executing program 33 (id=1602):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f00000003c0)={0x0, 0x9})

56.663616485s ago: executing program 6 (id=1675):
r0 = socket$inet6(0xa, 0x3, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000980)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x40, 0x0}, @in6=@dev={0xfe, 0x80, '\x00', 0x21}, 0x4e1f, 0x0, 0x0, 0x3, 0x2}, {0x0, 0x200000004, 0x40000000007, 0x6811220d, 0x100000000, 0x4, 0x200000003, 0x9}, {0x5, 0x0, 0x7}, 0x1, 0x0, 0x3, 0x0, 0x6}, {{@in=@empty, 0x0, 0x6c}, 0x2, @in6=@empty, 0x3502, 0x1, 0x8, 0x0, 0x9}}, 0xe8)

55.203610871s ago: executing program 6 (id=1681):
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @multicast1}, 0x10)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="7f454c46000060"], 0x40)

55.124725305s ago: executing program 6 (id=1682):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB], 0x18}], 0x1}, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
readv(r4, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x1)
r5 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002)
ioctl$FE_GET_EVENT(r5, 0x80286f4e, &(0x7f00000000c0))

49.497984143s ago: executing program 6 (id=1700):
rename(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000050, &(0x7f0000000180)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@jqfmt_vfsv0}, {@resgid}, {@mblk_io_submit}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@quota}]}, 0x10, 0x4e0, &(0x7f0000000400)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveC9F28lLdrdpLFt8KFWEPtUsNb3GpNNCNlkQ3bTNqFIiu8KIir45JMvgn+AIP0TRCjou1RRRFt98EFd2dnZ2sbdbEq3OyX5fGA6Z+Zs5vs9DTkzZ+awE8Cx9WFEXIuIsYg4HxGT+f40X6636292Pvf0yf3F9pJEq3Xrr0kk+b7usZJ8fSYi9iLiZER8/XrEt5L/j9vY2V1bqNWqW/l2pbm+WWns7F5YXV9Yqa5UN+bmZi/PX5m/ND8zlHZORcTVr/zxh9/72Vev/urzd39/+8/nvt1OayKvf74dA/Voz8EfLWX/F13jEbF1+EO80cbydalP/XfHRpgMAAADta/xPx4Rn8mu/ydjLLs6BQAAAI6S1pcm4l9JRAsAAAA4stJsDmySlvO5ABORpuVyZw7vJ+N0Wqs3mp9brm9vLHXmyk5FKV1erVVn8rnCU1FK2tuz+Rzb7vbFfdtzEfFORPxg8lS2XV6s15aKvvkBAAAAx8SZfeP/f0xm4/8TRecFAAAADNlU0QkAAAAAr53xPwAAABx9xv8AAABwpH3txo320uq+/3rpzs72Wv3OhaVqY628vr1YXqxvbZZX6vWV7Dv71gcdr1avb34hNrbvVZrVRrPS2Nm9vV7f3mjeXn3hFdgAAADACL3zwcPfJRGx98VT2dL2VtFJASORDKjPXhLyON/4wwgSAkZmrOgEgMKMF50AUJhS0QkAhRt0H6Dv5J1fDz8XAADg9Zj+VP/n/+4NwNGWFp0AADBynv/D8VV6cQbgpeIyAYrysQH1r/78v9V6qYQAAIChm8iWJC3nzwInIk3L5Yi3s9cClJLl1Vp1Jh8f/HaydKK9PZv9ZDJwzjAAAAAAAAAAAAAAAAAAAAAAAAAA0NFqJdECAAAAjrSI9E9J9m3+EdOTZyf23x94K/nnZLaOiLs/ufWjewvN5tZse//fnu1v/jjff7GIOxgAAADAft1xenccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADD9PTJ/cXuMsq4f/lyREz1jP/ByWx1MkoRcfrvSYw/93NJRIwNIf7eg4h4t1f8pJ1WTEUni17xTxUYP42IM0OID8fZw3b/c63X318aH2br3n9/4/nyqvr3f2l0+7+xPv3P24eM8d6jX1T6xn8Q8d547/6nGz/pE/+jQ8b/5jd2d/vVtX4aMd3z/JO8EKvSXN+sNHZ2L6yuL6xUV6obc3Ozl+evzF+an6ksr9aq+b89Y3z/07/8z0HtP90n/tSA9p89ZPv//ejek090iqVe8c991Pv8+26f+Gl+7vtsXm7XT3fLe53y897/+W/eP6j9S33a/+z33+NE24557pDtP3/zO48P+VEAYAQaO7trC7VadeuVCsM6zksW0iggqMJrKpx4M9JQ6BQO6jWS0XVQAADA0Pzvor/oTAAAAAAAAAAAAAAAAAAAAOD4GsXXie2PuVdMUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADvTfAAAA///tT9il")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, r0, 0x0, 0xa100000f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00004093'], 0x2a, 0xfffffffffffffffc)
r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='s', 0x1, 0xfffffffffffffffe)
keyctl$read(0xb, r2, &(0x7f0000000240)=""/112, 0x349b7f55)

47.897271167s ago: executing program 6 (id=1706):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = dup(r1)
write$FUSE_INIT(r2, &(0x7f0000000080)={0x4f}, 0xfffffdef)
setsockopt(r2, 0x1, 0x20, &(0x7f0000000040)="da4bfa0a", 0x4)
recvmmsg(r2, &(0x7f0000008500)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000008380)=[{&(0x7f0000001e40)=""/57, 0x39}, {&(0x7f0000001c40)=""/189, 0xbd}, {0x0}, {&(0x7f00000086c0)=""/105, 0x69}, {&(0x7f0000008140)=""/118, 0x76}, {&(0x7f00000081c0)=""/146, 0x92}], 0x6}, 0x7}], 0x2, 0x2, 0x0)

47.103897283s ago: executing program 6 (id=1714):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$key(0xf, 0x3, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/igmp6\x00')
r4 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xf000)
pread64(r3, &(0x7f0000019400)=""/102344, 0xfffffcbb, 0x1c2a)

46.727335085s ago: executing program 34 (id=1714):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$key(0xf, 0x3, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/igmp6\x00')
r4 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xf000)
pread64(r3, &(0x7f0000019400)=""/102344, 0xfffffcbb, 0x1c2a)

27.063102602s ago: executing program 7 (id=1716):
rename(0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000050, &(0x7f0000000180)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@jqfmt_vfsv0}, {@resgid}, {@mblk_io_submit}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@quota}]}, 0x10, 0x4e0, &(0x7f0000000400)="$eJzs3d9rHFsdAPDvTLK3v3JNrvpwveC9F28lLdrdpLFt8KFWEPtUsNb3GpNNCNlkQ3bTNqFIiu8KIir45JMvgn+AIP0TRCjou1RRRFt98EFd2dnZ2sbdbEq3OyX5fGA6Z+Zs5vs9DTkzZ+awE8Cx9WFEXIuIsYg4HxGT+f40X6636292Pvf0yf3F9pJEq3Xrr0kk+b7usZJ8fSYi9iLiZER8/XrEt5L/j9vY2V1bqNWqW/l2pbm+WWns7F5YXV9Yqa5UN+bmZi/PX5m/ND8zlHZORcTVr/zxh9/72Vev/urzd39/+8/nvt1OayKvf74dA/Voz8EfLWX/F13jEbF1+EO80cbydalP/XfHRpgMAAADta/xPx4Rn8mu/ydjLLs6BQAAAI6S1pcm4l9JRAsAAAA4stJsDmySlvO5ABORpuVyZw7vJ+N0Wqs3mp9brm9vLHXmyk5FKV1erVVn8rnCU1FK2tuz+Rzb7vbFfdtzEfFORPxg8lS2XV6s15aKvvkBAAAAx8SZfeP/f0xm4/8TRecFAAAADNlU0QkAAAAAr53xPwAAABx9xv8AAABwpH3txo320uq+/3rpzs72Wv3OhaVqY628vr1YXqxvbZZX6vWV7Dv71gcdr1avb34hNrbvVZrVRrPS2Nm9vV7f3mjeXn3hFdgAAADACL3zwcPfJRGx98VT2dL2VtFJASORDKjPXhLyON/4wwgSAkZmrOgEgMKMF50AUJhS0QkAhRt0H6Dv5J1fDz8XAADg9Zj+VP/n/+4NwNGWFp0AADBynv/D8VV6cQbgpeIyAYrysQH1r/78v9V6qYQAAIChm8iWJC3nzwInIk3L5Yi3s9cClJLl1Vp1Jh8f/HaydKK9PZv9ZDJwzjAAAAAAAAAAAAAAAAAAAAAAAAAA0NFqJdECAAAAjrSI9E9J9m3+EdOTZyf23x94K/nnZLaOiLs/ufWjewvN5tZse//fnu1v/jjff7GIOxgAAADAft1xenccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADD9PTJ/cXuMsq4f/lyREz1jP/ByWx1MkoRcfrvSYw/93NJRIwNIf7eg4h4t1f8pJ1WTEUni17xTxUYP42IM0OID8fZw3b/c63X318aH2br3n9/4/nyqvr3f2l0+7+xPv3P24eM8d6jX1T6xn8Q8d547/6nGz/pE/+jQ8b/5jd2d/vVtX4aMd3z/JO8EKvSXN+sNHZ2L6yuL6xUV6obc3Ozl+evzF+an6ksr9aq+b89Y3z/07/8z0HtP90n/tSA9p89ZPv//ejek090iqVe8c991Pv8+26f+Gl+7vtsXm7XT3fLe53y897/+W/eP6j9S33a/+z33+NE24557pDtP3/zO48P+VEAYAQaO7trC7VadeuVCsM6zksW0iggqMJrKpx4M9JQ6BQO6jWS0XVQAADA0Pzvor/oTAAAAAAAAAAAAAAAAAAAAOD4GsXXie2PuVdMUwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADvTfAAAA///tT9il")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, r0, 0x0, 0xa100000f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00004093'], 0x2a, 0xfffffffffffffffc)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='s', 0x1, 0xfffffffffffffffe)
keyctl$read(0xb, r4, &(0x7f0000000240)=""/112, 0x349b7f55)

26.543995822s ago: executing program 7 (id=1786):
unshare(0x2040400)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x0, &(0x7f0000000200), 0x1, 0x4bf, &(0x7f0000002f40)="$eJzs3c1rXOUaAPDnTD7apLm3H/dyaXvBFirUD5rJB9JE3bhSFwWx4EahxmQaayaZkJnUJnSR6q4LF6IoiAv3/gVu7MoiiHv34kIqWiOoIIzMmcl3Jg42zdic3w9Oc95zzszzvh2el/e8c86cADLrdO2fJKIvIr6OiMP14sYDTtf/LN+9Pl5bkqhWL/6YpMfVyiuHrrzuUEQsRcTBiHjx2YjXkq1xywuLU2PFYmGuUc5Xpmfz5YXFc1emxyYLk4WZwZHzo6MjA8NDo7vW1pvvvHHzwmfPd3/669t3br/7xee1avU19q1vx26qN70rjq7b1hkRT9+PYG3Q0WhPT7srwt9S+/z+ExFn0vw/HB3ppwlkQbVarf5RPdBs91IV2Ldy6Rg4yfVHRH09l+vvr4/h/xu9uWKpXHn8cml+ZqI+Vj4SXbnLV4qFgca5wpHoSmrlwXR9rTy0qTwckY6B3+voScv946XixN52dcAmhzbl/y8d9fwHMsIpP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJL1y4UFuqK/e/T1xdmJ8qXT03UShP9U/Pj/ePl+Zm+ydLpcn0np3pv3q/Yqk0O/hEzF/LVwrlSr68sHhpujQ/U7mU3td/qdC1J60CWnH01K1vkohYerInXWq6G/vkKuxv1WoS7b4HGWiPjnZ3QEDbmPqD7HKOD2z+id7N44KDzV44uzZfCDxYcu2uANA2Z0/4/g+yyvw/ZNe9zf8v7Vo9gL1njA9s84i+DXaa/wceTOb/Ibv6mjz/61/rnt01EBH/Xh0B1J/1BewHue+Txvj/7OGH+zbv7U5+S78i6I6INz+6+MG1sUplbrC2/afV7ZUPG9uH1r2w6QkD0C4rebqSxwBAdi3fvT6+suxl3B+eqV+EsDV+Z2Nu8mD6HWXvcrLhWoVkl+5dXLoREce3i580nndeP5HpXe7YEv9Y429Sf4u0vp3pc9P3Jv6JdfEfWhf/5D3/r0A23Kr1PwPb5V8uzelYzb+N/U/fLl070bz/y632fx1N+r9TLcZ4/eO3vmsa/0bEybX4nesjdDbiJ9vEr9XtbIvx77zy0v+a7at+Un+f7fq/tZpE5CvTs/nywuK59HfkJgszgyPnR0dHBoaHRvPpHHV+ZaZ6q6eOf3V7p/b3Nom/U/tr2x5tsf2////Ll0/vEP+RM9t//sd2iN8TEY+1GP/noW9fbbavFn+iSftzO8SvbRtuMX75/ecOtHgoALAHyguLU2PFYmHOihUrbVm58c+oxqaVdvdMwP1WXjiQXtM3V253TQAAAAAAAAAAAIBW7cXlxO1uIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAfvBnAAAA//94ENCA")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
fallocate(r0, 0x8, 0x4000, 0x4000)

25.231542539s ago: executing program 7 (id=1791):
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x1a08050, &(0x7f0000000880)=ANY=[], 0x2, 0x5be, &(0x7f0000002340)="$eJzs3V1vG1kZwPFnEqcxAVUIUFVFbfdsClIqZd3xZOMq2qthfOzMrj1jzYxXyVUVEaeK6hTUFInkhvSmagV8BaR+CG75MlxXXIMERvMWnPgtrdOYlv8v2p0T+/E5z3GteXqmMx4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiOFXTLBvScL32thrNqQZ+c8zzeX8Pzm3GjCtixP9JsSi304du/+y/T9+K/7cid9Lf7kgx3hTl5Ie3fvzNTwtz+evHJHQtjo5Pnu52u53nl4wvzDzjq1XXnhv6btOua+WGvtqsVMyHW7VQ1dyGDnfCSDeVE2g78gO16jxQ5c3NdaVLO37bq1fths4ffPSVZZoV9W2ppe0g9L2H35ZCZ8ttNFyvnsTET8cxj+IP4ndupCJtN5XaP+h21iclGQeVs/bFP4DT/iBrUk+WaVnlgohUNm5kH1TLKpctq1zZ2Nx4ZJoF8wJZvBjR96Gt/yPt4z3fdHzarmrXDUxtLqv/0hBXPGnLtqihP45UJRBfmiOez+T1/xcP9dhx++t/XuVv+z/In16WpP7fS3+7N6r+i5LFEflcz8+RHMuJPJVd6UpXOvJ8uv7m8vnPck4qfnNPLxdZFy2euBKKL640xU4eUeJKUXxRsikVqYgpj2VLahKKkpq40hAtoexIKJHo5BPlSCBabInEl0CUrIojD0RJUm1lXZRoKcmO+NIWT+pSFTvpZV8Okvd9fUyOZ0HlywRZY4KS+t9fzAceGKj/AxGz/0srZutqd+DAFHp5/QcAAAAAAJ8tIzn6Hq//F+Ru0qq5DW3OOi0AAAAAAHCFXteS8+uNeP0vInfFGLn+P80OFAAAAAAAgE+MkVxjFy/rl+SLtJVfCXV2EGButikCAAAAAIApJf+gfy/eLMWtL8QYXP8PSr79rHhtSQIAAAAAgKlEr7PGyO/YD1uLxl//LkGwYLxsbf/cOLTjOPtwPn3d/ECPtWXpLabtpK9KIevS0XeM7Nsvz74E8126KUivNz4PY2wChfMJGDezV59PQP4oX8YRf5Mv99LYvfyZdJSlmtvQJcdvfFMW2745F+nt6LfPDn4nyfTfeM04yYNup/SrX3f3klxexr28PMyuixi4PGJMLi/y4yd3h894IbkQIxt3yZD9g27H7J9/dlrGwNkZY8Z8JStpzMpSul06P/9iPGa5NGr2aRYLMuXMX8n9NOb+6v10MyQLa0IWHas/iw96Ly6RxfqkLNanzAIAZmU/+dafoVUo36VfrLsfsJfbn3Qnn/HV/ZKjvJLVNGZ1OdmxFpaH7NHNSXt0s7WdV+a0ut0YW93kVGT4Hv3sHkijamw87p/Oxi0ns3/7exF5m1fVgemHDcuI38L5F4e/kVtHxydfHRzuPuk86TyzrPWK+bVpbliykEwj21B7AABDTL7HzsQI4+t0VS3JqvpfvVRfxftJdkpBflSgK3uyllxtkJxxUJTFc73+4c/xSrzvNIS1i6vWgvRX1F5eLP/Z6/XWJqzq0n5zl4lNby8DAMDnZKW/Do+t/1nckPq/lh8KGLHuPl/LL94heFRseUTGb7gcEQCAKeng3b+zFXvrcXlzs2xHW1oFvvOdCtxqXSvXi3TgbNleXatW4Ee+48/Hje/dqg5V2G61/CBSNT9QLT90t5M7v6vs1u+hbtpe5Dphq6HtUCvH9yLbiVTVDR3Vav+y4YZbOkheHLa049Zcx45c31Oh3w4cXVIq1Lov0K1qL3Jrbtz0VCtwm3awo773G+2mVlUdOoHbivy0w3ws16v5QTPu9sas32sAAP5XHB2fPN3tdjvPP2Jj1nMEAADnvU+V5owxAAAAAAAAAAAAAAAAAAAAAABmY/R1e/NyDZcGZo2//EjkusYa3VgQkdmNTuP/snHzijssyhV1OGnPcXo9OygAH81/AgAA///lXV5a")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x100)
clock_gettime(0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x101001, 0x0)
ioctl$FIONREAD(r2, 0x541b, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r5, 0x0, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)

24.951277445s ago: executing program 35 (id=1791):
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x1a08050, &(0x7f0000000880)=ANY=[], 0x2, 0x5be, &(0x7f0000002340)="$eJzs3V1vG1kZwPFnEqcxAVUIUFVFbfdsClIqZd3xZOMq2qthfOzMrj1jzYxXyVUVEaeK6hTUFInkhvSmagV8BaR+CG75MlxXXIMERvMWnPgtrdOYlv8v2p0T+/E5z3GteXqmMx4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiOFXTLBvScL32thrNqQZ+c8zzeX8Pzm3GjCtixP9JsSi304du/+y/T9+K/7cid9Lf7kgx3hTl5Ie3fvzNTwtz+evHJHQtjo5Pnu52u53nl4wvzDzjq1XXnhv6btOua+WGvtqsVMyHW7VQ1dyGDnfCSDeVE2g78gO16jxQ5c3NdaVLO37bq1fths4ffPSVZZoV9W2ppe0g9L2H35ZCZ8ttNFyvnsTET8cxj+IP4ndupCJtN5XaP+h21iclGQeVs/bFP4DT/iBrUk+WaVnlgohUNm5kH1TLKpctq1zZ2Nx4ZJoF8wJZvBjR96Gt/yPt4z3fdHzarmrXDUxtLqv/0hBXPGnLtqihP45UJRBfmiOez+T1/xcP9dhx++t/XuVv+z/In16WpP7fS3+7N6r+i5LFEflcz8+RHMuJPJVd6UpXOvJ8uv7m8vnPck4qfnNPLxdZFy2euBKKL640xU4eUeJKUXxRsikVqYgpj2VLahKKkpq40hAtoexIKJHo5BPlSCBabInEl0CUrIojD0RJUm1lXZRoKcmO+NIWT+pSFTvpZV8Okvd9fUyOZ0HlywRZY4KS+t9fzAceGKj/AxGz/0srZutqd+DAFHp5/QcAAAAAAJ8tIzn6Hq//F+Ru0qq5DW3OOi0AAAAAAHCFXteS8+uNeP0vInfFGLn+P80OFAAAAAAAgE+MkVxjFy/rl+SLtJVfCXV2EGButikCAAAAAIApJf+gfy/eLMWtL8QYXP8PSr79rHhtSQIAAAAAgKlEr7PGyO/YD1uLxl//LkGwYLxsbf/cOLTjOPtwPn3d/ECPtWXpLabtpK9KIevS0XeM7Nsvz74E8126KUivNz4PY2wChfMJGDezV59PQP4oX8YRf5Mv99LYvfyZdJSlmtvQJcdvfFMW2745F+nt6LfPDn4nyfTfeM04yYNup/SrX3f3klxexr28PMyuixi4PGJMLi/y4yd3h894IbkQIxt3yZD9g27H7J9/dlrGwNkZY8Z8JStpzMpSul06P/9iPGa5NGr2aRYLMuXMX8n9NOb+6v10MyQLa0IWHas/iw96Ly6RxfqkLNanzAIAZmU/+dafoVUo36VfrLsfsJfbn3Qnn/HV/ZKjvJLVNGZ1OdmxFpaH7NHNSXt0s7WdV+a0ut0YW93kVGT4Hv3sHkijamw87p/Oxi0ns3/7exF5m1fVgemHDcuI38L5F4e/kVtHxydfHRzuPuk86TyzrPWK+bVpbliykEwj21B7AABDTL7HzsQI4+t0VS3JqvpfvVRfxftJdkpBflSgK3uyllxtkJxxUJTFc73+4c/xSrzvNIS1i6vWgvRX1F5eLP/Z6/XWJqzq0n5zl4lNby8DAMDnZKW/Do+t/1nckPq/lh8KGLHuPl/LL94heFRseUTGb7gcEQCAKeng3b+zFXvrcXlzs2xHW1oFvvOdCtxqXSvXi3TgbNleXatW4Ee+48/Hje/dqg5V2G61/CBSNT9QLT90t5M7v6vs1u+hbtpe5Dphq6HtUCvH9yLbiVTVDR3Vav+y4YZbOkheHLa049Zcx45c31Oh3w4cXVIq1Lov0K1qL3Jrbtz0VCtwm3awo773G+2mVlUdOoHbivy0w3ws16v5QTPu9sas32sAAP5XHB2fPN3tdjvPP2Jj1nMEAADnvU+V5owxAAAAAAAAAAAAAAAAAAAAAABmY/R1e/NyDZcGZo2//EjkusYa3VgQkdmNTuP/snHzijssyhV1OGnPcXo9OygAH81/AgAA///lXV5a")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x100)
clock_gettime(0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x101001, 0x0)
ioctl$FIONREAD(r2, 0x541b, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r5, 0x0, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)

9.016053494s ago: executing program 8 (id=1885):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x8f, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109027d0002010080000904000001020d0000052406000105240000000d240f0103050000fd0000000406241aff072908241c0101090000142413099f33760bf14377323063f9c8a04d113905241510000905810300020800040904010000020d00000904010102020d0000090582020002e1ad00090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000100)={0x44, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x80, 0x1c, {0x5, 0xc, 0x20041004, 0x20, 0x9, 0x4, 0x6, 0x800ec, 0x3, 0x1, 0x3, 0x6}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x400c010, &(0x7f0000000080)={0x11, 0x3, 0x0, 0x1, 0xe5, 0x6, @random="76caa646ae4c"}, 0x14)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000900)={0x14, 0x0, &(0x7f00000008c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)

5.563355636s ago: executing program 4 (id=1897):
syz_usb_connect$uac1(0x69a90eab3db9c902, 0xa5, &(0x7f0000000240)=ANY=[@ANYBLOB="12010002000000406b1d01014000010203010902932003010480090904000000010100000a2401f7ff07020102092403030003010303052405060209040100000102000009040101010102000008240201820409100c2402010401090383b266a2090501090004ffc803072501000405000904020000010200000904020101010200000b240202040008004b0208072401fd7f0500090582"], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0})

5.48350359s ago: executing program 8 (id=1898):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x8480, &(0x7f0000000880)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d60edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b49057d94f10f7b5e35ead0a38", @ANYRES8=0x0, @ANYRES8], 0x1, 0x228, &(0x7f00000002c0)="$eJzs2k9rHHUYB/BnYkvblHQj/qMF8Yce1MuQ5OyhQVIQFxTtClWQTs2sLjvuhp0lsCI2J736EjyLR2+C9OglF1+BB2+55NiDONLdqIlu8SAmrP18LvvAs1/mN8zw8Bzm4JUvP+5367xbjGMpy2LpeuzF/SxWYyl+txcvv3jrh2ffvvXu65vt9tZbKd3YvLm+kVK68tz37336zfP3xpff+fbKdxdif/X9g8ONn/ef3r968OvNj3p16tVpMBynIt0ZDsfFnapM2726n6f0ZlUWdZl6g7ocneh3q+HOziQVg+2V5Z1RWdepGExSv5yk8TCNR5NUfFj0BinP87SyHPwbna/vN00cNudvR9M0l76Ky/di5adoRfZ4yp64nj11O3tmL7t62DStsz4q/wnP/9F2bKhfjKi+2O3sdma/s/5mN3pRRRlr0Ypf4sFrcmRaX4qIrbU0tRqfV3eP8nd3O4+dzK9HK1b/lm9uvNbeWp/l08n8hViOOB9xlN+IVjw5P78xN38xXnrh2PXzaMWPH8QwqtiOB9k/85+tp/TqG+2/5K9N/wcA8H+Tpz/M3d/y/GH9Wf4f9sPpfrU2dz87F9fOne29E1FPPukXVVWOFqmIWFvcwysUi1Cc9WTiNBwfqgAAAAAAAAAAACyO0/lcFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OF+CwAA//8IDdAR")
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0x1001404, &(0x7f00000000c0)={[{@cruft}, {@utf8}, {@nojoliet}, {@showassoc}, {@utf8}, {@map_normal}]}, 0x1, 0x55a, &(0x7f0000000b00)="$eJzs3VFP21YbwPHHFN7StEKv3vdVVSHantJ3Ekg0dUKbKurNPOcknDaxI9up4KpCBSrU0E6lkwY3U2+6Tdou9wF6uw+xj7DLad9gV9UudrlpTLYTCDQhFApB6P+LWh/sxz7PiSI/OhDbAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxHJLtp2zpGq8xrzqzS0Ffm2f7e3jTf81liy6dvbr+k6/Ilb8T0ZH5Uq66sr/diIvx/9NykT604SMxotR2bx4+d/3/zs81N5/n4ROxPrG5rPFZnP55aATGZCK9kzom5pT0cqEvioWCvbtuXKoyqaqw4WvftY15QbaifxATbnTKlcsziqdXfAbXqXkVHV75b1bedsuqAfZunaC0PduP8iG7pypVo1XSWLizXHMvfiD+NBEKtJOTamV1ebybL8k46DcQYLy/YLydj6fy+XzucLd4t17tj383gp7D3kvYvAfWgzW8ZzIgUMYatV/qYoRTxoyL6rry5WSBOJLrcf2llbhn/7ktt633876367yV3Y2j0tS/6+lP13rVf975HJyr3XZkE15JovSlKYsy8uBZ3Syr4po8cRIKL4YqYmTrFGtNUqKUpCC2PJY5qQsoSgpi5F/iZZQFiSUSHTyiXIlEC2OROJLIEqmxJVpUZKTohRlVpRoycqC+NIQTypSEkeqomVFVpP3fXafHLeDcgcJyu8TlP+D+o89hlunrAPv8HFP4MARbLXrPwAAAAAAOLOs5Lfv8fx/RK4mrbKpanvQaQEAAAAAgI8o+cv/RLwYiVtXxWL+DwAAAADAWWMl19hZIpKR62mrfSUUvwQAAAAAAOCMSP7+fy1eZOLWdbGY/wMAAAAAcNZ80/ce+2H9vPXT7xIEI9br+vz/rTUnjnPWzqX7ndt7xKg8fvHPrcRwcqzCcOuQrp6wLqVB2zfBfNdarPTLw/qQBKyx1t67E5Dv5EYac2MpXS61t6S9ZMqmqrOuX72fE8cZG4r0fPTF89UvJRn+t15tzJKV1eZy9smL5lKSy+v4KK/XWjdQfO8+ivvk8iq530JyzUXXEY8kF2K0+s2k/dqd4x9Kdx/6gD7fyGQaM5lJl5nd4x+N+8xle42+lUXuiCN/IzfTmJtTN9NFlyzy/bLId2ZxqPfiAFnM9sti9ohZAMCgrPSuQn+nRXxrb909xFnuZKr7G5lKY6bGkxPr8HiXM7rd74xuH7G6/bj9DIR2cK8aG/f7/Z6q+jbe4W3PfsNq3orfwnOv1j6Xy+sbm7dW1xafLj9dfp7PzxbsO7Z9Ny8jyTBaC2oPAKCLbs/YadfcdP7f9yk81p0+s+r/bH+lICtP5IU0ZUlmkqsNkm8cdD1qJtnnQvI1hJk+s9ZMxxNeZvrM6jIdD3rpiP3tl7S1K9bqeLwMAABnyWSfOnyQ+j/Ta979Q7K2o+bGtXz/2XFnLQcAAMdDB++sTPS1FQSm/jhXLOacaE6rwHcfqsCUKloZL9KBO+d4Fa3qgR/5rl+NG49MSYcqbNTrfhCpsh+ouh+a+eTJ7ypcCCNdU6GuOV5k3LBe1U6olet7keNGqmRCV9Ubn1VNOKeDZOewrl1TNq4TGd9Tod8IXJ1VKtS6I9CUtBeZsombnqoHpuYEC+qRX23UtCrp0A1MPfLTA7b7Ml7ZD2rJYbODfrMBADgl1jc2ny02m8sv+zU+PUBMj8agxwgAAHajSgMAAAAAAAAAAAAAAAAAAAAAcPod8pK+s9e49LEOuLVrjSUiOzEX5BSM9BCN8+2PyynJh8bxNwZ7XgJw/P4JAAD//1zPX+o=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x84c18000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r3 = socket(0x1, 0x5, 0x0)
close(r3)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000500)={0xe000200c})

4.492568448s ago: executing program 5 (id=1904):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x303, 0x100, 0x0, 0x0, 0x0})

4.231471743s ago: executing program 5 (id=1906):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0xfc, 0x0, 0x7fff0000}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
epoll_create1(0x80000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x5, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000079db8540da0b77010b7d000000010902120001000000000904", @ANYRES32, @ANYRES8=r1], 0x0)

4.154823338s ago: executing program 8 (id=1907):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket(0x10, 0x2, 0x0)
write(r3, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fda35065733173ae72a0d270d958f739b6d44c893b03599f77a332b446ea93568ae2ff534952656c6a18b6c0fdcec321127ee28705f2496eb43654255c5cc688f71db82bab173f4e19361ac01c1b0a2d2229993c8308ab7721e4c33c5fc214cd64a17d", 0x7f)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

3.391617772s ago: executing program 2 (id=1913):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x1100, 0x40})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@handle={0x73682a85, 0x0, 0x2}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

3.139695987s ago: executing program 8 (id=1916):
r0 = syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f0000000240)=ANY=[], 0xfd, 0x150c, &(0x7f0000002d40)="$eJzs3Am4jlX3MPC19t43x8nwJJnvtdfNkwybJAklyZAkSUjmhCRJkiRxyJSEJGQ8ScYTkimddMzzkDnp5JUkSUhIsr/rNHz+vcPX+75//8/7fWf9ruu+7OW+177XPut6zj1c13m+6T6iZpNa1RoyM/w79O8D/PWfJABIAIDBAJALAAIAKJ+7fO6M/dk0Jv1bJxH/QxrNutIViCtJ+p+5Sf8zN+l/5ib9z9yk/5mb9D9zk/5nbtJ/ITK1lAJXy5Z5N3n///849d9Jlut/poD/aIf0//83+l86WvqfuUn/Mzfpf+Ym/c/MgitdgLjC5POfuUn/hcjULvs75Q3nrvQ7bdn+hU0IIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhPi/4Jy/xADA7+MrXZcQQgghhBBCCCEuH//ula5ACCGEEEIIIYQQ//MQFGgwEEAWyAoJkA0S4SrIDjkgJ+SCGFwNueEayAPXQl7IB/mhABSEQlAYQiCwwBBBESgKcbgOisH1UBxKQEkoBQ5KQxm4AcrCjVAOboLycDNUgFugIlT65ZwZboeqcAdUgzuhOtSAmlAL7oLacDfUgXugLtwL9eA+qA/3QwN4ABpCI2gMD0ITeAiaQjNoDi2gJbSC1n+Sn5zr7+U/D73gBegNfSAJ+kI/eBH6wwAYCINgMLwEQ+BlGAqvwDAYDiPgVRgJr8EoeB1GwxgYC2/AOBgPE2AiTILJkAxvwhR4C6bC2w/lgOkwA2bCLJgNKfAOzIG5MA/ehfnwHiyA5GyLYDEsgfdhKXwAqfAhLIOPIA2WwwpYCatgNayBtbAO1sMG2AibYDNsga2wDT6G7bADdsIu2A17YC98AvvgU9gPn0E6fv4v5p/9Yz70QEBAhQoNGsyCWTABEzAREzE7ZsecmBNjGMPcmBvzYB7Mi3kxP+bHJCyIhbEwEhIyMhbBIhjHOBbDYlgci2NJLIkOHZbBMlgWb8RyWA7LY3msgBWwIlbCSngr3opVsApWxapYDathdayONbEm3oV34d1YB+tgXayL9bAe1sf62AAbYENsiI2xMTbBJtgUm2JzbI4tsSW2xtbYBttgW2yL7bE9dsAO2BE7YifshJ2xM3bBLtgVu2I37IbdsTv2wOfwOXwen8cX8AXsg9VVX+yH/bA/9seBOAgH4Us4BF/Gl/EVHIbDcQS+iq/iazgKz+BoHINjcSxWUeNxAk5EVpMxGZMxK0zBqTgVp+F0nI4zcRbOxhRMwTk4F+fiuzgf38P3cCEuxMW4BJfgUvwAUzEVl+FZTMPluAJX4ipcjatwLa7DtbgBN+IG3IybcStuxY/xY9yBO3AX7sI9uAc/wU/wU/wUh2E6puMBPIAH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8iafwJJ7G03gGz+I5ADiP5/ECXsCLeDHjw68yGGVUFpVFJagElagSVXaVXeVUOVVMxVRulVvlUXlUXpVX5Vf5VUFVUBVWhRUpUqwiVUQVUXEVV8VUMVVcFVclVUnllFNlVBlVVpVV5VQ5VV7drCqoW1RFVUm1c7eqW1UV1d5VVXeoaqqaqq5qqJqqlqqlaqvaqo6qo+qquqqeqqfqq/tVA9UXB2IjldGZJmo4NlUjsLlqoVqqVuo1fFi1UaOwrWqn2qtH1RgcjR1VG9dJPaE6qwnYRT2lJuLTqpuajN3Vs6qHek71VM+rXqqt6636qGlZ+6p+aib2VwPUQDVIzcEaKqNjNdUr6vmsw9UI9apajK+pUep1NVqNUWPVG2qcGq8mqIlqkpqsktWbaop6S01Vb6tparqaoWaqWWq2SlHvqDlqrpqn3lXz1XtqgVqoFqnFaol6Xy1VH6hU9aFapj5SaWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qm3qY7Vd7VA71S61W+1Re9Unap/6VO1Xn6l09bk6oP6iDqov1CH1pTqsvlJH1NfqqPpGHVPfquPqO3VCnVSn1PfqtPpBnVFn1Tn1ozqvflIX1M/qovIKNGqltTY60Fl0Vp2gs+lEfZXOrnPonDqXjumrdW59jc6jr9V5dT6d3xTQBXUhXViHmrTVrCNdRBfVcX2dLqav18V1CV1Sl9JOl9Zl9A26rL5Rl9M36fL6Zl1B36Ir6kq6sgd9m66ib9dV9R26mr5TV9c1dE1dS9+la+u7dR19j66r79X19H26vr5fN9AP6Ia6kW6sH9RN9EO6qW6mm+sWuqVupVvrh3Ub/Yhuq9vp9vpR3UE/pjvqx3Un/YTurJ/UXfRTuqt+WnfTz+ju+lndQz+ne+qf9UXtdW/dRyfpvrqfflH31wP0QD1ID9Yv6SH6ZT1Uv6KH6eF6hH5Vj9Sv6VH6dT1aj9Fj9Rt6nB6vJ+iJepKerJP1m3qKfktP1W/raXq6nqFn6ll6th7420zz/on8t/5O/tBfzr5Vb9Mf6+16h96pd+ndeo/eq/fqfXqf3q/363Sdrg/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6JP6R/29Pq1/0Gf0WX1W/6jP6/P6wm8/AzBolNHGmMBkMVlNgslmEs1VJrvJYXKaXCZmrja5zTUmj7nW5DX5TH5TwBQ0hUxhExoy1rCJTBFT1MTNdaaYud4UNyVMSVPKOFPalDE3/Lfz/6y+1qa1aWPamLamrWlv2psOpoPpaDqaTqaT6Ww6my6mi+lquppuppvpbrqbHqaH6Wl6ml6ml+ltepskk2T6mRdNfzPADDSDzGDzkhlihpihZqgZZoaZEWaEGWlGmlFmlBltRpuxZqwZZ8aZCWaCmWQmmWSfy0wxU8xUM9VMM9PMjMG5zCwzy6SYFDPHzDHzzDwz38w3C8wCs8gsMkvMErPULDWpJtUsM8tMmllulpuVZqVZbVabtWatWW/Wm41mo9lsNps0s81sM9vNdrPT7DS7zW6z1+w1+8w+s9/sN+km3RwwB8xBc9AcMofMYXPYHDFHzFFz1Bwzx8xxc9ycMCfMKXPKnDanzRlzxpwz58x5c95cMBfMRXMx47YvUIEKTGCCLEGWICFICBKDxCB7kD3IGeQMYkEsyB3kDvIE1wZ5g3xB/qBAUDAoFBQOwoACG3AQBUWCokE8uC4oFlwfFA9KBCWDUoELSgdlghuCssGNQbngpqB8cHNQIbglqBhUCioHtwa3BVWC24OqwR1BteDOoHpQI6gZ1AruCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg0ChoHDwZNgoeCpkGzoHnQImgZtApaX9b5vT+T7xHXO+wTJoV9w37hi2H/cEA4MBwUDg5fCoeEL4dDw1fCYeHwcET4ajgyfC0cFb4ejg7HhGPDN8Jx4fhwQjgxnBRODpPDN8Mp4Vvh1PDtcFo4PZwRzAxnhbPDlPCdcE44N5wXvhvOD98LF4QLw0Xh4hB/vSWG1PDDcFn4UZgWLg9XhCvDVeHqcE24NlwXrg83hBvDTeHm8kN+PTTcHu4Id4a7wt3hnnBv+Em4L/w03B9+FqaHn4cHwr+EB8MvwkPhl+Hh8KvwSPh1eDT8JjwWfhseD78LT4Qnw1Ph9+Hp8IfwTHg2PBf+GJ4PfwovhD+HF0OfcXOfcXknQ4ayUBZKoARKpETKTtkpJ+WkGMUoN+WmPJSH8lJeyk/5qSAVpMJUmDIwMRWhIhSnOBWjYlScilNJKkmOHJWhMlSWylI5KkflqTxVoApUkSpSZapMt9FtdDvdTnfQHXQn3Uk1qAbVolpUm2pTHapDdaku1aN6VJ/qUwNqQA2pITWmxtSEmlBTakrNqTm1pJbUmlpTG2pDbakttaf21IE6UEfqSJ2oE3WmztSFulBX6krdqBt1p+7Ug3pQT+pJvagX9abelERJ1I/6UX/qTwNpIA2mwTSEhtBQGkrDaBiNoBE0kkbSKBpFo2kMjaU3aByNpwk0kSbRZEqmZJpCU2gqTaVpNI1m0AyaRbMohVJoDs2heTSP5tN8WkALaBEtoiW0hJbSUkqlVFpGyyiN0mgFraBVtIrW0BpaR+toA22gTbSJttAW2kbbaDttp520k3bTbtpLe2kf7aP9tJ/SKZ0O0AFEOkiH6BAdpsN0hI7QUTpKx+gYHafjdIJO0Ck6RafpNJ2hM3SOztF5+oku0M90kTwl2Gw20V5ls9scNqfNZf86zm8L2IK2kC1sQ5vX5vtDTNba4raELWlLWWdL2zL2hr+JK9pKtrK91d5mq9jbbVVb0WaD/xrXtnfbOvYeW9fea2vZu/4Q17P32fr2IdvANrMNbQvb2LayTexDtqltZpvbFralbWU72MdsR/u47WSfsJ3tk38TL7Uf2HV2vd1gN9p99lN7zv5oj9pv7Hn7k+1t+9jB9iU7xL5sh9pX7DA7/I8xgB1r37Dj7Hg7wU60k+zkv4ln2Jl2lp1tU+w7do6d+zfxEvu+nW9T7QK70C6yi3+JM2pKtR/aZfYjm2aX2xV2pV1lV9s1du3/rnWl3Wy32K12r/3Ebrc77E67y+62e36JM9ax335m0+3n9oj92h60X9hD9pg9bL/6Jc5Y3zH7rT1uv7Mn7El7yn5vT9sf7Bl79pf1Z6z9e/uzvWi9BUZWrNlwwFk4KydwNk7kqzg75+CcnItjfDXn5ms4D1/LeTkf5+cCXJALcWEOmdgyc8RFuCjH+TouxtdzcS7BJbkUOy7NZfgGLss3cjm+icvzzVyBb+GKXIkr8618G1fh27kq38HV+E6uzjW4Jtfiu7g23811+B6uy/dyPb6P6/P93IAf4IbciBvzg9yEH+Km3Iybcwtuya24NT/MbfgRbsvtuD0/yh34Me7Ij3MnfoI785PchZ/irvw0d+NnuDs/yz34Oe7Jz3MvfoF7cx9O4r7cj1/k/jyAB/IgHswv8RB+mYfyKzyMh/MIfpVH8ms8il/n0TyGx/IbPI7H8wSeyJN4Mifzm+2m8Fs8ld/maTydZ/BMnsWzOYXf4Tk8l+fxuzyf3+MFvJAX8WJewu/z0oueU/lDXsYfcRov5xW8klfxal7Da3kdr+cNvJE38Wbewlt5G3/M23kH7+RdvJv38F7+hPfxp7yfP+N0/pwP8F/4IH/Bh/hLPsxf8RH+mo/yN3yMv+Xj/B2f4JN8ir/n0/wDn+GzfI5/5PP8E1/gn/kie4YIIxXpyERBlCXKGiVE2aLE6Kooe5QjyhnlimLR1VHu6JooT3RtlDfKF+WPCkQFo0JR4SiMKLIRR1FUJCoaxaPromLR9VHxqERUMioVuah0VCa6ISob3RiVi26Kykc3RxWiW6KKUaWocnRrdFtUJbo9qhrdEVWL7oyqRzWimlGt6K6odnR3VCe6J6ob3RuVi+6L6kf3Rw2iB6KGUaOocfRg1CR6KGoaNYuaRy2illGrqHX0cNQmeiRqG7WL2kePRh2ix6KO0eNRp+iJqHP05KX9JYJfr6Z/tT8p6hvp396Q3aMXxRfHl8Tfjy+NfxBPjX8YXxb/KJ4WXx5fEV8ZXxVfHV8TXxtfF18f3xDfGN8U3xzfEt8a975WVnCY8SAMxgUui8vqElw2l+iuctldDpfT5XIxd7XL7a5xedy1Lq/L5/K7Aq6gK+QKu9CRs45d5Iq4oi7urnPF3PWuuCvhSrpSzrnSroxr5Vq71q6Ne8S1de1ce/eoe9Q95h5zjyf8Vrjr4p5yXd3Trpt7xj3jnnU93HOup3ve9XIvuN6uj0tySa6f6+f6u/5uoBvoBrvBbogb4oa6oW6YG+ZGuBFupBvpRrlRbrQb7ca6sW6cG+cmuAlukpvkkl2ym+KmuKluqpvmprkZboab5Wa5FJfi5rg5bp6b5+a7+W6BW+AWuUVuiVvilrqlLtWlumVumUtzaW6FW+FWuVVujVvj1rl1boPb4Da5TW6L2+K2uW1uu9vudrqdbrfb7fa6vW6f2+f2u/0u3aW7A+6AO+gOukPuS3fYfeWOuK/dUfeNO+a+dcfdd+6EO+lOOa9Pux/cGXfWnXM/uvPuJ3fB/ewuOu+SY2/GpsTeik2NvR2bFpsemxGbGZsVmx1Lib0TmxObG5sXezc2PxfEFsQWxhYFEFsSez+2NPZBLDX2YWxZ7KNYWmx5bEVsZWxVbHXM+0LbI1/EF/Vxf50v5q/3xX0JX9KX8s6X9mX8Db6sv9GX8zf58v5mX8Hf4iv6Sr6yb+ab+xa+pW/lW/uHfRv/iG/r2/n2/lHfwT/mO/rHfSf/hO/sn/Rd/FO+q3/ad/PP+O7+2fd+67Lv5V/wvX0fn+T7+n7+Rd/fD/AD/SA/2L/kh/iX/VD/ih/mh/sR/lU/0r/mR/nX/Wg/xo/1b/hxfryf4Cf6SX6yT/Zv+in+LT/Vv+2n+el+hp/pZ/nZPsW/4+f4uX6ef9fP9+/5BX6hX+QX+yX+fb/Uf+BT/Yd+mf/Ip/nlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/12v8Pv9Lv8br/H7/Wf+H3+U7/ff+bT/ef+gP+LP+i/8If8l/6w/8of8V/7o/4bf8x/64/77/wJf9Kf8t/70/4Hf8af9ef8j/68/8lf8D/7i/I3a0IIIYQQ/xT9J/v7/p3/U79tGfoBQI4dBQ7/9Zyb8v46HqD2dY4BwBN9ujf6fWvUKCkp6bdj09pAUHQhAMQu5f/y/QO/xcuhPTwGnaAdlP279Q1QlX+57/uH82sI4jcDJAJk+z0n4/EoEf56/hv/wfzN3uc/m38hQPGil3IyTvR7fGn+cv9g/j0d/mT+bF8kA7T9LznZ4VJ8af4y8Ag8CZ3+cKQQQgghhBBCCPGrAep8jz97vs14Pi9oLuVkhUvxnz2f/4mql2MNQgghhBBCCCGE+D97+rmejz/cqVO7rpdl0BYALuuEl2eQ9T+jjP+AAQLAf0AZMvjPH1zp30xCCCGEEEKIy+3STf+VrkQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhMi8/v1vCFP/9MFXeo1CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHElfa/AgAA///mhlPZ")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000025c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x60)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x7, 0x0, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000080), 0x4)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
syz_emit_ethernet(0xfdef, 0x0, 0x0)
ioprio_get$pid(0x1, r2)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='./file0/file0\x00')

3.138781037s ago: executing program 2 (id=1918):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f0000003f80), 0x1, 0x44f, &(0x7f00000002c0)="$eJzs289vFFUcAPDvzG6L/LIrwR/8UIloJP4otCBy8KLRxIMmJnrAY20LQRZqaE2EEC3G4NGQeDceTfgLPOnFqCcTr+rZkBDTC+hpzezO0O2yu/bXdiv7+SQD78287XvfefO2b+Z1AhhYB7J/kogdEfFbRIw0sksLHGj8d3vh8uTfC5cnk6jV3v4rqZe7tXB5sihafG57kSlHpJ8lsa9NvbMXL52dqFanL+T5w3PnPjg8e/HS82fOTZyePj19fvzEiWNHx148Pv7CusSZxXVr78cz+/e8/u61NydPXnvvp+tJEX9LHGtXjqYf3dZTtdr6VbcJ7GxKJ+U+NoQVKeVX61B9/I9EKRY7byRe+7SvjQN6qlar1R7qfHi+BtzDkuh3C4D+KH7RZ/e/xbZBU49N4ebLjRugLO7b+dY4Uo40LzPUcn+7ng5ExMn5f77Ktmh9DrG1R5UCAAPtu2z+81y7+V8azc+F7s/XUCoR8UBE7IqI4xGxOyIejKiXfTgiHllh/a2LJHfPP9MbqwpsmbL530v52tbS+V8x+4tKKc/trMc/lJw6U50+kp+TQzG0JcuPdanj+1d//aLTseb5X7Zl9RdzwbwdN8pbln5mamJuYi0xN7t5JWJvuV38yZ2VgCQi9kTE3lXWceaZb/Z3OtYh/uFl/eB1WGeqfR3xdKP/56Ml/kLSfX3y8H1RnT6yJfKr4m4//3L1rU71/3f/91bW/9vaXv9F/H9Ukub12tmV13H198873lOu9vofTt5Zsu+jibm5C2MRw8kb9Xylef94S7nxxfJZ/IcOth//u2LxTOyLiOwifjQiHouIx5u+u56IiINd4v/xlSffX338vZXFP9W1/6Ol/xcTw9G6p32idPaHb5dUWllJ/Fn/H6unDuV7lvP91645RUTNh9Zy7gAAAOD/Io2IHZGko3fSaTo62vgb/t2xLa3OzM49e2rmw/NTjXcEKjGUFs8/R5qeh47lt/VFfrwlfzR/bvxlaWs9Pzo5U53qd/Aw4LZ3GP+ZP0v9bh3Qc97XgsFl/MPgMv5hcBn/MLjajH+vnsGAaPf7/5M+tAPYeC3jv+uyn4kB3Fvc/8PgMv5hcBn/MJCuRHR/eb+niet5Kzak0jQiVv3xiH6cn82ciHRTNEOiR4k+fzEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsk38DAAD//3893aY=")
r0 = inotify_init()
close_range(r0, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x2)
fadvise64(r0, 0x5, 0x7, 0x0)

2.40853956s ago: executing program 4 (id=1921):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x1100, 0x40})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000440)={0x73622a85, 0x100a, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

2.271641008s ago: executing program 2 (id=1922):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000540)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000140)={0x0, 0xa, 0x8000000000003, 0x0, 0x8, 0x401, 0x28af, 0x0, 0x4})

2.2288021s ago: executing program 8 (id=1924):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000004c0)={'syzkaller0\x00', @link_local})
write$tun(r1, &(0x7f00000001c0)=ANY=[], 0xc2)
write$cgroup_devices(r1, &(0x7f0000000280)=ANY=[], 0xffdd)

2.148476995s ago: executing program 1 (id=1925):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49db, 0x0, 0xfff9, 0xbfff, 0x18, "ec28a144f13d7607"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00000001c0)={0x0, 0xffffef7b, 0xfffffffa, 0xb2, 0x9, "1beb00000e001000000008010100"})
r1 = syz_open_pts(r0, 0x20800)
syz_usb_connect(0x3, 0x7f, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000044d6b2099042510f69c0000000109026d0001022440020904c20004a2f8ab000524060000052400f5ff0d240f01080000000700008036042402050524060000052400ec000d240f01030000000600050081052401000309050904100000050f090582e64103060c0309050a03"], 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x44)

2.094117748s ago: executing program 4 (id=1926):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fda35065733173ae72a0d270d958f739b6d44c893b03599f77a332b446ea93568ae2ff534952656c6a18b6c0fdcec321127ee28705f2496eb43654255c5cc688f71db82bab173f4e19361ac01c1b0a2d2229993c8308ab7721e4c33c5fc214cd64a17d", 0x7f)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

1.972389295s ago: executing program 4 (id=1927):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x10b})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000280)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000800)={@ptr={0x66642a85, 0x0, 0x0, 0x0, 0x1, 0x400000000024}, @ptr={0x70742a85, 0x20000000, 0x0, 0x0, 0x2}, @fd={0x66642a85, 0x0, r2}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1040}], 0x0, 0x0, 0x0})

1.88536247s ago: executing program 5 (id=1928):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.683827542s ago: executing program 4 (id=1929):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x8480, &(0x7f0000000880)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d60edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b49057d94f10f7b5e35ead0a38", @ANYRES8=0x0, @ANYRES8], 0x1, 0x228, &(0x7f00000002c0)="$eJzs2k9rHHUYB/BnYkvblHQj/qMF8Yce1MuQ5OyhQVIQFxTtClWQTs2sLjvuhp0lsCI2J736EjyLR2+C9OglF1+BB2+55NiDONLdqIlu8SAmrP18LvvAs1/mN8zw8Bzm4JUvP+5367xbjGMpy2LpeuzF/SxWYyl+txcvv3jrh2ffvvXu65vt9tZbKd3YvLm+kVK68tz37336zfP3xpff+fbKdxdif/X9g8ONn/ef3r968OvNj3p16tVpMBynIt0ZDsfFnapM2726n6f0ZlUWdZl6g7ocneh3q+HOziQVg+2V5Z1RWdepGExSv5yk8TCNR5NUfFj0BinP87SyHPwbna/vN00cNudvR9M0l76Ky/di5adoRfZ4yp64nj11O3tmL7t62DStsz4q/wnP/9F2bKhfjKi+2O3sdma/s/5mN3pRRRlr0Ypf4sFrcmRaX4qIrbU0tRqfV3eP8nd3O4+dzK9HK1b/lm9uvNbeWp/l08n8hViOOB9xlN+IVjw5P78xN38xXnrh2PXzaMWPH8QwqtiOB9k/85+tp/TqG+2/5K9N/wcA8H+Tpz/M3d/y/GH9Wf4f9sPpfrU2dz87F9fOne29E1FPPukXVVWOFqmIWFvcwysUi1Cc9WTiNBwfqgAAAAAAAAAAACyO0/lcFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OF+CwAA//8IDdAR")
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000540)='./file0\x00', 0x1001404, &(0x7f00000000c0)={[{@cruft}, {@utf8}, {@nojoliet}, {@showassoc}, {@utf8}, {@map_normal}]}, 0x1, 0x55a, &(0x7f0000000b00)="$eJzs3VFP21YbwPHHFN7StEKv3vdVVSHantJ3Ekg0dUKbKurNPOcknDaxI9up4KpCBSrU0E6lkwY3U2+6Tdou9wF6uw+xj7DLad9gV9UudrlpTLYTCDQhFApB6P+LWh/sxz7PiSI/OhDbAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxHJLtp2zpGq8xrzqzS0Ffm2f7e3jTf81liy6dvbr+k6/Ilb8T0ZH5Uq66sr/diIvx/9NykT604SMxotR2bx4+d/3/zs81N5/n4ROxPrG5rPFZnP55aATGZCK9kzom5pT0cqEvioWCvbtuXKoyqaqw4WvftY15QbaifxATbnTKlcsziqdXfAbXqXkVHV75b1bedsuqAfZunaC0PduP8iG7pypVo1XSWLizXHMvfiD+NBEKtJOTamV1ebybL8k46DcQYLy/YLydj6fy+XzucLd4t17tj383gp7D3kvYvAfWgzW8ZzIgUMYatV/qYoRTxoyL6rry5WSBOJLrcf2llbhn/7ktt633876367yV3Y2j0tS/6+lP13rVf975HJyr3XZkE15JovSlKYsy8uBZ3Syr4po8cRIKL4YqYmTrFGtNUqKUpCC2PJY5qQsoSgpi5F/iZZQFiSUSHTyiXIlEC2OROJLIEqmxJVpUZKTohRlVpRoycqC+NIQTypSEkeqomVFVpP3fXafHLeDcgcJyu8TlP+D+o89hlunrAPv8HFP4MARbLXrPwAAAAAAOLOs5Lfv8fx/RK4mrbKpanvQaQEAAAAAgI8o+cv/RLwYiVtXxWL+DwAAAADAWWMl19hZIpKR62mrfSUUvwQAAAAAAOCMSP7+fy1eZOLWdbGY/wMAAAAAcNZ80/ce+2H9vPXT7xIEI9br+vz/rTUnjnPWzqX7ndt7xKg8fvHPrcRwcqzCcOuQrp6wLqVB2zfBfNdarPTLw/qQBKyx1t67E5Dv5EYac2MpXS61t6S9ZMqmqrOuX72fE8cZG4r0fPTF89UvJRn+t15tzJKV1eZy9smL5lKSy+v4KK/XWjdQfO8+ivvk8iq530JyzUXXEY8kF2K0+s2k/dqd4x9Kdx/6gD7fyGQaM5lJl5nd4x+N+8xle42+lUXuiCN/IzfTmJtTN9NFlyzy/bLId2ZxqPfiAFnM9sti9ohZAMCgrPSuQn+nRXxrb909xFnuZKr7G5lKY6bGkxPr8HiXM7rd74xuH7G6/bj9DIR2cK8aG/f7/Z6q+jbe4W3PfsNq3orfwnOv1j6Xy+sbm7dW1xafLj9dfp7PzxbsO7Z9Ny8jyTBaC2oPAKCLbs/YadfcdP7f9yk81p0+s+r/bH+lICtP5IU0ZUlmkqsNkm8cdD1qJtnnQvI1hJk+s9ZMxxNeZvrM6jIdD3rpiP3tl7S1K9bqeLwMAABnyWSfOnyQ+j/Ta979Q7K2o+bGtXz/2XFnLQcAAMdDB++sTPS1FQSm/jhXLOacaE6rwHcfqsCUKloZL9KBO+d4Fa3qgR/5rl+NG49MSYcqbNTrfhCpsh+ouh+a+eTJ7ypcCCNdU6GuOV5k3LBe1U6olet7keNGqmRCV9Ubn1VNOKeDZOewrl1TNq4TGd9Tod8IXJ1VKtS6I9CUtBeZsombnqoHpuYEC+qRX23UtCrp0A1MPfLTA7b7Ml7ZD2rJYbODfrMBADgl1jc2ny02m8sv+zU+PUBMj8agxwgAAHajSgMAAAAAAAAAAAAAAAAAAAAAcPod8pK+s9e49LEOuLVrjSUiOzEX5BSM9BCN8+2PyynJh8bxNwZ7XgJw/P4JAAD//1zPX+o=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x84c18000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r1 = socket(0x1, 0x5, 0x0)
close(r1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000500)={0xe000200c})

1.407577348s ago: executing program 1 (id=1930):
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_open_dev$usbfs(0x0, 0x75, 0x109301)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r0, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1e1c}, {&(0x7f00000000c0)=""/250, 0x14}], 0x2, 0x0, 0xd64}}], 0x300, 0x34000, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16, @ANYBLOB="a787000000ff000000000b00000404000180"], 0x18}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000102c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x401, 0xfffffffc, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8060}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0)

1.407324378s ago: executing program 2 (id=1931):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000088, &(0x7f0000000380)={0xa, 0x4e20, 0xfffffffc, @empty, 0xfffffffe}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000040)=0x1000, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x3d10, 0x4)
sendto$inet6(r0, &(0x7f0000000000)='\x00', 0x1, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
recvmmsg(r0, &(0x7f0000001e80)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x40032003, 0x0)

1.173786002s ago: executing program 1 (id=1932):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000040), 0x7, 0x4ba, &(0x7f0000000740)="$eJzs3E9sFFUcAODfbFta/smKiIKoRTQ2GlsoKBy8YDTxoIkRD3ps2kKQQg2tiRCiS2LwaEi8G49ePXhVb8aTiVc8mhgSYrgAntbM7ky73c4udLt0hf2+ZNn3Zt7se2/fvJk373UJoG+Npv8kEdsi4lpE7IiIUnOC0frb7ZuXpu/cvDQdlWr1xD9JeljcSuOZJHvfmkXGShGlL5PlHQ0WLlw8MzU3N3s+i08snv1kYuHCxVdOn506NXtq9tzksWNHDh86+trkq2uvVEF+ab1u7f18ft+etz+6+u70YL59JHtvrEe3jMZoUVFqXuh2Zj22vSGcDPawIKxJev6nzTVU6/87YiA0HvSLarVaHW69u1JtdnnVFuCBlUSvSwD0Rn6jT59/81fRQGDT/Rl+9NyN4/UHoLTet7NXxLO1jfk8yFDT8203jUbEh5V/v01fcZ/mIQAAGv18PB8JNo3/yhG7G9I9kq2hlCPi0YjYGRGPRcSuiHg86mmfiIgnmz5/ICKqbfIfbYqvHv+Urq+vhu2l47/Xs7Wt5fFfNK6ClQey2PaIfMA8ezD7TsZiaPjk6bnZQ23y+OXNP75uta9x/Je+0vzzsWBWjuuDTRN0M1OLUx1XuMmNyxF7B5vrnwxGJEsrAUlE7ImIvWv43HJD+PRL3+9bigytTHf3+tdUC9fRurBUUf0u4sV6+1diRfsv55i0X5+cGIm52YMT6VlwsDCP336/8l6r/O9a/x//aj7kraM/nch61vql7b+l4fyPfP12uf7lJCJZWq9dWHseV/78quUzTafn/6bkg1o4fy79bGpx8fyhiE3JO/n2y0vbJ5ePzePpe1Tq9R87UNz/d2bHpN/EUxGRnsRPR8QzUX9CTMu+PyKei4gDber/6xvPf9x5/e+vtP4zhde/Fe2/vF7fKpBU6qkLdg2c2X/tTouLx721/5FaaCzbUnz9S1ZcItqUdEVgvd8fAAAAPAhKEbGtYS5pW5RK4+P1OaBdsaU0N7+w+PLJ+U/PzdR/I1COoVI+01WfDx5K8vnPckN8sil+OJs3/mZgcy0+Pj0/N9PTmgNba30+KY0vXQvq/T/1d3emmIH/s9XraH4EBP3ibr1999UNKgiw4dztoX819P9KiyQVfykDDyf3f+hfRf3/iw6OAR4sVX0Z+tpa+r9rBTxcBuP9pXCppyUBNpp7OvSle/qRfMeB6nDxrpFYnThG2n/gQHRWjM0FefUkkI6sepL75k6Oyv83hZZporS2DxyO7rTpyfV/Lad2d/3kr2Z/K9/tFvxhQ/ppUaAnlyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICu+y8AAP//op3a9g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0xfffffffffffffffe, 0x29)

1.128282144s ago: executing program 2 (id=1933):
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="010028bd700bfbdbdf"], 0x14}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1d)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
gettid()
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1f, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014210a00b7030000000000008500000083000000bf090000000000005509010000000000950000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4}, 0xc)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000000200))
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.100255296s ago: executing program 4 (id=1934):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x143)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x40182, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_GUEST_MEMFD(r2, 0xc040aed4, 0x0)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x88300, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r4, 0x40383d0c, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x4000000)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000280)={0x3, &(0x7f0000000200)=[{0x5, 0x9, 0x3c, 0x3}, {0x7fff, 0xff, 0xbf, 0x7fff}, {0xd, 0xff, 0xac, 0x5}]}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x5, 0x8, 0x8005, 0x0, 0x9, 0x1000000000, 0x7, 0xfa11, 0x6}, 0x0)
r8 = syz_open_procfs(0x0, 0x0)
getdents(r8, &(0x7f0000001fc0)=""/184, 0xb8)
mknodat$loop(r8, &(0x7f0000000000)='./file0\x00', 0x4, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="400000002e00090027bd700000000000040000002900118031f9e05e2f826cfc31dc2af824704f63dac994ce05dc7224e5479795b50d90ced5ffffffffffff00bf8a5f8fee22c13d40e9193e1a06805df92302acc657853643410315"], 0x40}, 0x1, 0x0, 0x0, 0x42804}, 0x0)
mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
renameat2(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x2)
r10 = inotify_init()
inotify_add_watch(r10, &(0x7f0000000080)='./file0\x00', 0x80000006)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x20a})
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001000010828bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000520040008001b00000000000800290044fa010008000d0000000080"], 0x38}}, 0x4000000)

751.387676ms ago: executing program 5 (id=1935):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x10, &(0x7f00000004c0)={[{@i_version}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XjW68nsJIBjqxQRL0fESESci4ipfHuah3i/FbL9trc2lv7e2lhKotF47c8kknxb8VpJ/ngqf4GZNCL9KInHe5S7fuv2jXKtVl3L03P1lbfm1m/dfnZ5pXy9er16c+G58xcuXnzh0sLzAzvWzZXkk6e+ufzbZx9XPv/pj++ns/qezvM6j2NQSlFqvye7XRp0YUN2oiOejA6xIgAA7CnNr/1Hm9f/UzESOxdvU/Hpj0OtHAAAADAQjUbxCAAAABxdid/+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW3f0zu26/7eQSpFxKsnrixkIQ7pPmwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys8ed/ZI74xO/Ps5lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xtwAOX9b/J/du/+Y6ue31etf3X8Z3f135uV/evdu/9/l/PLnarOB4vu2dcr2+Nh8xnlzu3u7T1Fa8H8X7lbX/zJO9v/+L678k/+4/07E+9H688t7Zq/3y9P/hytq/sq/+v//Im5OPzvQr//76/4VmZYoXcf13b/fbQMOuJwAAAAAAAACDkTbn9iXpbDueprOzrXm+/4/JtLa6Xn/m2urbNyutOYDTMZYW8z+nOuaDzrduI2+nF3alz0fE2Yj4YupkMz27tFqrDPvgAQAA4Jg41ef3f+b3g9zsAQAAADycpoddAQAAAODQ+f0PAAAAR9qDrOtfq64V/yLogE8XETlYZCT/4D0s9Tl6kSGelAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIfwIAAP//keS8Nw==")
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x449)
read$watch_queue(0xffffffffffffffff, 0x0, 0x0)

751.163886ms ago: executing program 8 (id=1936):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x1100, 0x40})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000440)={0x73622a85, 0x100a, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

513.26308ms ago: executing program 36 (id=1936):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x1100, 0x40})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000440)={0x73622a85, 0x100a, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

494.267701ms ago: executing program 5 (id=1938):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)=@vmx={0x0, 0x0, 0x2080, {0x0, 0x0, {}, 0x0, 0x2}})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

483.714902ms ago: executing program 1 (id=1939):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x10b})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000280)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000800)={@ptr={0x66642a85, 0x0, 0x0, 0x0, 0x1, 0x400000000024}, @ptr={0x70742a85, 0x20000000, 0x0, 0x0, 0x2}, @fd={0x66642a85, 0x0, r2}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1040}], 0x0, 0x0, 0x0})

259.679655ms ago: executing program 1 (id=1940):
write(0xffffffffffffffff, &(0x7f0000000340)="1c00", 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1000)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x40000073, 0x0, 0x81}]})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x75, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

259.473265ms ago: executing program 5 (id=1941):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={&(0x7f0000000340), 0x0}}, &(0x7f0000000300)=<r1=>0x0)
r2 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r2, 0x2)
r3 = open(&(0x7f0000000300)='.\x00', 0x102000, 0x0)
flock(r3, 0x1)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0xb, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

1.34832ms ago: executing program 1 (id=1942):
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r1, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1e1c}, {&(0x7f00000000c0)=""/250, 0x14}], 0x2, 0x0, 0xd64}}], 0x300, 0x34000, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="a787000000ff000000000b00000404000180"], 0x18}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000102c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x401, 0xfffffffc, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8060}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0)

0s ago: executing program 2 (id=1943):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_open_dev$vcsa(&(0x7f0000000280), 0x5, 0x101000)
fsetxattr$security_capability(r2, &(0x7f00000002c0), &(0x7f0000000300)=@v2={0x2000000, [{0xc0000, 0xffffff63}, {0xbb3f, 0x8}]}, 0x14, 0x1)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000001c0)="efc2b98ba1e0674d073fef01c29b9360e1f460f8ac221849e3020e3c1aa16708187d7ead05a051c75840766fe4ae3220e125f1af6aec25e51fc84c2aa3c0f7f1f6b0b13cf559129878f2351507d557f5e5e20cacf06b06d324e12ac79ad7153282b4c6ae6bf2b7b7f427f3d9cbc5567e47e60dd4c2944a0a9baad09a203c0bf9ad8ff9294523f81e7a22ce362401be96a330afff", 0x94)
sendmsg$key(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @empty, 0x5}, 0x1c)

kernel console output (not intermixed with test programs):

28798][   T21] usb 3-1: SerialNumber: syz
[  259.641033][ T4236] usb 1-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[  259.653600][   T21] usb 3-1: config 0 descriptor??
[  259.948452][   T21] usb 3-1: USB disconnect, device number 18
[  259.994242][ T7944] loop3: detected capacity change from 0 to 128
[  260.053721][ T7944] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  260.083866][ T7944] ext4 filesystem being mounted at /200/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  260.185406][ T7944] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  260.510616][ T4236] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  260.519819][ T4236] usb 1-1: config 1 has no interface number 1
[  260.540606][ T4236] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  260.570571][ T4236] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 52, changing to 7
[  260.590785][ T4236] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 9272, setting to 1024
[  260.843416][ T4236] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  260.856180][ T4236] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.879807][ T4236] usb 1-1: Product: syz
[  260.897081][ T4236] usb 1-1: Manufacturer: syz
[  260.903936][ T7957] loop4: detected capacity change from 0 to 512
[  260.912496][ T7947] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  260.915684][ T4236] usb 1-1: SerialNumber: syz
[  260.937970][ T7947] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  261.082766][ T7957] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1069: inode has both inline data and extents flags
[  261.115144][ T7957] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1069: couldn't read orphan inode 15 (err -117)
[  261.144992][ T7963] loop2: detected capacity change from 0 to 512
[  261.179458][ T7957] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  261.228805][ T7963] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5
[  261.228805][ T7963] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  261.228805][ T7963] 
[  261.287409][ T7963] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  261.342828][ T7963] EXT4-fs (loop2): 1 truncate cleaned up
[  261.368449][ T7963] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,noacl,nombcache,noblock_validity,,errors=continue. Quota mode: none.
[  261.975434][ T7982] loop4: detected capacity change from 0 to 1024
[  262.387714][ T7982] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  262.927296][ T7999] loop2: detected capacity change from 0 to 512
[  263.006281][ T7999] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5
[  263.006281][ T7999] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  263.006281][ T7999] 
[  263.119690][ T7999] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  263.158460][ T7999] EXT4-fs (loop2): 1 truncate cleaned up
[  263.199654][ T7999] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,noacl,nombcache,noblock_validity,,errors=continue. Quota mode: none.
[  263.420946][ T4236] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor
[  263.429111][ T4236] usb 1-1: found format II with max.bitrate = 0, frame size=0
[  263.471819][ T4236] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  263.582880][ T4236] usb 1-1: USB disconnect, device number 16
[  264.460704][ T8020] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1089'.
[  264.579163][ T8020] loop3: detected capacity change from 0 to 1024
[  266.168660][ T8020] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  266.178895][ T8020] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  266.197572][ T8020] EXT4-fs error (device loop3): ext4_get_journal_inode:5185: inode #5: comm syz.3.1089: unexpected bad inode w/o EXT4_IGET_BAD
[  266.213338][ T8020] EXT4-fs (loop3): no journal found
[  266.218813][ T8020] EXT4-fs (loop3): can't get journal size
[  266.239259][ T8020] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,errors=remount-ro,norecovery,min_batch_time=0x000000000000071d,abort,. Quota mode: writeback.
[  266.649282][ T8031] loop0: detected capacity change from 0 to 512
[  266.705814][ T8028] kvm: pic: single mode not supported
[  266.707076][ T8028] kvm: pic: level sensitive irq not supported
[  266.785152][ T8031] EXT4-fs error (device loop0): ext4_fill_super:4866: inode #2: comm syz.0.1094: inode has both inline data and extents flags
[  266.882795][ T8031] EXT4-fs (loop0): get root inode failed
[  266.888814][ T8031] EXT4-fs (loop0): mount failed
[  267.062951][ T8046] loop0: detected capacity change from 0 to 512
[  267.144238][ T8046] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  267.238618][ T8046] EXT4-fs (loop0): 1 truncate cleaned up
[  267.270706][ T8046] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000007,journal_dev=0x0000000000000001,debug_want_extra_isize=0x000000000000006a,auto_da_alloc=0x0000000000008001,errors=remount-ro,nouid32,. Quota mode: none.
[  267.371041][   T21] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  267.610650][   T21] usb 4-1: Using ep0 maxpacket: 8
[  267.762682][   T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  267.836828][   T21] usb 4-1: config 0 has no interfaces?
[  267.930724][   T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  267.997840][   T21] usb 4-1: config 0 has no interfaces?
[  268.090529][ T8068] loop2: detected capacity change from 0 to 7
[  268.171972][ T8068]  loop2:
[  268.190812][   T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.219139][ T8068] loop2: partition table partially beyond EOD, truncated
[  268.242985][   T21] usb 4-1: config 0 has no interfaces?
[  268.380726][   T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.408971][   T21] usb 4-1: config 0 has no interfaces?
[  268.460021][   T21] usb 4-1: New USB device found, idVendor=046d, idProduct=08b3, bcdDevice=6d.2a
[  268.544194][   T21] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.625911][   T21] usb 4-1: config 0 descriptor??
[  270.152197][ T8096] loop0: detected capacity change from 0 to 8192
[  270.417034][ T8111] device syzkaller0 entered promiscuous mode
[  272.287660][ T8132] loop4: detected capacity change from 0 to 512
[  273.124448][ T8132] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  273.173397][ T8132] EXT4-fs (loop4): orphan cleanup on readonly fs
[  273.179945][ T8132] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  273.193729][ T8132] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.1130: attempt to clear invalid blocks 2 len 1
[  273.213502][ T8132] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  273.230708][ T8132] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1130: invalid indirect mapped block 1819239214 (level 0)
[  273.252332][ T8132] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1130: invalid indirect mapped block 1819239214 (level 1)
[  273.273869][ T8132] EXT4-fs (loop4): 1 truncate cleaned up
[  273.279672][ T8132] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,init_itable=0x0000000000000004,mblk_io_submit,minixdf,jqfmt=vfsv0,usrjquota=..,errors=continue. Quota mode: writeback.
[  273.375808][   T13] usb 4-1: USB disconnect, device number 20
[  273.448401][ T8138] fuse: Unknown parameter 'grou'
[  273.766041][ T8144] loop3: detected capacity change from 0 to 512
[  273.831793][ T8144] EXT4-fs (loop3): Ignoring removed nobh option
[  273.860043][ T8144] EXT4-fs (loop3): Unrecognized mount option "seclabel" or missing value
[  274.106351][ T8148] device syzkaller0 entered promiscuous mode
[  274.507495][ T8154] loop4: detected capacity change from 0 to 8192
[  274.623136][ T8157] kvm: pic: single mode not supported
[  274.624338][ T8157] kvm: pic: level sensitive irq not supported
[  275.921779][ T8179] device syzkaller0 entered promiscuous mode
[  276.229476][ T8187] loop4: detected capacity change from 0 to 128
[  276.263291][ T8188] loop0: detected capacity change from 0 to 164
[  276.612031][ T8187] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  276.642017][ T8187] ext4 filesystem being mounted at /209/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  276.687611][ T8192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  278.042595][ T8206] loop2: detected capacity change from 0 to 2048
[  278.052764][ T8199] loop4: detected capacity change from 0 to 8192
[  278.105374][ T8206] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  278.533823][ T8216] loop2: detected capacity change from 0 to 512
[  278.590433][ T8216] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  278.629041][ T8216] EXT4-fs (loop2): 1 truncate cleaned up
[  278.639779][ T8216] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,stripe=0x0000000000000008,block_validity,bsdgroups,nombcache,,errors=continue. Quota mode: none.
[  278.822145][ T8227] loop0: detected capacity change from 0 to 128
[  278.861452][ T8222] device syzkaller0 entered promiscuous mode
[  279.338686][ T8227] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  279.397877][ T8227] ext4 filesystem being mounted at /220/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  279.951210][ T8243] syz.2.1163 uses obsolete (PF_INET,SOCK_PACKET)
[  280.737729][ T8244] loop0: detected capacity change from 0 to 4096
[  281.107181][ T8244] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a802c018, mo2=0003]
[  281.146200][ T8244] System zones: 0-5
[  281.213989][ T8244] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,delalloc,resuid=0x0000000000000000,nodioread_nolock,errors=continue,data_err=ignore,nodiscard,barrier,,errors=continue. Quota mode: writeback.
[  281.343156][ T8244] fs-verity: sha512 using implementation "sha512-avx2"
[  281.630181][ T8261] loop2: detected capacity change from 0 to 2048
[  281.793642][ T8261] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  281.928214][ T8270] device syzkaller0 entered promiscuous mode
[  282.160899][ T8281] device syzkaller0 entered promiscuous mode
[  282.736570][ T8297] loop4: detected capacity change from 0 to 2048
[  282.807731][ T8294] loop2: detected capacity change from 0 to 8192
[  282.846868][ T8297]  loop4: p2 < > p4
[  282.861457][ T8297] loop4: p4 size 262144 extends beyond EOD, truncated
[  282.914574][ T8294] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1346439385 (2692878770 ns) > initial count (2012027762 ns). Using initial count to start timer.
[  283.150707][ T4298] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  283.294338][ T8305] netlink: 'syz.2.1188': attribute type 1 has an invalid length.
[  283.440594][ T4298] usb 5-1: Using ep0 maxpacket: 32
[  283.590829][ T4298] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  285.234943][ T4298] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  285.297037][ T4298] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  285.317353][ T4298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.359012][ T4298] usb 5-1: config 0 descriptor??
[  285.394671][ T8319] device syzkaller0 entered promiscuous mode
[  285.584407][ T4407] usb 5-1: USB disconnect, device number 27
[  288.922872][ T8370] loop3: detected capacity change from 0 to 4096
[  289.055457][ T8370] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a802c018, mo2=0003]
[  289.066036][ T8370] System zones: 0-5
[  289.080855][ T8370] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,delalloc,resuid=0x0000000000000000,nodioread_nolock,errors=continue,data_err=ignore,nodiscard,barrier,,errors=continue. Quota mode: writeback.
[  289.368699][ T8370] fs-verity (loop3, inode 13): Unknown hash algorithm number: 0
[  289.563152][ T8379] loop2: detected capacity change from 0 to 164
[  292.417611][ T8403] loop0: detected capacity change from 0 to 1024
[  292.497811][ T8407] loop2: detected capacity change from 0 to 1024
[  292.729913][  T154] hfsplus: b-tree write err: -5, ino 4
[  292.807660][ T8415] loop4: detected capacity change from 0 to 8
[  293.436886][ T8407] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  293.550561][ T8422] loop3: detected capacity change from 0 to 164
[  295.739663][ T8439] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1232'.
[  296.239958][ T8449] device syzkaller0 entered promiscuous mode
[  296.888942][ T8466] loop3: detected capacity change from 0 to 128
[  298.516406][   T26] audit: type=1326 audit(1771320669.342:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8480 comm="syz.0.1250" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb8b7adff79 code=0x0
[  298.563465][ T8485] loop3: detected capacity change from 0 to 128
[  298.798734][ T8485] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  298.871335][ T8485] ext4 filesystem being mounted at /234/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  298.896357][ T8491] loop0: detected capacity change from 0 to 512
[  299.145923][ T8491] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  299.176978][ T8495] loop2: detected capacity change from 0 to 16
[  299.220847][ T8491] ext4 filesystem being mounted at /234/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.328265][ T8495] erofs: (device loop2): mounted with root inode @ nid 36.
[  299.528648][ T8491] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  299.545367][ T8495] erofs: (device loop2): erofs_fill_dentries: bogus dirent @ nid 36
[  299.610058][ T8491] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  299.693751][ T8491] EXT4-fs error (device loop0): ext4_acquire_dquot:6234: comm syz.0.1252: Failed to acquire dquot type 0
[  299.777705][ T8503] loop4: detected capacity change from 0 to 1024
[  299.888285][ T8503] hfsplus: invalid length 32517 has been corrected to 255
[  300.000767][   T21] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  300.080441][ T8510] loop0: detected capacity change from 0 to 128
[  300.387697][   T21] usb 4-1: Using ep0 maxpacket: 8
[  300.810686][   T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  300.883654][   T21] usb 4-1: config 0 has no interfaces?
[  301.100753][   T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  301.147465][   T21] usb 4-1: config 0 has no interfaces?
[  301.260922][   T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  301.288904][   T21] usb 4-1: config 0 has no interfaces?
[  301.420906][   T21] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  301.450029][   T21] usb 4-1: config 0 has no interfaces?
[  301.466378][   T21] usb 4-1: New USB device found, idVendor=046d, idProduct=08b3, bcdDevice=6d.2a
[  301.507423][   T21] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.543783][   T21] usb 4-1: config 0 descriptor??
[  302.040675][ T1108] usb 5-1: new low-speed USB device number 28 using dummy_hcd
[  302.420854][ T1108] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  302.441760][ T1108] usb 5-1: config 0 has no interface number 0
[  302.469788][ T1108] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  302.535635][ T1108] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  302.585350][ T1108] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  302.615674][ T1108] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.667602][ T1108] usb 5-1: config 0 descriptor??
[  302.702847][ T8534] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  302.727655][ T1108] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  303.007077][ T4270] usb 5-1: USB disconnect, device number 28
[  303.010851][    C0] iowarrior 5-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  303.239489][   T21] usb 4-1: USB disconnect, device number 21
[  303.713017][ T8583] loop2: detected capacity change from 0 to 16
[  303.755620][ T8583] erofs: (device loop2): mounted with root inode @ nid 36.
[  304.094957][ T8585] loop4: detected capacity change from 0 to 4096
[  304.176177][ T8585] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a802c018, mo2=0003]
[  304.214420][ T8585] System zones: 0-5
[  304.259630][ T8585] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,delalloc,resuid=0x0000000000000000,nodioread_nolock,errors=continue,data_err=ignore,nodiscard,barrier,,errors=continue. Quota mode: writeback.
[  304.774679][ T8597] binder: 8596:8597 ioctl c0306201 0 returned -14
[  304.796715][ T8597] binder: 8596:8597 ioctl 40405514 0 returned -22
[  305.180431][ T8598] chnl_net:caif_netlink_parms(): no params data found
[  305.389070][ T8598] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.447903][ T8598] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.478333][ T8598] device bridge_slave_0 entered promiscuous mode
[  305.501879][ T8598] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.538404][ T8598] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.548161][ T8598] device bridge_slave_1 entered promiscuous mode
[  305.580615][ T8598] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  305.594238][ T8598] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  305.637037][ T8598] team0: Port device team_slave_0 added
[  305.665125][ T8598] team0: Port device team_slave_1 added
[  305.706311][ T8598] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.715053][ T8598] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.778170][ T8598] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.831903][ T8598] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.839752][ T8598] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.956786][ T8598] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.044981][ T8598] device hsr_slave_0 entered promiscuous mode
[  306.071145][ T8598] device hsr_slave_1 entered promiscuous mode
[  306.098852][ T8598] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  306.135718][ T8598] Cannot create hsr debugfs directory
[  306.205899][ T8624] loop4: detected capacity change from 0 to 512
[  306.232190][ T4270] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  306.492160][ T8624] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  306.700734][ T4270] usb 3-1: Using ep0 maxpacket: 8
[  306.852242][ T4270] usb 3-1: config 0 interface 0 has no altsetting 0
[  306.893330][ T4270] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  306.918277][ T8624] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.1296: bg 0: block 5: invalid block bitmap
[  307.090513][ T4270] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.142881][ T8624] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6194: Corrupt filesystem
[  307.154167][ T4270] usb 3-1: config 0 descriptor??
[  307.161618][   T21] Bluetooth: hci0: command 0x0409 tx timeout
[  307.170215][ T8624] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1296: invalid indirect mapped block 3 (level 2)
[  307.201353][ T8624] EXT4-fs (loop4): 2 truncates cleaned up
[  307.217612][ T8624] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000067,dioread_nolock,grpquota,,errors=continue. Quota mode: writeback.
[  307.307481][ T8634] loop3: detected capacity change from 0 to 128
[  307.450977][ T8598] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  307.461510][ T8634] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  307.474903][ T8634] ext4 filesystem being mounted at /242/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  307.492588][ T8598] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  307.523366][ T8598] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  307.534070][ T8634] fscrypt (loop3, inode 12): Mutually exclusive encryption flags (0x0c)
[  307.545504][ T8598] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  307.687515][ T4270] itetech 0003:06CB:73F5.0008: hidraw0: USB HID v0.09 Device [HID 06cb:73f5] on usb-dummy_hcd.2-1/input0
[  307.865083][   T21] usb 3-1: USB disconnect, device number 19
[  307.933028][ T8653] fido_id[8653]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  307.970363][ T8598] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.016257][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  308.051186][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  308.103174][ T8598] 8021q: adding VLAN 0 to HW filter on device team0
[  308.129035][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  308.180744][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  308.210126][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.217324][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.275112][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  308.359632][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  308.391010][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  308.448592][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.455861][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.501903][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  308.521292][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  308.575534][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  308.614961][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  308.637298][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  308.669178][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  308.694690][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  308.730229][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  308.749343][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  308.769843][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  308.811631][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  308.844675][ T8598] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  309.230835][ T4298] Bluetooth: hci0: command 0x041b tx timeout
[  309.388533][ T8598] 8021q: adding VLAN 0 to HW filter on device batadv0
[  309.411706][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  309.419384][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  311.651695][ T4298] Bluetooth: hci0: command 0x040f tx timeout
[  311.894469][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  311.920257][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  311.965491][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  311.984221][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  312.016647][ T8598] device veth0_vlan entered promiscuous mode
[  312.028562][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  312.047729][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  312.078755][ T8598] device veth1_vlan entered promiscuous mode
[  312.158740][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  312.172290][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  312.198101][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  312.223730][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  312.257765][ T8598] device veth0_macvtap entered promiscuous mode
[  312.292613][ T8598] device veth1_macvtap entered promiscuous mode
[  312.348468][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.385314][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.412105][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.438198][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.464953][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.488994][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.512359][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.555191][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.599954][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  312.653197][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  312.702118][ T8598] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.710007][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  312.751674][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  312.765033][ T8708] loop7: detected capacity change from 0 to 7
[  312.802703][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  312.821913][ T8708] Dev loop7: unable to read RDB block 7
[  312.839138][ T8708]  loop7: unable to read partition table
[  312.859788][ T8708] loop7: partition table beyond EOD, truncated
[  312.862773][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  312.970736][ T8708] loop_reread_partitions: partition scan of loop7 (þ被xü—ŸÑà– ) failed (rc=-5)
[  313.029251][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.050642][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.060731][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.071788][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.082137][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.092938][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.290255][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.301540][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.312102][ T8598] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.323270][ T8598] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.335163][ T8598] batman_adv: batadv0: Interface activated: batadv_slave_1
[  313.553580][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  313.601587][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  313.647047][ T8598] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.679666][ T8598] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.716653][ T4298] Bluetooth: hci0: command 0x0419 tx timeout
[  313.721518][ T8598] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.770588][ T8598] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  314.014686][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  314.036494][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.055191][ T8727] loop2: detected capacity change from 0 to 1024
[  314.074045][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  314.138713][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  314.168678][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  314.177630][ T8727] hfsplus: failed to extend attributes file
[  314.199546][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  314.280762][   T21] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  314.710692][   T21] usb 5-1: Using ep0 maxpacket: 16
[  315.238689][ T8738] loop4: detected capacity change from 0 to 16
[  316.025897][ T8738] erofs: (device loop4): mounted with root inode @ nid 36.
[  317.111106][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  317.117585][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  317.140638][   T21] usb 5-1: unable to get BOS descriptor or descriptor too short
[  317.240653][   T21] usb 5-1: unable to read config index 0 descriptor/start: -71
[  317.250604][   T21] usb 5-1: can't read configurations, error -71
[  317.480628][ T4407] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  317.523303][ T8755] loop3: detected capacity change from 0 to 512
[  317.693021][ T8755] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  317.730587][ T4407] usb 6-1: Using ep0 maxpacket: 8
[  317.880778][ T4407] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  317.968675][ T4407] usb 6-1: config 0 has no interfaces?
[  318.150697][ T4407] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  318.226437][ T8755] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  318.412388][ T4407] usb 6-1: config 0 has no interfaces?
[  318.491274][ T4407] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  318.537888][ T8766] loop4: detected capacity change from 0 to 128
[  318.550559][ T4407] usb 6-1: config 0 has no interfaces?
[  318.561650][ T8764] loop2: detected capacity change from 0 to 1024
[  318.572312][ T4184] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  318.606202][ T8764] hfsplus: invalid length 32517 has been corrected to 255
[  318.640789][ T4407] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  318.668946][ T8766] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  318.681066][ T4407] usb 6-1: config 0 has no interfaces?
[  318.686706][ T4407] usb 6-1: New USB device found, idVendor=046d, idProduct=08b3, bcdDevice=6d.2a
[  318.700819][ T8766] ext4 filesystem being mounted at /252/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  318.710959][ T4407] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.738462][ T4407] usb 6-1: config 0 descriptor??
[  319.078227][ T8774] device syzkaller0 entered promiscuous mode
[  319.166326][ T8780] loop2: detected capacity change from 0 to 1024
[  319.246039][ T8780] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,errors=remount-ro,. Quota mode: none.
[  319.290385][ T8780] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  319.307134][ T8780] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.1338: inode has both inline data and extents flags
[  319.357370][ T8780] EXT4-fs (loop2): Remounting filesystem read-only
[  319.457857][ T8794] loop3: detected capacity change from 0 to 512
[  319.563865][ T8794] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  319.620813][ T8794] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  319.708427][ T8794] EXT4-fs (loop3): 1 orphan inode deleted
[  319.722488][ T8794] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,jqfmt=vfsv0,resgid=0x0000000000000000,mblk_io_submit,auto_da_alloc=0x0000000000000002,quota,. Quota mode: writeback.
[  319.831521][ T8794] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.756008][ T8806] loop2: detected capacity change from 0 to 512
[  320.853702][ T8806] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  320.944770][ T8806] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  321.088256][ T8814] loop3: detected capacity change from 0 to 128
[  321.118772][ T4407] usb 6-1: USB disconnect, device number 2
[  321.128923][ T4192] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  321.317421][ T8814] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  321.519384][ T8814] ext4 filesystem being mounted at /252/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  321.811765][ T8826] kvm [8825]: vcpu0, guest rIP: 0xfff0 unimplemented MMIO_CONF_BASE wrmsr: 0x5a67
[  322.890691][ T4407] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  323.140657][ T4407] usb 6-1: Using ep0 maxpacket: 16
[  323.260885][ T4407] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  323.282484][ T4407] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  323.324452][ T4407] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  323.396760][ T4407] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  323.426464][ T4407] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.469945][ T4407] usb 6-1: config 0 descriptor??
[  323.964212][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.010859][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.058195][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.102065][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.109365][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.270597][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.281809][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.290763][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.298042][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.305975][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.820531][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.834842][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.850685][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.858003][ T4407] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  324.917251][ T8860] loop3: detected capacity change from 0 to 1024
[  324.932754][ T4407] microsoft 0003:045E:07DA.0009: No inputs registered, leaving
[  324.954905][ T4407] microsoft 0003:045E:07DA.0009: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  324.974630][ T4407] microsoft 0003:045E:07DA.0009: no inputs found
[  325.034357][ T4407] microsoft 0003:045E:07DA.0009: could not initialize ff, continuing anyway
[  325.134321][ T4407] usb 6-1: USB disconnect, device number 3
[  325.544117][ T8860] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,errors=remount-ro,noauto_da_alloc,. Quota mode: none.
[  325.882735][ T8860] EXT4-fs error (device loop3): ext4_search_dir:1549: inode #12: block 7: comm syz.3.1361: bad entry in directory: inode out of bounds - offset=0, inode=150994957, rec_len=16, size=56 fake=0
[  325.969262][ T8871] fido_id[8871]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  325.999798][ T8860] EXT4-fs (loop3): Remounting filesystem read-only
[  326.186717][ T8878] loop2: detected capacity change from 0 to 1024
[  326.262732][ T8878] hfsplus: invalid length 32517 has been corrected to 255
[  327.051153][ T8889] loop4: detected capacity change from 0 to 512
[  327.755572][ T8889] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  327.780959][ T8889] ext4 filesystem being mounted at /260/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  327.926510][ T8908] loop7: detected capacity change from 0 to 7
[  327.963891][ T8889] EXT4-fs error (device loop4): ext4_get_first_dir_block:3619: inode #12: comm syz.4.1370: directory missing '..'
[  328.028590][ T8908] Dev loop7: unable to read RDB block 7
[  328.036397][ T8908]  loop7: unable to read partition table
[  328.121434][ T8908] loop7: partition table beyond EOD, truncated
[  328.166966][ T8908] loop_reread_partitions: partition scan of loop7 (þ被xü—ŸÑà– ) failed (rc=-5)
[  328.983562][ T8919] loop4: detected capacity change from 0 to 164
[  329.255907][ T8919] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  329.608920][ T8929] loop3: detected capacity change from 0 to 1024
[  329.681494][ T8929] hfsplus: invalid length 32517 has been corrected to 255
[  330.267041][ T8941] loop3: detected capacity change from 0 to 1024
[  330.324995][ T8941] hfsplus: failed to load root directory
[  330.529714][ T8948] loop2: detected capacity change from 0 to 512
[  330.608186][ T8948] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  330.738901][ T8948] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  330.872410][ T8948] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 3: comm syz.2.1389: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  330.905595][ T8948] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 12: comm syz.2.1389: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  330.968299][ T8948] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 13: comm syz.2.1389: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  331.021990][ T8948] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 14: comm syz.2.1389: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  331.120182][ T8948] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 15: comm syz.2.1389: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  331.152476][ T8967] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  331.250790][ T8948] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 16: comm syz.2.1389: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  331.320353][ T8948] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 17: comm syz.2.1389: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  331.492561][ T8978] loop4: detected capacity change from 0 to 512
[  331.508722][ T4192] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  332.570202][ T8978] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  332.610880][ T8978] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  332.750290][ T8990] loop2: detected capacity change from 0 to 256
[  332.844417][ T8990] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  332.915442][ T8990] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  333.010041][ T8990] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xaaf53d22, utbl_chksum : 0xe619d30d)
[  333.309631][ T9004] loop4: detected capacity change from 0 to 512
[  333.423956][ T9004] EXT4-fs (loop4): Unrecognized mount option "measure" or missing value
[  333.759019][ T9014] loop2: detected capacity change from 0 to 1024
[  333.846789][ T9014] hfsplus: invalid length 32517 has been corrected to 255
[  335.579114][ T9032] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  335.605653][ T9032] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  336.884916][ T9059] kmem_cache_create_usercopy(9p-fcall-cache-14) failed with error -22
[  336.893322][ T9059] CPU: 1 PID: 9059 Comm: syz.2.1425 Not tainted syzkaller #0
[  336.900745][ T9059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  336.910964][ T9059] Call Trace:
[  336.914288][ T9059]  <TASK>
[  336.917262][ T9059]  dump_stack_lvl+0x188/0x250
[  336.922018][ T9059]  ? show_regs_print_info+0x20/0x20
[  336.927274][ T9059]  ? load_image+0x400/0x400
[  336.931825][ T9059]  ? kmem_cache_create_usercopy+0x207/0x310
[  336.937775][ T9059]  kmem_cache_create_usercopy+0x28d/0x310
[  336.943548][ T9059]  p9_client_create+0xc53/0x1010
[  336.948687][ T9059]  ? p9_parse_header+0x3e0/0x3e0
[  336.953678][ T9059]  ? lockdep_softirqs_off+0x430/0x430
[  336.959118][ T9059]  ? __raw_spin_lock_init+0x41/0x100
[  336.964454][ T9059]  v9fs_session_init+0x1f0/0x1830
[  336.969615][ T9059]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  336.975754][ T9059]  ? v9fs_show_options+0x610/0x610
[  336.980981][ T9059]  v9fs_mount+0x72/0x850
[  336.985693][ T9059]  legacy_get_tree+0xe6/0x180
[  336.990429][ T9059]  ? xfs_fs_commit_blocks+0x6f0/0x6f0
[  336.996032][ T9059]  vfs_get_tree+0x88/0x270
[  337.000506][ T9059]  do_new_mount+0x24a/0xa40
[  337.005072][ T9059]  __se_sys_mount+0x2e3/0x3d0
[  337.009987][ T9059]  ? __x64_sys_mount+0xc0/0xc0
[  337.014845][ T9059]  ? __x64_sys_mount+0x1c/0xc0
[  337.019837][ T9059]  do_syscall_64+0x4c/0xa0
[  337.024297][ T9059]  ? clear_bhb_loop+0x30/0x80
[  337.029025][ T9059]  ? clear_bhb_loop+0x30/0x80
[  337.033763][ T9059]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  337.039723][ T9059] RIP: 0033:0x7fb0cd4f1f79
[  337.044300][ T9059] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  337.064282][ T9059] RSP: 002b:00007fb0cb72b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  337.072759][ T9059] RAX: ffffffffffffffda RBX: 00007fb0cd76c090 RCX: 00007fb0cd4f1f79
[  337.080871][ T9059] RDX: 0000200000000100 RSI: 0000200000000040 RDI: 0000000000000000
[  337.088890][ T9059] RBP: 00007fb0cd5887e0 R08: 0000200000000200 R09: 0000000000000000
[  337.097099][ T9059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.105303][ T9059] R13: 00007fb0cd76c128 R14: 00007fb0cd76c090 R15: 00007ffd55f20a68
[  337.113431][ T9059]  </TASK>
[  337.987153][ T9073] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  338.420730][   T21] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  338.690720][   T21] usb 3-1: Using ep0 maxpacket: 32
[  338.820873][   T21] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  338.834690][   T21] usb 3-1: config 0 has no interface number 0
[  339.040745][   T21] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  339.061657][   T21] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.090020][   T21] usb 3-1: Product: syz
[  339.108890][   T21] usb 3-1: Manufacturer: syz
[  339.124187][   T21] usb 3-1: SerialNumber: syz
[  339.152928][   T21] usb 3-1: config 0 descriptor??
[  339.231980][   T21] smsc95xx v2.0.0
[  340.050632][   T21] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  340.106157][   T21] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  340.181509][ T9102] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  340.241191][ T9102] device syzkaller0 entered promiscuous mode
[  340.397872][ T9104] loop3: detected capacity change from 0 to 128
[  340.650418][ T9104] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  340.710665][ T9104] ext4 filesystem being mounted at /272/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  340.820856][   T21] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000020: -71
[  340.841012][   T21] smsc95xx: probe of 3-1:0.67 failed with error -71
[  340.890342][   T21] usb 3-1: USB disconnect, device number 20
[  341.663606][ T9144] loop4: detected capacity change from 0 to 1024
[  341.780626][ T1108] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  341.788690][ T9144] hfsplus: invalid length 32517 has been corrected to 255
[  341.900081][ T9150] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  342.070673][ T1108] usb 6-1: Using ep0 maxpacket: 32
[  342.191255][ T1108] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.230570][ T1108] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  342.290240][ T1108] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.356869][ T1108] usb 6-1: config 0 descriptor??
[  342.452025][ T1108] hub 6-1:0.0: bad descriptor, ignoring hub
[  342.485089][ T1108] hub: probe of 6-1:0.0 failed with error -5
[  342.520748][ T1108] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  343.230693][ T4407] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  343.520562][ T4407] usb 3-1: Using ep0 maxpacket: 8
[  343.674032][ T4407] usb 3-1: config 0 interface 0 has no altsetting 0
[  343.687890][ T4407] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[  343.710343][ T4407] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.736903][ T4407] usb 3-1: config 0 descriptor??
[  344.029997][ T9194] loop4: detected capacity change from 0 to 128
[  344.077471][ T9194] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  344.092843][ T9194] ext4 filesystem being mounted at /281/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  344.133826][ T9194] fscrypt (loop4, inode 12): Unsupported encryption flags (0x08)
[  344.300852][ T4407] usbhid 3-1:0.0: can't add hid device: -71
[  344.308220][ T4407] usbhid: probe of 3-1:0.0 failed with error -71
[  344.375910][ T4407] usb 3-1: USB disconnect, device number 21
[  344.437114][ T9203] loop4: detected capacity change from 0 to 256
[  344.540801][ T4298] usb 6-1: USB disconnect, device number 4
[  344.577304][ T9203] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  344.702930][ T9203] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  344.757556][ T9203] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xaaf53d22, utbl_chksum : 0xe619d30d)
[  345.022564][ T9216] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  345.057725][ T9216] device syzkaller0 entered promiscuous mode
[  346.440137][ T9232] loop2: detected capacity change from 0 to 1024
[  346.560817][   T21] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  346.651759][ T9232] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,min_batch_time=0x0000000000000007,noquota,journal_ioprio=0x0000000000000003,errors=remount-ro,nodioread_nolock,. Quota mode: none.
[  346.681461][ T9232] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  346.737050][ T9232] EXT4-fs error (device loop2): ext4_map_blocks:739: inode #15: block 8: comm syz.2.1488: lblock 8 mapped to illegal pblock 8 (length 8)
[  346.763299][ T9232] EXT4-fs (loop2): Remounting filesystem read-only
[  346.776395][ T9232] EXT4-fs error (device loop2): ext4_ext_remove_space:2929: inode #15: comm syz.2.1488: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  346.830614][   T21] usb 5-1: Using ep0 maxpacket: 8
[  346.931084][ T9232] EXT4-fs (loop2): Remounting filesystem read-only
[  347.004713][   T21] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  347.544940][   T21] usb 5-1: config 0 has no interfaces?
[  347.911512][   T21] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  347.928906][   T21] usb 5-1: config 0 has no interfaces?
[  348.114270][   T21] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.164621][   T21] usb 5-1: config 0 has no interfaces?
[  349.030519][   T21] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  349.080210][   T21] usb 5-1: config 0 has no interfaces?
[  349.098460][ T9253] loop2: detected capacity change from 0 to 512
[  349.110685][   T21] usb 5-1: New USB device found, idVendor=046d, idProduct=08b3, bcdDevice=6d.2a
[  349.122551][   T21] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.143771][   T21] usb 5-1: config 0 descriptor??
[  349.260998][   T21] usb 5-1: USB disconnect, device number 31
[  349.310139][ T9253] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  349.439086][ T9253] EXT4-fs (loop2): shut down requested (1)
[  349.531277][ T9265] loop4: detected capacity change from 0 to 1024
[  349.616201][ T9265] EXT4-fs (loop4): Ignoring removed bh option
[  349.626291][ T9265] EXT4-fs (loop4): Ignoring removed nobh option
[  349.660875][ T9265] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  349.866693][ T9265] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,bsddf,bh,max_dir_size_kb=0x00000000004007b1,data_err=ignore,nouid32,nobh,user_xattr,nombcache,dioread_nolock,,errors=continue. Quota mode: none.
[  352.309118][ T9294] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1503'.
[  353.220229][ T9314] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  353.266134][ T9314] device syzkaller0 entered promiscuous mode
[  354.301332][ T9335] loop4: detected capacity change from 0 to 512
[  354.411470][ T9335] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  354.554536][ T9335] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  354.862780][ T9346] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1521'.
[  355.391546][ T9361] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  355.445550][ T9362] device syzkaller0 entered promiscuous mode
[  356.268909][ T9378] loop3: detected capacity change from 0 to 512
[  356.404322][ T9378] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  356.506284][ T9378] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  356.883700][ T9389] loop3: detected capacity change from 0 to 128
[  357.034387][ T9389] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  357.090729][ T9389] ext4 filesystem being mounted at /287/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  357.219309][ T9389] EXT4-fs error (device loop3): dx_make_map:1328: inode #2: block 20: comm syz.3.1535: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  357.361105][ T9389] EXT4-fs error (device loop3) in do_split:2095: Corrupt filesystem
[  357.663120][ T9396] 9p: Unknown uid 18446744073709551615
[  358.157183][ T9403] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1539'.
[  360.486331][ T9416] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  360.501597][ T9416] device syzkaller0 entered promiscuous mode
[  361.924626][ T9446] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  362.379159][ T9456] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1554'.
[  363.105804][ T9459] loop4: detected capacity change from 0 to 1024
[  363.177398][ T9459] hfsplus: invalid length 32517 has been corrected to 255
[  365.785995][ T9488] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1566'.
[  366.500670][ T4407] usb 3-1: new low-speed USB device number 22 using dummy_hcd
[  366.624166][ T9505] loop4: detected capacity change from 0 to 1024
[  366.790563][ T4407] usb 3-1: device descriptor read/64, error -71
[  366.972193][ T9505] hfsplus: invalid length 32517 has been corrected to 255
[  367.190637][ T4407] usb 3-1: new low-speed USB device number 23 using dummy_hcd
[  367.454294][ T4407] usb 3-1: device descriptor read/64, error -71
[  367.590799][ T4407] usb usb3-port1: attempt power cycle
[  367.810250][   T26] audit: type=1326 audit(1771320738.632:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9524 comm="syz.3.1579" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f159f71ef79 code=0x0
[  368.153948][ T9538] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1581'.
[  368.354251][ T4407] usb 3-1: new low-speed USB device number 24 using dummy_hcd
[  368.450864][ T4407] usb 3-1: device descriptor read/8, error -71
[  368.730999][ T4407] usb 3-1: new low-speed USB device number 25 using dummy_hcd
[  369.041565][ T4407] usb 3-1: device descriptor read/8, error -71
[  369.163903][ T4407] usb usb3-port1: unable to enumerate USB device
[  369.401675][ T9546] loop3: detected capacity change from 0 to 512
[  369.495444][ T9546] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  369.583577][ T9546] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  369.717024][ T9546] EXT4-fs (loop3): 1 orphan inode deleted
[  369.750863][ T9546] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,jqfmt=vfsv0,resgid=0x0000000000000000,mblk_io_submit,auto_da_alloc=0x0000000000000002,quota,. Quota mode: writeback.
[  369.910779][ T9546] ext4 filesystem being mounted at /296/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  370.784740][ T4184] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz-executor: iget: bad i_size value: 360287970189639690
[  370.798356][ T9578] loop4: detected capacity change from 0 to 128
[  370.826801][ T4184] EXT4-fs (loop3): Remounting filesystem read-only
[  370.845420][ T4184] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz-executor: iget: bad i_size value: 360287970189639690
[  370.870077][ T4184] EXT4-fs (loop3): Remounting filesystem read-only
[  372.125279][ T9578] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  372.686573][ T9578] ext4 filesystem being mounted at /309/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  373.669687][ T9599] loop4: detected capacity change from 0 to 1024
[  373.753047][ T9599] hfsplus: invalid length 32517 has been corrected to 255
[  374.577377][   T21] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  375.051357][   T21] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  375.115678][   T21] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  375.650822][ T9621] loop2: detected capacity change from 0 to 128
[  375.660955][   T21] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  375.671040][   T21] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.679096][   T21] usb 5-1: Product: syz
[  375.683856][   T21] usb 5-1: Manufacturer: syz
[  375.689306][   T21] usb 5-1: SerialNumber: syz
[  375.712654][   T21] usb 5-1: config 0 descriptor??
[  375.780848][ T9603] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  375.835097][ T9603] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  375.876162][ T9621] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  375.891426][ T9621] ext4 filesystem being mounted at /330/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  376.099726][ T9603] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  376.117753][ T9603] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  376.198228][ T9633] loop2: detected capacity change from 0 to 2048
[  376.284892][ T4175]  loop2: p2 < > p4
[  376.297859][ T4175] loop2: p4 size 262144 extends beyond EOD, truncated
[  376.368697][ T9633]  loop2: p2 < > p4
[  376.442418][ T9633] loop2: p4 size 262144 extends beyond EOD, truncated
[  376.492308][ T9618] chnl_net:caif_netlink_parms(): no params data found
[  376.620805][   T23] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  376.841177][ T9618] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.848455][ T9618] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.865415][ T9618] device bridge_slave_0 entered promiscuous mode
[  376.878712][ T9618] bridge0: port 2(bridge_slave_1) entered blocking state
[  376.890562][   T23] usb 3-1: Using ep0 maxpacket: 32
[  376.897626][ T9618] bridge0: port 2(bridge_slave_1) entered disabled state
[  376.930653][ T9618] device bridge_slave_1 entered promiscuous mode
[  377.028183][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.078570][ T9618] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  377.090502][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  377.113806][   T23] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  377.126606][ T9618] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  377.140679][   T21] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[  377.159979][   T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.174888][   T21] dm9601 5-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet, 00:00:0d:01:01:03
[  377.208315][   T23] usb 3-1: config 0 descriptor??
[  377.240703][   T21] usb 5-1: USB disconnect, device number 32
[  377.267916][   T21] dm9601 5-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet
[  377.292695][   T23] hub 3-1:0.0: USB hub found
[  377.375991][ T9618] team0: Port device team_slave_0 added
[  377.441905][ T9618] team0: Port device team_slave_1 added
[  377.550988][   T23] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  377.578109][ T9618] batman_adv: batadv0: Adding interface: batadv_slave_0
[  377.596263][ T9618] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  377.662078][ T9648] loop4: detected capacity change from 0 to 512
[  377.697444][ T9618] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  377.710825][   T13] Bluetooth: hci1: command 0x0409 tx timeout
[  377.720790][   T23] usbhid 3-1:0.0: can't add hid device: -71
[  377.726833][   T23] usbhid: probe of 3-1:0.0 failed with error -71
[  377.750693][ T9648] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  377.843042][ T9618] batman_adv: batadv0: Adding interface: batadv_slave_1
[  377.850048][ T9618] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  377.886154][   T23] usb 3-1: USB disconnect, device number 26
[  377.913576][ T9648] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  378.030009][ T9618] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  378.069283][ T9648] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.1615: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  378.181067][ T9648] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 12: comm syz.4.1615: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  378.208565][ T9618] device hsr_slave_0 entered promiscuous mode
[  378.254851][ T9618] device hsr_slave_1 entered promiscuous mode
[  378.271087][ T9618] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  378.313632][ T9618] Cannot create hsr debugfs directory
[  378.391359][ T9648] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 13: comm syz.4.1615: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  378.513325][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  378.519982][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  378.959545][ T4185] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  379.263909][ T9681] loop2: detected capacity change from 0 to 2048
[  379.307820][ T9618] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  379.349803][ T9618] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  379.379661][ T9681] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  379.400343][ T9618] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  379.441607][ T9618] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  379.745616][ T9618] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.791172][ T8314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  379.808096][ T8314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  379.844789][ T9618] 8021q: adding VLAN 0 to HW filter on device team0
[  379.896062][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  379.922575][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  379.961304][ T1441] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.968436][ T1441] bridge0: port 1(bridge_slave_0) entered forwarding state
[  379.997842][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  380.033552][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  380.060939][ T1441] bridge0: port 2(bridge_slave_1) entered blocking state
[  380.068074][ T1441] bridge0: port 2(bridge_slave_1) entered forwarding state
[  380.118831][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  380.150222][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  380.168709][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  380.195419][   T13] Bluetooth: hci1: command 0x041b tx timeout
[  380.210374][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  380.221395][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  380.231296][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  380.521997][ T9618] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  380.577587][ T9618] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  381.196150][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  381.261395][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  381.320599][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  381.329332][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  381.405065][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  381.422334][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  381.431430][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  381.783548][ T8314] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  381.823081][ T8314] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  381.913368][ T9618] 8021q: adding VLAN 0 to HW filter on device batadv0
[  382.270842][ T4228] Bluetooth: hci1: command 0x040f tx timeout
[  382.490649][   T13] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[  382.799954][ T9757] loop4: detected capacity change from 0 to 512
[  382.844669][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  382.859708][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  382.861559][   T13] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  382.915745][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  382.929270][ T9757] EXT4-fs (loop4): Unsupported encryption level 67
[  382.937778][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  382.939260][   T13] usb 6-1: config 0 has no interfaces?
[  382.983044][ T9618] device veth0_vlan entered promiscuous mode
[  382.997798][   T13] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  383.009166][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  383.016636][   T13] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.062155][   T13] usb 6-1: config 0 descriptor??
[  383.067691][ T5184] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  383.112118][ T9618] device veth1_vlan entered promiscuous mode
[  383.203083][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  383.243892][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  383.278562][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  383.298018][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  383.413239][   T21] usb 6-1: USB disconnect, device number 5
[  385.074633][ T4228] Bluetooth: hci1: command 0x0419 tx timeout
[  385.109985][ T9618] device veth0_macvtap entered promiscuous mode
[  385.126534][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  385.152334][ T9618] device veth1_macvtap entered promiscuous mode
[  385.194330][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.206268][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.216875][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.260602][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.285845][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.307678][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.339083][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.370503][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.420629][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.457803][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.538482][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.567161][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.598897][ T9618] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.650919][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  385.660055][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  385.697812][ T9781] device syzkaller0 entered promiscuous mode
[  385.708032][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.722250][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.745353][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.760242][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.774516][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.788351][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.798770][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.321027][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.450555][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.508261][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.537420][ T9795] loop2: detected capacity change from 0 to 512
[  386.570894][ T9618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.650743][ T9795] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  386.680042][ T9618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.733517][ T9618] batman_adv: batadv0: Interface activated: batadv_slave_1
[  386.788146][ T9795] EXT4-fs (loop2): 1 truncate cleaned up
[  386.805576][ T9618] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.828927][ T9795] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,noload,data_err=abort,noload,data_err=ignore,auto_da_alloc,,errors=continue. Quota mode: none.
[  386.866648][ T9618] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.903160][ T9618] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.986007][ T9618] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.410564][ T4772] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  387.450080][ T4772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  387.701569][ T4770] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.723562][ T4770] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.749356][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  387.845160][ T4770] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.866657][ T4770] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.916469][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  388.057965][ T9815] loop4: detected capacity change from 0 to 512
[  388.247345][ T9815] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  389.184397][ T9815] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  389.250005][ T9815] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.1651: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  389.286486][ T9815] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 12: comm syz.4.1651: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  389.341334][ T9815] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 13: comm syz.4.1651: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  389.497863][ T9815] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 14: comm syz.4.1651: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  389.797003][ T9836] device syzkaller0 entered promiscuous mode
[  389.859811][ T9838] loop6: detected capacity change from 0 to 1024
[  389.914553][ T4185] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  389.970253][ T9838] EXT4-fs (loop6): Ignoring removed orlov option
[  390.045152][ T9838] EXT4-fs (loop6): mounted filesystem without journal. Opts: block_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,norecovery,,errors=continue. Quota mode: none.
[  391.137424][ T9838] EXT4-fs (loop6): re-mounted. Opts: (null). Quota mode: none.
[  391.370610][ T9806] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  392.380526][ T9806] usb 3-1: Using ep0 maxpacket: 32
[  392.500782][ T9806] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  392.516507][ T9806] usb 3-1: config 0 has no interface number 0
[  392.680795][ T9806] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  392.700522][ T9806] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.724748][ T9806] usb 3-1: Product: syz
[  392.743806][ T9806] usb 3-1: Manufacturer: syz
[  392.761253][ T9806] usb 3-1: SerialNumber: syz
[  392.798294][ T9806] usb 3-1: config 0 descriptor??
[  392.857596][ T9877] loop6: detected capacity change from 0 to 512
[  392.867704][ T9806] smsc95xx v2.0.0
[  392.930695][ T4229] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  392.952622][ T9877] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  393.053125][ T9877] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  393.207278][ T9877] EXT4-fs error (device loop6): ext4_readdir:263: inode #2: block 3: comm syz.6.1670: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  393.290673][ T9806] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  393.320802][ T9806] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  393.340821][ T4229] usb 6-1: config 0 has an invalid interface number: 11 but max is 0
[  393.358044][ T4229] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  393.379264][ T9877] EXT4-fs error (device loop6): ext4_readdir:263: inode #2: block 12: comm syz.6.1670: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  393.425872][ T4229] usb 6-1: config 0 has no interface number 0
[  393.454494][ T4229] usb 6-1: config 0 interface 11 altsetting 253 endpoint 0x7 has an invalid bInterval 0, changing to 10
[  393.486953][ T9877] EXT4-fs error (device loop6): ext4_readdir:263: inode #2: block 13: comm syz.6.1670: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  393.491249][ T4229] usb 6-1: config 0 interface 11 altsetting 253 endpoint 0x7 has invalid maxpacket 1279, setting to 64
[  393.585174][ T9877] EXT4-fs error (device loop6): ext4_readdir:263: inode #2: block 14: comm syz.6.1670: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  393.612054][ T4229] usb 6-1: config 0 interface 11 altsetting 253 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  393.650739][ T9806] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  393.661898][ T4229] usb 6-1: config 0 interface 11 has no altsetting 0
[  393.692571][ T9806] smsc95xx: probe of 3-1:0.67 failed with error -32
[  393.702631][ T4229] usb 6-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  393.739907][ T9806] usb 3-1: USB disconnect, device number 27
[  393.746241][ T4229] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.819217][ T9618] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  393.840965][ T4229] usb 6-1: config 0 descriptor??
[  393.860911][ T9869] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  393.882527][ T4229] keyspan 6-1:0.11: Keyspan 2 port adapter converter detected
[  393.910966][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 87
[  393.930359][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 81
[  393.958965][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 82
[  393.980617][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 1
[  394.009158][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 2
[  394.029474][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 85
[  394.058435][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 5
[  394.155200][ T4229] usb 6-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  394.172522][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 83
[  394.204884][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 84
[  394.231960][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 3
[  394.250168][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 4
[  394.263504][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 86
[  395.427853][ T4229] keyspan 6-1:0.11: found no endpoint descriptor for endpoint 6
[  395.458612][ T4229] usb 6-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  395.476951][ T4229] usb 6-1: USB disconnect, device number 6
[  395.508539][ T9893] loop7: detected capacity change from 0 to 7
[  395.540716][ T9893] Dev loop7: unable to read RDB block 7
[  395.561107][ T4229] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  395.588067][ T4229] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  395.595539][ T9893]  loop7: unable to read partition table
[  395.643902][ T9893] loop7: partition table beyond EOD, truncated
[  395.692251][ T9897] device syzkaller0 entered promiscuous mode
[  395.757413][ T9893] loop_reread_partitions: partition scan of loop7 (þ被xü—ŸÑà– ) failed (rc=-5)
[  395.949984][ T9903] loop4: detected capacity change from 0 to 8
[  397.221439][ T4229] keyspan 6-1:0.11: device disconnected
[  397.556129][ T9917] loop2: detected capacity change from 0 to 1024
[  397.949035][ T9917] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  400.062630][ T4229] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  401.459770][ T9949] loop4: detected capacity change from 0 to 512
[  401.727476][ T9949] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  401.878565][ T9955] device syzkaller0 entered promiscuous mode
[  402.757545][ T9972] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  402.784224][ T9975] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1698'.
[  402.796310][ T9973] loop6: detected capacity change from 0 to 512
[  402.851009][ T9973] EXT4-fs (loop6): Quota format mount options ignored when QUOTA feature is enabled
[  402.927113][ T9973] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  403.118223][ T9973] EXT4-fs (loop6): 1 orphan inode deleted
[  403.140633][ T9973] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,jqfmt=vfsv0,resgid=0x0000000000000000,mblk_io_submit,auto_da_alloc=0x0000000000000002,quota,. Quota mode: writeback.
[  403.912336][ T9973] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  404.267540][ T9989] loop4: detected capacity change from 0 to 512
[  404.288335][ T9618] EXT4-fs error (device loop6): ext4_lookup:1858: inode #15: comm syz-executor: iget: bad i_size value: 360287970189639690
[  404.355522][ T9618] EXT4-fs (loop6): Remounting filesystem read-only
[  404.399584][ T9618] EXT4-fs error (device loop6): ext4_lookup:1858: inode #15: comm syz-executor: iget: bad i_size value: 360287970189639690
[  404.484428][ T9618] EXT4-fs (loop6): Remounting filesystem read-only
[  404.553217][ T9989] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  404.605046][ T9989] ext4 filesystem being mounted at /333/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  405.164169][T10012] loop2: detected capacity change from 0 to 2048
[  405.184467][T10014] loop7: detected capacity change from 0 to 7
[  405.204680][ T5184] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.238343][T10014] Dev loop7: unable to read RDB block 7
[  405.248319][T10014]  loop7: unable to read partition table
[  405.273895][T10014] loop7: partition table beyond EOD, truncated
[  405.299964][T10014] loop_reread_partitions: partition scan of loop7 (þ被xü—ŸÑà– ) failed (rc=-5)
[  405.385717][ T5184] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.533943][T10012] loop2: detected capacity change from 0 to 1024
[  405.587735][ T5184] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.728395][ T5184] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.840574][ T1111] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  406.009992][T10031] loop2: detected capacity change from 0 to 512
[  406.102267][T10031] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,journal_ioprio=0x0000000000000000,quota,,errors=continue. Quota mode: writeback.
[  406.210839][ T1111] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.283291][ T1111] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  406.293576][T10031] ext4 filesystem being mounted at /349/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  406.374922][T10031] EXT4-fs warning (device loop2): ext4_group_extend:1823: can't shrink FS - resize aborted
[  406.530699][ T1111] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  406.571583][ T1111] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.611810][ T1111] usb 6-1: Product: syz
[  406.616042][ T1111] usb 6-1: Manufacturer: syz
[  406.660661][ T1111] usb 6-1: SerialNumber: syz
[  406.727321][ T1111] usb 6-1: config 0 descriptor??
[  407.119077][T10027] chnl_net:caif_netlink_parms(): no params data found
[  408.080518][ T4187] Bluetooth: hci1: command 0x0409 tx timeout
[  408.197223][ T4187] usb 6-1: USB disconnect, device number 8
[  408.355255][T10065] loop7: detected capacity change from 0 to 7
[  408.396402][T10065] Dev loop7: unable to read RDB block 7
[  408.421233][T10065]  loop7: unable to read partition table
[  408.603881][T10065] loop7: partition table beyond EOD, truncated
[  408.645390][T10027] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.692763][T10065] loop_reread_partitions: partition scan of loop7 (þ被xü—ŸÑà– ) failed (rc=-5)
[  408.715069][T10027] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.736478][T10027] device bridge_slave_0 entered promiscuous mode
[  408.837645][T10027] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.855856][T10027] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.894704][T10027] device bridge_slave_1 entered promiscuous mode
[  409.123435][T10027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  409.187340][T10027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  409.230699][ T4228] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  409.323180][T10027] team0: Port device team_slave_0 added
[  409.377693][T10027] team0: Port device team_slave_1 added
[  409.584138][T10027] batman_adv: batadv0: Adding interface: batadv_slave_0
[  409.620455][T10027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.691213][ T4228] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  409.722576][ T4228] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  409.732602][T10027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  409.777418][T10027] batman_adv: batadv0: Adding interface: batadv_slave_1
[  409.814322][T10027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.897916][T10027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  410.041675][T10027] device hsr_slave_0 entered promiscuous mode
[  410.070230][T10027] device hsr_slave_1 entered promiscuous mode
[  410.128395][T10027] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  410.160644][T10027] Cannot create hsr debugfs directory
[  410.880144][T10027] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  410.966907][T10027] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  411.015744][ T4229] Bluetooth: hci1: command 0x041b tx timeout
[  412.010076][ T4228] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  412.031238][ T4228] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.039367][ T4228] usb 3-1: Product: syz
[  412.120261][ T5184] device hsr_slave_0 left promiscuous mode
[  412.143629][ T5184] device hsr_slave_1 left promiscuous mode
[  412.221446][ T5184] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  412.250293][ T5184] batman_adv: batadv0: Removing interface: batadv_slave_0
[  412.279470][ T5184] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  412.321351][ T4228] usb 3-1: Manufacturer: syz
[  412.326073][ T4228] usb 3-1: SerialNumber: syz
[  412.331255][ T5184] batman_adv: batadv0: Removing interface: batadv_slave_1
[  412.351153][ T4228] usb 3-1: config 0 descriptor??
[  412.365873][ T5184] device bridge_slave_1 left promiscuous mode
[  412.380635][ T4228] usb 3-1: can't set config #0, error -71
[  412.407574][ T5184] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.411105][ T4228] usb 3-1: USB disconnect, device number 28
[  412.540086][ T5184] device bridge_slave_0 left promiscuous mode
[  412.576645][ T5184] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.693868][ T5184] device veth1_macvtap left promiscuous mode
[  412.710936][ T5184] device veth0_macvtap left promiscuous mode
[  412.767662][ T5184] device veth1_vlan left promiscuous mode
[  412.800626][ T5184] device veth0_vlan left promiscuous mode
[  412.835606][T10129] loop2: detected capacity change from 0 to 164
[  413.090708][ T4228] Bluetooth: hci1: command 0x040f tx timeout
[  415.003185][   T21] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  415.161344][ T4229] Bluetooth: hci1: command 0x0419 tx timeout
[  415.214887][ T5184] team0 (unregistering): Port device team_slave_1 removed
[  415.251876][ T5184] team0 (unregistering): Port device team_slave_0 removed
[  415.302658][ T5184] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  415.337459][ T5184] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  415.380860][   T21] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  415.390844][   T21] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  415.445075][ T5184] bond0 (unregistering): Released all slaves
[  415.499178][T10027] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  415.508674][T10027] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  415.570740][   T21] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  415.580159][   T21] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  415.599459][   T21] usb 3-1: Product: syz
[  415.605748][   T21] usb 3-1: Manufacturer: syz
[  415.651715][   T21] usb 3-1: SerialNumber: syz
[  415.661057][   T21] usb 3-1: config 0 descriptor??
[  415.691114][T10141] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  415.698263][T10141] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  415.875670][T10156] 9pnet: Insufficient options for proto=fd
[  415.931100][T10027] 8021q: adding VLAN 0 to HW filter on device bond0
[  415.977107][T10141] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  415.978483][ T4842] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  416.000616][T10141] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  416.032613][ T4842] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  416.059639][T10027] 8021q: adding VLAN 0 to HW filter on device team0
[  416.089452][T10163] loop4: detected capacity change from 0 to 512
[  416.098756][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  416.117548][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  416.130579][   T13] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  416.168435][T10163] EXT4-fs (loop4): Unsupported encryption level 67
[  416.191301][ T9851] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.198451][ T9851] bridge0: port 1(bridge_slave_0) entered forwarding state
[  416.246855][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  416.309835][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  416.341527][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  416.399811][ T9851] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.406991][ T9851] bridge0: port 2(bridge_slave_1) entered forwarding state
[  416.422939][   T13] usb 6-1: Using ep0 maxpacket: 16
[  416.465527][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  416.476082][T10174] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1750'.
[  416.500622][   T21] Error reading MAC address
[  416.526333][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  416.551185][   T13] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  416.580073][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  416.590541][   T13] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  416.634450][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  416.642787][   T13] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  416.661754][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  416.679335][   T13] usb 6-1: config 0 interface 0 has no altsetting 0
[  416.703299][   T21] usb 3-1: USB disconnect, device number 29
[  416.715379][   T13] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  416.726822][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  416.747664][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  416.756346][   T13] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.777231][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  416.801511][   T13] usb 6-1: config 0 descriptor??
[  416.819184][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  416.881046][T10027] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  416.937162][T10027] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  416.961842][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  416.981934][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  417.309172][   T13] hid (null): unknown global tag 0xc
[  417.345653][   T13] hid (null): unknown global tag 0xe
[  417.355774][   T13] hid (null): unknown global tag 0xd
[  417.380585][   T13] hid (null): unknown global tag 0xe
[  417.386140][   T13] hid (null): unknown global tag 0xd
[  417.406389][   T13] hid (null): invalid report_size 1221825115
[  417.434771][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  417.437042][   T13] hid (null): unknown global tag 0xc
[  417.456311][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  417.507717][ T4228] usb 6-1: USB disconnect, device number 9
[  417.508150][T10027] 8021q: adding VLAN 0 to HW filter on device batadv0
[  418.698156][T10214] loop2: detected capacity change from 0 to 128
[  419.183606][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  419.212175][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  419.301787][   T13] usb 3-1: new full-speed USB device number 30 using dummy_hcd
[  419.363544][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  419.401538][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  419.454457][T10027] device veth0_vlan entered promiscuous mode
[  419.480111][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  419.512910][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  419.566166][T10027] device veth1_vlan entered promiscuous mode
[  419.670771][   T13] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  419.706735][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  419.778188][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  419.826223][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  419.892976][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  419.910835][   T13] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  419.934589][   T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.965635][T10027] device veth0_macvtap entered promiscuous mode
[  419.974074][   T13] usb 3-1: Product: syz
[  420.014734][   T13] usb 3-1: Manufacturer: syz
[  420.019388][   T13] usb 3-1: SerialNumber: syz
[  420.027122][T10027] device veth1_macvtap entered promiscuous mode
[  420.097070][   T13] usb 3-1: config 0 descriptor??
[  420.167765][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.225897][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.269965][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.327027][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.360510][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  420.420274][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.463826][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  422.252092][ T4228] usb 3-1: USB disconnect, device number 30
[  422.311342][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.420557][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  422.464905][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.508101][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  422.555291][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.591708][T10027] batman_adv: batadv0: Interface activated: batadv_slave_0
[  422.613740][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  422.635107][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  422.675074][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  422.701580][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  422.714862][T10269] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  422.750716][T10269] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  422.775919][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  422.830338][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.869060][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  422.911260][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  422.932704][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  422.972151][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.030822][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.061147][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.085529][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.108394][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.140602][T10027] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.170502][T10027] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.207595][T10027] batman_adv: batadv0: Interface activated: batadv_slave_1
[  423.236328][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  423.255297][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  423.309175][T10027] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  423.338552][T10027] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.377984][T10027] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.448778][T10027] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  424.474591][ T4770] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  424.493591][ T4770] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.526886][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  424.570634][ T4771] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  424.593564][ T4771] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.638631][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  424.680613][   T13] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  424.828157][T10288] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1775'.
[  425.157033][T10314] loop7: detected capacity change from 0 to 512
[  425.231560][   T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  425.253961][T10314] EXT4-fs (loop7): Quota format mount options ignored when QUOTA feature is enabled
[  425.273922][   T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.294420][T10314] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  425.320613][   T13] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  425.372436][   T13] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  425.394426][T10314] EXT4-fs (loop7): 1 orphan inode deleted
[  425.422684][T10314] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,jqfmt=vfsv0,resgid=0x0000000000000000,mblk_io_submit,auto_da_alloc=0x0000000000000002,quota,. Quota mode: writeback.
[  425.470837][T10314] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  425.481525][   T13] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.547984][   T13] usb 3-1: config 0 descriptor??
[  425.696305][T10027] EXT4-fs error (device loop7): ext4_lookup:1858: inode #15: comm syz-executor: iget: bad i_size value: 360287970189639690
[  425.893314][T10027] EXT4-fs (loop7): Remounting filesystem read-only
[  425.900340][T10027] EXT4-fs error (device loop7): ext4_lookup:1858: inode #15: comm syz-executor: iget: bad i_size value: 360287970189639690
[  426.238573][T10027] EXT4-fs (loop7): Remounting filesystem read-only
[  426.252433][   T13] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  426.408598][   T13] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  426.553325][T10329] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  426.628647][T10329] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  426.887459][ T4771] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.932316][T10338] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  427.025303][ T4771] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.152883][ T4771] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.345374][ T4771] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  428.258719][T10393] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1795'.
[  428.310642][T10396] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  428.336224][T10371] chnl_net:caif_netlink_parms(): no params data found
[  428.756944][ T9806] usb 3-1: USB disconnect, device number 31
[  428.803818][T10371] bridge0: port 1(bridge_slave_0) entered blocking state
[  428.845175][T10371] bridge0: port 1(bridge_slave_0) entered disabled state
[  428.876706][T10371] device bridge_slave_0 entered promiscuous mode
[  428.957145][ T4771] device hsr_slave_0 left promiscuous mode
[  428.971344][ T4771] device hsr_slave_1 left promiscuous mode
[  428.984693][ T4771] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  428.999244][ T4771] batman_adv: batadv0: Removing interface: batadv_slave_0
[  429.014688][T10420] loop2: detected capacity change from 0 to 512
[  429.021154][ T4771] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  429.054094][ T4771] batman_adv: batadv0: Removing interface: batadv_slave_1
[  429.100670][ T4771] device bridge_slave_1 left promiscuous mode
[  429.106990][ T4771] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.121428][T10420] EXT4-fs (loop2): Unsupported encryption level 67
[  429.158246][ T4771] device bridge_slave_0 left promiscuous mode
[  429.178065][ T4771] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.209323][ T4771] device veth1_macvtap left promiscuous mode
[  429.239519][ T4771] device veth0_macvtap left promiscuous mode
[  429.255739][ T4771] device veth1_vlan left promiscuous mode
[  429.265546][ T4771] device veth0_vlan left promiscuous mode
[  429.871279][ T1111] Bluetooth: hci1: command 0x0409 tx timeout
[  430.312904][ T4771] team0 (unregistering): Port device team_slave_1 removed
[  430.336853][ T4771] team0 (unregistering): Port device team_slave_0 removed
[  430.353387][ T4771] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  430.372002][ T4771] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  430.459336][ T4771] bond0 (unregistering): Released all slaves
[  430.517091][T10371] bridge0: port 2(bridge_slave_1) entered blocking state
[  430.524573][T10371] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.533758][T10371] device bridge_slave_1 entered promiscuous mode
[  430.544561][T10432] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  430.632307][T10371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  430.673924][T10371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  430.856231][T10371] team0: Port device team_slave_0 added
[  430.933367][T10371] team0: Port device team_slave_1 added
[  431.030888][T10371] batman_adv: batadv0: Adding interface: batadv_slave_0
[  431.073016][T10371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.152192][T10371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  431.206600][T10371] batman_adv: batadv0: Adding interface: batadv_slave_1
[  431.220630][ T4229] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  431.237598][T10371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.326784][T10472] loop4: detected capacity change from 0 to 2048
[  431.336889][T10371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  431.380706][ T1111] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  431.398085][T10472] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  431.541242][T10371] device hsr_slave_0 entered promiscuous mode
[  431.570168][T10371] device hsr_slave_1 entered promiscuous mode
[  431.613033][T10371] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  431.643690][T10371] Cannot create hsr debugfs directory
[  431.650961][ T4229] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[  431.670468][ T4229] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[  431.716403][ T4229] usb 6-1: config 0 interface 0 has no altsetting 0
[  431.790795][   T21] Bluetooth: hci0: command 0x0406 tx timeout
[  431.900829][ T1111] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  431.940536][ T1111] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.974419][ T1111] usb 3-1: Product: syz
[  431.978681][ T1111] usb 3-1: Manufacturer: syz
[  432.033888][ T1111] usb 3-1: SerialNumber: syz
[  432.065854][   T21] Bluetooth: hci1: command 0x041b tx timeout
[  432.312587][T10371] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  432.416440][T10371] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  432.473997][T10371] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  432.535897][T10371] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  432.760617][ T1111] (unnamed net_device) (uninitialized): Assigned a random MAC address: ae:cd:c0:68:8d:5d
[  432.922869][ T1111] rtl8150 3-1:1.0: eth9: rtl8150 is detected
[  433.294026][T10371] 8021q: adding VLAN 0 to HW filter on device bond0
[  433.384314][T10371] 8021q: adding VLAN 0 to HW filter on device team0
[  433.439026][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  433.453847][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  433.485426][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  433.523542][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  433.550221][ T4770] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.557703][ T4770] bridge0: port 1(bridge_slave_0) entered forwarding state
[  433.605657][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  433.635600][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  433.683214][ T4770] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.690640][ T4770] bridge0: port 2(bridge_slave_1) entered forwarding state
[  433.730578][ T4229] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  433.739707][ T4229] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  433.758807][ T4229] usb 6-1: Product: syz
[  433.769530][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  433.775049][ T4229] usb 6-1: Manufacturer: syz
[  433.784115][ T4229] usb 6-1: SerialNumber: syz
[  433.799908][ T4229] usb 6-1: config 0 descriptor??
[  433.821921][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  433.856528][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  433.868754][ T4229] usb 6-1: selecting invalid altsetting 0
[  433.896896][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  433.996644][ T4229] usb 6-1: USB disconnect, device number 10
[  434.009593][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  434.037617][T10532] loop4: detected capacity change from 0 to 512
[  434.048442][ T9806] usb 3-1: USB disconnect, device number 32
[  434.069243][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  434.111084][ T4187] Bluetooth: hci1: command 0x040f tx timeout
[  434.144788][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  434.173957][T10532] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  434.200120][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  434.222770][T10532] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  434.300889][T10371] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  434.313438][T10532] EXT4-fs (loop4): 1 orphan inode deleted
[  434.314766][T10371] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  434.330596][ T4177] udevd[4177]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  434.381330][T10532] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,jqfmt=vfsv0,resgid=0x0000000000000000,mblk_io_submit,auto_da_alloc=0x0000000000000002,quota,. Quota mode: writeback.
[  434.404388][T10532] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  434.512107][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  434.559759][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  434.652258][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  434.661026][ T4229] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  435.241489][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  435.294751][ T1441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  435.391645][T10557] binder: 10556:10557 ioctl c0306201 0 returned -14
[  435.477571][ T4229] usb 6-1: Using ep0 maxpacket: 32
[  435.610786][ T4229] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  435.624537][ T4229] usb 6-1: config 0 has no interface number 0
[  435.644561][ T4229] usb 6-1: config 0 interface 184 has no altsetting 0
[  435.930946][ T4229] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  435.970138][ T4229] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.001614][ T4229] usb 6-1: Product: syz
[  436.030455][ T4229] usb 6-1: Manufacturer: syz
[  436.039365][ T4229] usb 6-1: SerialNumber: syz
[  436.079945][ T4229] usb 6-1: config 0 descriptor??
[  436.152216][ T4229] smsc75xx v1.0.0
[  436.190678][   T21] Bluetooth: hci1: command 0x0419 tx timeout
[  436.225343][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  436.240918][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  436.306224][T10371] 8021q: adding VLAN 0 to HW filter on device batadv0
[  437.070701][ T4229] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  437.109353][ T4229] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  437.180824][ T4229] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  437.249807][ T4229] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  437.275394][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  437.301801][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  437.428663][ T4229] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  437.502159][ T4229] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  437.590539][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  437.599291][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  437.614262][ T4229] smsc75xx: probe of 6-1:0.184 failed with error -71
[  437.668821][T10371] device veth0_vlan entered promiscuous mode
[  437.680725][ T4229] usb 6-1: USB disconnect, device number 11
[  437.698755][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  437.741248][ T4770] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  437.809967][T10371] device veth1_vlan entered promiscuous mode
[  437.960118][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  437.981799][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  438.017285][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  438.040957][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  438.074411][T10371] device veth0_macvtap entered promiscuous mode
[  438.117586][T10371] device veth1_macvtap entered promiscuous mode
[  438.186097][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  438.246871][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.287777][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  438.328193][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.389641][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  438.422088][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.460660][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  438.516663][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.544944][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  438.584147][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  438.741616][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  438.803524][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.076298][T10371] batman_adv: batadv0: Interface activated: batadv_slave_0
[  439.109026][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  439.128312][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  439.163951][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  439.173615][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  439.189371][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  439.200225][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.217794][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  439.244500][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.257765][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  439.269108][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.281602][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  439.292667][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.303884][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  439.316057][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.331454][T10371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  439.348589][T10371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  439.369924][T10371] batman_adv: batadv0: Interface activated: batadv_slave_1
[  439.377339][T10637] loop4: detected capacity change from 0 to 2048
[  439.419875][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  439.440805][T10637] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  439.529836][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  439.551025][   T23] Bluetooth: hci5: command 0x1003 tx timeout
[  439.558480][ T4188] Bluetooth: hci5: sending frame failed (-49)
[  439.604866][T10371] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  439.638047][T10371] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  439.667825][T10371] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  439.698315][T10371] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  439.828497][T10646] loop4: detected capacity change from 0 to 128
[  439.954121][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  439.960725][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  440.048325][ T4771] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  440.060474][ T4771] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  440.106408][ T4771] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  440.111110][ T9851] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  440.135510][ T4771] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  440.165648][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  440.397094][T10654] binder: 10653:10654 ioctl c0306201 200000000100 returned -14
[  441.630928][ T4187] Bluetooth: hci5: command 0x1001 tx timeout
[  441.638514][ T4188] Bluetooth: hci5: sending frame failed (-49)
[  442.609426][T10729] loop4: detected capacity change from 0 to 128
[  443.486590][ T4229] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  443.801357][ T1111] Bluetooth: hci5: command 0x1009 tx timeout
[  444.050905][ T4229] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  444.127372][ T4229] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.170874][ T4229] usb 9-1: Product: syz
[  444.175405][ T4229] usb 9-1: Manufacturer: syz
[  444.180041][ T4229] usb 9-1: SerialNumber: syz
[  444.629954][T10779] binder: 10776:10779 ioctl 4018620d 0 returned -22
[  444.970366][T10788] Device name cannot be null; rc = [-22]
[  445.846789][ T4229] cdc_ncm 9-1:1.0: MAC-Address: 42:42:42:42:42:42
[  445.855753][ T4229] cdc_ncm 9-1:1.0: setting rx_max = 16384
[  446.080829][ T4229] cdc_ncm 9-1:1.0: setting tx_max = 16384
[  446.125522][ T4229] cdc_ncm 9-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.8-1, CDC NCM, 42:42:42:42:42:42
[  446.201087][ T4229] usb 9-1: USB disconnect, device number 2
[  446.237724][ T4229] cdc_ncm 9-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.8-1, CDC NCM
[  446.685875][T10820] loop8: detected capacity change from 0 to 128
[  447.340575][ T4229] usb 5-1: new full-speed USB device number 33 using dummy_hcd
[  447.354032][T10837] binder: 10836:10837 ioctl 4018620d 0 returned -22
[  448.130977][ T4229] usb 5-1: not running at top speed; connect to a high speed hub
[  448.239611][T10866] loop2: detected capacity change from 0 to 512
[  448.260978][ T4229] usb 5-1: config index 0 descriptor too short (expected 8339, got 147)
[  448.322655][ T4229] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  448.346121][ T4229] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  448.361030][ T4229] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  448.405114][ T4229] usb 5-1: config 1 has no interface number 1
[  448.430733][ T4229] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  448.464313][ T4229] usb 5-1: config 1 interface 2 has no altsetting 0
[  448.522143][T10866] EXT4-fs (loop2): mounted filesystem without journal. Opts: i_version,nodiscard,min_batch_time=0x00000000000003ff,,errors=continue. Quota mode: none.
[  448.720677][ T4229] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  448.740576][ T4229] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.747997][ T4407] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  448.776684][ T4229] usb 5-1: Product: syz
[  448.784333][ T4229] usb 5-1: Manufacturer: syz
[  448.794314][ T4229] usb 5-1: SerialNumber: syz
[  448.922233][T10883] binder: 10882:10883 ioctl c0306201 0 returned -14
[  449.057580][T10888] loop8: detected capacity change from 0 to 256
[  449.106394][T10890] loop2: detected capacity change from 0 to 512
[  449.129117][T10888] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  449.160785][ T4407] usb 6-1: config 0 has an invalid interface number: 255 but max is 0
[  449.176194][ T4407] usb 6-1: config 0 has no interface number 0
[  449.190465][ T4407] usb 6-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  449.209092][ T4407] usb 6-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  449.248946][T10890] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  449.273644][ T4407] usb 6-1: config 0 interface 255 has no altsetting 0
[  449.311002][ T4407] usb 6-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  449.364016][ T4229] usb 5-1: selecting invalid altsetting 0
[  449.394690][ T4229] usb 5-1: USB disconnect, device number 33
[  449.402970][ T4407] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.436483][ T4407] usb 6-1: config 0 descriptor??
[  449.456789][T10890] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.1918: inode has both inline data and extents flags
[  449.481963][ T4407] ums-realtek 6-1:0.255: USB Mass Storage device detected
[  449.572194][T10890] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1918: couldn't read orphan inode 15 (err -117)
[  449.648864][T10890] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  449.730653][ T4407] usb 6-1: USB disconnect, device number 12
[  449.745654][   T26] audit: type=1800 audit(1771320820.572:19): pid=10890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1918" name="bus" dev="loop2" ino=18 res=0 errno=0
[  449.802139][ T4175] udevd[4175]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  450.046331][T10916] loop2: detected capacity change from 0 to 512
[  450.314850][T10916] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  450.413246][T10916] ext4 filesystem being mounted at /392/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  450.555190][T10940] loop4: detected capacity change from 0 to 128
[  451.656282][T10963] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  451.746201][ T4771] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.875248][ T4771] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.081390][ T4771] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.600421][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  557.607633][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P9806/1:b..l
[  557.616395][    C0] 	(detected by 0, t=10502 jiffies, g=56029, q=101)
[  557.623031][    C0] task:kworker/0:0     state:R  running task     stack:23184 pid: 9806 ppid:     2 flags:0x00004000
[  557.635622][    C0] Workqueue: events_power_efficient gc_worker
[  557.641752][    C0] Call Trace:
[  557.645082][    C0]  <TASK>
[  557.648050][    C0]  __schedule+0x11ef/0x43c0
[  557.652664][    C0]  ? release_firmware_map_entry+0x190/0x190
[  557.658621][    C0]  ? verify_lock_unused+0x140/0x140
[  557.663871][    C0]  ? mark_lock+0x94/0x320
[  557.668232][    C0]  ? preempt_schedule_irq+0xb0/0x160
[  557.673603][    C0]  preempt_schedule_irq+0xbb/0x160
[  557.678752][    C0]  ? __cond_resched+0xd0/0xd0
[  557.683466][    C0]  ? rcu_is_watching+0x11/0xa0
[  557.688261][    C0]  ? rcu_irq_exit_check_preempt+0xdb/0x200
[  557.694105][    C0]  irqentry_exit+0x63/0x70
[  557.698564][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  557.704578][    C0] RIP: 0010:seqcount_lockdep_reader_access+0x196/0x1d0
[  557.711460][    C0] Code: f9 4d 85 e4 75 16 e8 49 16 55 f9 eb 15 e8 42 16 55 f9 e8 cd 0c 98 01 4d 85 e4 74 ea e8 33 16 55 f9 fb 48 c7 04 24 0e 36 e0 45 <4b> c7 04 3e 00 00 00 00 43 c7 44 3e 08 00 00 00 00 65 48 8b 04 25
[  557.731191][    C0] RSP: 0018:ffffc9000370fa20 EFLAGS: 00000293
[  557.737420][    C0] RAX: ffffffff88240c0d RBX: 0000000000000000 RCX: ffff888023cf5940
[  557.745423][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  557.753421][    C0] RBP: ffffc9000370fad0 R08: ffffffff901d215f R09: 1ffffffff203a42b
[  557.761544][    C0] R10: dffffc0000000000 R11: fffffbfff203a42c R12: 0000000000000200
[  557.769566][    C0] R13: ffff888020f11f18 R14: 1ffff920006e1f44 R15: dffffc0000000000
[  557.777590][    C0]  ? seqcount_lockdep_reader_access+0x18d/0x1d0
[  557.784313][    C0]  ? nf_conntrack_hash_check_insert+0x6f0/0x6f0
[  557.790609][    C0]  gc_worker+0x2e2/0x1390
[  557.795004][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  557.801066][    C0]  ? init_conntrack+0x14d0/0x14d0
[  557.806139][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  557.811374][    C0]  process_one_work+0x85f/0x1010
[  557.816369][    C0]  ? worker_detach_from_pool+0x240/0x240
[  557.822122][    C0]  ? lockdep_hardirqs_off+0x70/0x100
[  557.827448][    C0]  ? _raw_spin_lock_irq+0xb7/0xf0
[  557.832541][    C0]  ? _raw_spin_lock_irqsave+0x100/0x100
[  557.838122][    C0]  ? wq_worker_running+0x97/0x170
[  557.843183][    C0]  worker_thread+0xaa6/0x1290
[  557.847909][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  557.853141][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  557.859073][    C0]  kthread+0x436/0x520
[  557.863179][    C0]  ? rcu_lock_release+0x20/0x20
[  557.868064][    C0]  ? kthread_blkcg+0xd0/0xd0
[  557.872690][    C0]  ret_from_fork+0x1f/0x30
[  557.877158][    C0]  </TASK>
[  557.880235][    C0] rcu: rcu_preempt kthread starved for 9742 jiffies! g56029 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  557.891366][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  557.901356][    C0] rcu: RCU grace-period kthread stack dump:
[  557.907270][    C0] task:rcu_preempt     state:R  running task     stack:28112 pid:   15 ppid:     2 flags:0x00004000
[  557.918085][    C0] Call Trace:
[  557.921388][    C0]  <TASK>
[  557.924351][    C0]  __schedule+0x11ef/0x43c0
[  557.928932][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  557.934867][    C0]  ? release_firmware_map_entry+0x190/0x190
[  557.940832][    C0]  ? __mod_timer+0x91e/0xd00
[  557.945505][    C0]  schedule+0x11b/0x1e0
[  557.949692][    C0]  schedule_timeout+0x184/0x2d0
[  557.954579][    C0]  ? console_conditional_schedule+0x40/0x40
[  557.960501][    C0]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  557.966426][    C0]  ? update_process_times+0x200/0x200
[  557.971834][    C0]  ? prepare_to_swait_event+0x331/0x350
[  557.977614][    C0]  rcu_gp_fqs_loop+0x2be/0x11d0
[  557.982546][    C0]  ? dyntick_save_progress_counter+0x230/0x230
[  557.988740][    C0]  ? rcu_gp_init+0x10f0/0x10f0
[  557.993554][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  557.998783][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  558.004021][    C0]  rcu_gp_kthread+0x9b/0x370
[  558.008648][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  558.014581][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  558.020005][    C0]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  558.025949][    C0]  ? __kthread_parkme+0x157/0x1b0
[  558.031055][    C0]  kthread+0x436/0x520
[  558.035165][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  558.040570][    C0]  ? kthread_blkcg+0xd0/0xd0
[  558.045196][    C0]  ret_from_fork+0x1f/0x30
[  558.049660][    C0]  </TASK>
[  558.052730][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  558.059079][    C0] NMI backtrace for cpu 0
[  558.063430][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0
[  558.070489][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  558.080575][    C0] Call Trace:
[  558.083923][    C0]  <IRQ>
[  558.086806][    C0]  dump_stack_lvl+0x188/0x250
[  558.091537][    C0]  ? show_regs_print_info+0x20/0x20
[  558.096773][    C0]  ? load_image+0x400/0x400
[  558.101331][    C0]  ? irq_work_queue+0xbf/0x140
[  558.106152][    C0]  nmi_cpu_backtrace+0x3a2/0x3d0
[  558.111219][    C0]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  558.117413][    C0]  ? _printk+0xda/0x130
[  558.121610][    C0]  ? cpu_online+0x1d/0x30
[  558.126002][    C0]  ? load_image+0x400/0x400
[  558.130539][    C0]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  558.136644][    C0]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  558.142745][    C0]  rcu_check_gp_kthread_starvation+0x1cd/0x250
[  558.148939][    C0]  print_other_cpu_stall+0x1110/0x1270
[  558.154441][    C0]  ? print_cpu_stall+0x5f0/0x5f0
[  558.159413][    C0]  ? timekeeping_advance+0x7f6/0xac0
[  558.164746][    C0]  rcu_sched_clock_irq+0x843/0x1120
[  558.169993][    C0]  ? rcutree_dead_cpu+0x20/0x20
[  558.174891][    C0]  ? account_process_tick+0x22a/0x3a0
[  558.180299][    C0]  update_process_times+0x193/0x200
[  558.185546][    C0]  tick_sched_timer+0x37d/0x560
[  558.190430][    C0]  ? tick_setup_sched_timer+0x2c0/0x2c0
[  558.196022][    C0]  __hrtimer_run_queues+0x4ad/0xb70
[  558.201274][    C0]  ? hrtimer_interrupt+0x8d0/0x8d0
[  558.206524][    C0]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  558.212641][    C0]  hrtimer_interrupt+0x3bb/0x8d0
[  558.217725][    C0]  __sysvec_apic_timer_interrupt+0x137/0x4a0
[  558.223739][    C0]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  558.229493][    C0]  </IRQ>
[  558.232446][    C0]  <TASK>
[  558.235402][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  558.241411][    C0] RIP: 0010:default_idle+0xb/0x10
[  558.246502][    C0] Code: b7 48 89 df e8 16 c5 f8 f7 eb ad e8 4f af f6 ff 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 00 cc 66 90 0f 00 2d 77 66 60 00 fb f4 <c3> 0f 1f 40 00 41 57 41 56 53 49 be 00 00 00 00 00 fc ff df 65 48
[  558.266133][    C0] RSP: 0018:ffffffff8c007dc8 EFLAGS: 000002c6
[  558.272237][    C0] RAX: 183b347bcb6bd500 RBX: ffffffff8c0bc480 RCX: 183b347bcb6bd500
[  558.280230][    C0] RDX: 0000000000000001 RSI: ffffffff8a2b2780 RDI: ffffffff8a79f740
[  558.288231][    C0] RBP: ffffffff8c007ef8 R08: ffff8880b903b30b R09: 1ffff11017207661
[  558.296489][    C0] R10: dffffc0000000000 R11: ffffed1017207662 R12: 1ffffffff1817890
[  558.304489][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffffffff1800fc4
[  558.312505][    C0]  default_idle_call+0x81/0xc0
[  558.317452][    C0]  do_idle+0x21f/0x580
[  558.321575][    C0]  ? idle_inject_timer_fn+0x60/0x60
[  558.326819][    C0]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  558.332795][    C0]  ? schedule_idle+0x57/0x90
[  558.337430][    C0]  cpu_startup_entry+0x14/0x20
[  558.342286][    C0]  ? time_init+0x40/0x40
[  558.346733][    C0]  start_kernel+0x489/0x540
[  558.351288][    C0]  secondary_startup_64_no_verify+0xb1/0xbb
[  558.357328][    C0]  </TASK>