last executing test programs:

5m31.174370493s ago: executing program 4 (id=1074):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0xffffffff, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x100, 0xffffffff, 0x6361, 0x7, 0xfffffffd, 0x40000004}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x3, 0x7, 0x2b2b, 0x482e, 0xff, 0x4}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x20000804)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r6, {}, {0xd, 0xb}, {0xffe0, 0xd}}}, 0x24}}, 0x4010004)
ioctl$SIOCSIFHWADDR(r1, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="640000004ec6"})

5m28.939482714s ago: executing program 4 (id=1081):
syz_mount_image$ext4(&(0x7f00000022c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x840, &(0x7f0000001780)={[], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@dont_measure}, {@pcr={'pcr', 0x3d, 0x15}}]}, 0x0, 0x543, &(0x7f0000001200)="$eJzs3e9rJGcdAPDvzGbvcnepyanIWbAttnJX9HaTxrZRpD1B1DcFtb4/Y7IXQjbZI7upl1A0xT9AEFFB3/tG8A8QSsF/QISCvhcVReSqL/VGZmfS5sduNpdLsr3N5wPDPM/8+n6fITuZXzwTwLn1TETciohKRDwfEZPl9LQcbueV7WK59+6/uZAPSWTZ6/9KIimn7Wwrr49FxJVilRiPiG99LeK7ycG47c2tlflms7Fe1uud1bv19ubWzeXV+aXGUmNtdnbmpbmX516cm85KxYLbx2vnVES88pW//fRHv/rqK29/7nt/vv2PG9/P0/rSJ4q8I2LheFs+XLHtandf7Mj30fppBBuSvD3VyrCzAADgKPJz/I9GxKe75/+TUemezQEAAACjJHt1Iv6bRGQP7+pxVgIAAADOXhoRE5GktfJdgIlI01qteIf343E5bbbanc/eaW2sLebzIqaimt5ZbjamI+JiUU/y+kz5ju1O/YV99dmIuBoRP5m81K3XFlrNxWHf/AAAAIBz4srTe6///zOZ5uWLw84LAAAAOGFTfSsAAADAqHDJDwAAAKPP9T8AAACMtG+89lo+ZDvf8V58Y3NjpfXGzcVGe6W2urFQW2it360ttVpL3T77Vgdtr9lq3f18rG3cq3ca7U69vbl1e7W1sda5vbznE9gAAADAGbr69Dt/SiJi+4uXukOU/QD2cOFsMwM+VP467ASAk1QZdgLA0IwNOwFgaKoDl3CEgFGXDJh/8OWd4l5h/P508gEAAE7e9U/uff5/ade8wfcGgMdZn3d9AIAR5ukenF/V474BeO2kMwGG5SPF6GK/+X077+jz/P+Xu8rFPYYsO3ZyAADAiZjoDklaK8/TJyJNa7WIJ7qfBagmd5abjeny+uCPk9WLeX2mu2Yy8J1hAAAAAAAAAAAAAAAAAAAAAAAAAKCQZUlkg1W6iwIAAACPpYj070m3N/+I65PPTey9O7Dvq1+/eP1n9+Y7nfWZiAtfL77qdSEiOj8vp7+Q+SQAAAAADNNKMSqu08vxzLCTAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDUvHf/zYWd4Szj/vPLETHVK/5YjHfH41GNiMv/TmJs13pJRFROIP72WxFxrVf8JB5kWTZVZtEr/qVTjj/V3TW946cRceUE4sN59k5+/LnV6/eXxjPdce/f31g5PKr+x7/0/eNfpc/x54l99X6efPc39b7x34p4cqz38WcnflLE3xMirzx7xDZ+59tbWz1n7Npkr/i7Y9U7q3fr7c2tm8ur80uNpcba7OzMS3Mvz704N12/s9xsZElEszHdM8yPP/XbB4e1/3Kf+FN7239g/z93pNZn8b93793/WFGp9op/49ne/3+v9Ymflv/7PlOW8/nXd8rbRXm3p379h6cOa/9in/aPD2j/jSO1P77w/Dd/+Jeecw7sDQDgLLQ3t1bmm83G+iGF8fen3IqIAQufTeHVoUY/jUJ8ONIYViH7QfH3+FBrPcj2TXm41QcXskdZfSwePY0LB3+nlTjuBpOI7XxbR/yDBAAARswHJ/2HPUECAAAAAAAAAAAAAAAAAAAATtMROg97+3dxoMux8YfpCHB/zO3hNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FD/DwAA////o8rt")
timer_create(0xfffffffffffffff4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r3, 0xc004562f, &(0x7f0000000000)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x1, 0xdd9f83, 0x1, 0xcf49, 0xf3, 0x2, 0x8, 0x722, 0x6, 0x7, 0x7f, 0x27, 0x20, {0x4, 0x6fd8e843}, 0x3, 0xec}})
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
getdents(r4, &(0x7f0000000f40)=""/243, 0xf3)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r6 = socket(0x400000000010, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})
sendmsg$nl_route_sched(r6, 0x0, 0x0)

5m27.560806442s ago: executing program 4 (id=1084):
syz_mount_image$ext4(&(0x7f00000022c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x840, &(0x7f0000001780)={[], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@dont_measure}, {@pcr={'pcr', 0x3d, 0x15}}]}, 0x0, 0x543, &(0x7f0000001200)="$eJzs3e9rJGcdAPDvzGbvcnepyanIWbAttnJX9HaTxrZRpD1B1DcFtb4/Y7IXQjbZI7upl1A0xT9AEFFB3/tG8A8QSsF/QISCvhcVReSqL/VGZmfS5sduNpdLsr3N5wPDPM/8+n6fITuZXzwTwLn1TETciohKRDwfEZPl9LQcbueV7WK59+6/uZAPSWTZ6/9KIimn7Wwrr49FxJVilRiPiG99LeK7ycG47c2tlflms7Fe1uud1bv19ubWzeXV+aXGUmNtdnbmpbmX516cm85KxYLbx2vnVES88pW//fRHv/rqK29/7nt/vv2PG9/P0/rSJ4q8I2LheFs+XLHtandf7Mj30fppBBuSvD3VyrCzAADgKPJz/I9GxKe75/+TUemezQEAAACjJHt1Iv6bRGQP7+pxVgIAAADOXhoRE5GktfJdgIlI01qteIf343E5bbbanc/eaW2sLebzIqaimt5ZbjamI+JiUU/y+kz5ju1O/YV99dmIuBoRP5m81K3XFlrNxWHf/AAAAIBz4srTe6///zOZ5uWLw84LAAAAOGFTfSsAAADAqHDJDwAAAKPP9T8AAACMtG+89lo+ZDvf8V58Y3NjpfXGzcVGe6W2urFQW2it360ttVpL3T77Vgdtr9lq3f18rG3cq3ca7U69vbl1e7W1sda5vbznE9gAAADAGbr69Dt/SiJi+4uXukOU/QD2cOFsMwM+VP467ASAk1QZdgLA0IwNOwFgaKoDl3CEgFGXDJh/8OWd4l5h/P508gEAAE7e9U/uff5/ade8wfcGgMdZn3d9AIAR5ukenF/V474BeO2kMwGG5SPF6GK/+X077+jz/P+Xu8rFPYYsO3ZyAADAiZjoDklaK8/TJyJNa7WIJ7qfBagmd5abjeny+uCPk9WLeX2mu2Yy8J1hAAAAAAAAAAAAAAAAAAAAAAAAAKCQZUlkg1W6iwIAAACPpYj070m3N/+I65PPTey9O7Dvq1+/eP1n9+Y7nfWZiAtfL77qdSEiOj8vp7+Q+SQAAAAADNNKMSqu08vxzLCTAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDUvHf/zYWd4Szj/vPLETHVK/5YjHfH41GNiMv/TmJs13pJRFROIP72WxFxrVf8JB5kWTZVZtEr/qVTjj/V3TW946cRceUE4sN59k5+/LnV6/eXxjPdce/f31g5PKr+x7/0/eNfpc/x54l99X6efPc39b7x34p4cqz38WcnflLE3xMirzx7xDZ+59tbWz1n7Npkr/i7Y9U7q3fr7c2tm8ur80uNpcba7OzMS3Mvz704N12/s9xsZElEszHdM8yPP/XbB4e1/3Kf+FN7239g/z93pNZn8b93793/WFGp9op/49ne/3+v9Ymflv/7PlOW8/nXd8rbRXm3p379h6cOa/9in/aPD2j/jSO1P77w/Dd/+Jeecw7sDQDgLLQ3t1bmm83G+iGF8fen3IqIAQufTeHVoUY/jUJ8ONIYViH7QfH3+FBrPcj2TXm41QcXskdZfSwePY0LB3+nlTjuBpOI7XxbR/yDBAAARswHJ/2HPUECAAAAAAAAAAAAAAAAAAAATtMROg97+3dxoMux8YfpCHB/zO3hNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FD/DwAA////o8rt")
timer_create(0xfffffffffffffff4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r3, 0xc004562f, &(0x7f0000000000)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x191, 0x1, 0x1, 0xdd9f83, 0x1, 0xcf49, 0xf3, 0x2, 0x8, 0x722, 0x6, 0x7, 0x7f, 0x27, 0x20, {0x4, 0x6fd8e843}, 0x3, 0xec}})
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
getdents(r4, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r6 = socket(0x400000000010, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)

5m25.522268597s ago: executing program 4 (id=1089):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f081000000098", 0x8)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003280)=[{{&(0x7f0000000100)=@nl=@unspec, 0x12, 0x0}}], 0x1, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
socket$inet(0x10, 0x3, 0x0)

5m24.376604779s ago: executing program 4 (id=1093):
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in={{0x2, 0x4e22, @local}}, 0x0, 0x0, 0x33, 0x0, "cebd7ceedb7b0ad952e966bbe242b92b746b023df2cb59e32e10366456deac64e782206bd4aee372005a52a40b7161161a8b2749fe184fb0d08bc63f90010a1ed2bf603d2c3fcc250c30136f9ef2ef8b"}, 0xd8)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)

5m19.18855205s ago: executing program 4 (id=1100):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {r0}}}, @cred={{0x1c, 0x1, 0x2, {r0}}}, @rights={{0x18, 0x1, 0x1, [r2, r1]}}], 0x58, 0x40000000}}], 0x1, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

5m3.529498338s ago: executing program 32 (id=1100):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {r0}}}, @cred={{0x1c, 0x1, 0x2, {r0}}}, @rights={{0x18, 0x1, 0x1, [r2, r1]}}], 0x58, 0x40000000}}], 0x1, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

13.149589741s ago: executing program 1 (id=1989):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
read$alg(r2, &(0x7f0000002300)=""/4128, 0x1020)
sendmmsg$alg(r2, &(0x7f0000004740)=[{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000100)="2326eb3bc485ff633bcd9debcc0e6904c4d49561c4054d1b2d20548f155c7a88bbe137c77bf5b4f8e51fa3c7100816", 0x2f}, {&(0x7f0000000580)="19f93ebd16d77b148e1baf8f6a44c40421251e0b1857a17f0a5bca203be047055e28838956423eb59c692e2bccf6384ccc0dcff2bc70d7e4f203914687beb53f58617138635a271ea0aebfa9823c3cdc087a4a4cf6f05d045a9078fa420a7b55db0b097de4ab8293e2d8fe0232501540fae10edb25e72b1c405b994f6a431ad7a84a3a0f889f58392fcd311ed76e927977f557573e6704336757d5cf5959f1c1cbf5dfdec7a605baa21acca336c858c12c297bcf79d05ec537c9ccb0822a41af0a087585d9f5ff4eab079b973b80df2a4a750def893b6fc122720af7e5e2075bf411588e2f03f22b7169e5bf4b23dfc8a93f8fcc5000b63446416ad40f972ee42375987022de850241bc742241dcf006ef8524446cc09a1c431038631aecd3a9e88d2c7e0251ca59af770dee5d2959944d9133a423598f8df2ca6640ac4b3c69106db75dd5d64b7a91307ede0ca702bf5fb150d35d3cebfa63b9d482e552d8fdd0c56f68c1e3b4276bd440a6e33e45ce87fa2837aff2ef1f0172dd571db93e099b5962fbf5a33c3aeee526675b2e158d459abe98828e8714f801b6f142d2167e5db04c19107c15805a08b1fa8b5324d59a2474e25ba03d59674c7abb92b7bd6c354f620553644170f48b142fa92724f71acde0029c2f35b287c465c76f194e309bd56dbf251554df3d12187eb42b49424529792a4c525763daf501fd08b0c5d39628d8c1548daa57359e91b8f1c356765f31275b0ef99b1ca4e0afded90b4d72c6dc27dd7c642b541376345f4f56b058a84cc8f91bee1dd8c3b33be183beed5ee168bf53f8b26fec087a86487874c6321d0852d6009de75391ed05486ab7c61bb99d6f67aad9517a1512483ec7a957f922efd087c06362be8335f57c872a43a4f60a847f7aeda78c892f9da94d55050b166b4c1e6bcd882f3d7f2bae25116e6eeeb7d322f3aaac27c2b7aa392d7eaf1ff9a8fc43096d816f10d202f30407a900e0a3a2588ede342032664eac0ca8f7b84d432a88ec7e8081cb8eda7f72c3fecd4254dd69a1f468647fb9e23c350293c625f32dab262948bb3613e272d7a6ed1438240841d1510df97da79938c66072f1fc12f85291b252e120014f14e33372617fd4b701500d4846233f77eb5fb83597e7d3cbb119eb264ec71d6d194157b1a56a00daf8fd0e198f42a97387046287979d71341054afe7b52d724f95dfa658eaa7b57975b5859f2910051046255abeb6a1dee2db2844f5948a4d76632a9a5240874f6dd3d88abd1135902352a5e0be91362aaea7d80a7b9957f0704af48abf1678cdc821f5b6481960bc5e385628d1cd203f8a305edfa410e0973a8f8b057c80e56811be27be95ec445179e5314ad630fb09da514a7dfe35920fbd6b654ab29311af3e202c29b96e67f2f636ae8851446801ed5ff72909606636aa250f4c81f176720c3d283ba9a3c4e70d6ec5fb7b8739ac0763e20fab7545f8622cef84cda7415f174bb6d222476c3531f83b072b8c2e60d6533086c0cf0a8806e705ade8d16d5492f0c66eca6460df9b22458b99f7cfe42b274b5471f38443a67b37c9361ec07632899dfe061d54bf2b4058361cb71bce11876e51a14309bfe4e95172cc8493c9bc5e405499080bbeadc5badbf3fb8c504989c1f56380c57171a610933ea0f9f57ea75a48f68314dd38e8bebbbcdc1fcba4c8bedc0ad9066505c9f01c438a6b8fa73409b059ba2229d50139e3ff9f6fb5efd221897c182139cd001075efcc3b7f88553ef209886530b80bc16b56c9ff5eceaaeeb458f7ee93a11c471df740fb3b23e009a450cc17106fd7a4bf6b7a9a72b616aba9abba76c6db12756ffc5c2adb049642162fdddb94a46ed4e73c1aeb6be704ca3654edd647b5a4bc3ad56de00cc9784798eb4089edc53ce998730dc49a00b91a0f2a0077425172c832a0d11cd725fd78584def9a1d7b6ddcaabb3230b8c8c43bf0e0271fa3d30e73cb979b8bd2d06295b797c58381aa43a1870ab4585f7ad54a66a2612679d8ee1c6b805dfb67484697db84a52a38f87509982bdb122e06d25641fe24f66373188e17a5649298405a4e5e051adf17ab2a23aed3e5684d6acf79fe45e308988c009c8c2487eedd89c85cde9bb2a8458c73e0cf0625f7ea27615fba8b6178d57aad958082ce97c77fc36137cdb8b44ccbf74418ea1780866b82bfaeb43163519ffbdd203f50e3ac31ddd44096ef0cefab0d5c4b9ff766052c4f13404bc1ec99000ab9867b4eca2a8c142d83a5bce0cc7d632d0d7e3d6ece6bc0a251f851773313d5896a8aea80d1d828f5c4b2eee884b1176e44b9d97d243b080c24cd93e7fd4a6bf1a951fc9248037e975e374c5d519b0e169f58c6fb622600e95686a24e8a68aff08a587708eb50404314ca0340c29c1d79b5635042278e939a09ce09e9d1b4303f3fb6eb5145b7a3d15d5f52e321a4cc4fabcec033a420afabf0a10fd9c300fd9df03366ae24acab23120750a2b55e46dc8f87b0d737664abdc05f60241aeb9d071f70001b759181aa563d9f3eb1be3969525da1993b903e9f6b10d41db915bc1488a256a627bb74331968d75a3853d9deddc0af06d37e53665158b729d9f0bc824b18db76ee5b6b411dc9b1f2a5a4c1760f507aad98d47bc8867a934f81e8c480244e7a7992ae7565f31d1062e60ab794f5e5245d36e783d2a07f28b4c39626866aa1e4b582ba7d1e3b01a9278c6c1e522ec43c687a4cceb5ec4c0e9312f55848eb0c39d3c5db6e98d4960f8f14c7524864981c1208a56a506e1542469235645019877f27672507ece8f86927643e90dbfb72e6a41a09f394b1857ef6b72f1897e7475a930307b56643b625908407a284a7a48cc529faf612c6732dca7ba37ab25ded83171f7dfe25426589991d90f53532fb822e2248e8c2a87a3303b1ca4d500eb6f039da96df9ca586f0ebc9e4396be76d0ba411f7347378fc7170e739ef650264ae8d8f9bdb32010401fdb64dd18b89710fc59e50ba26cd7e41876d523a42f8dee7422d5c36b2963e2ee01b792ddc6b3bce00e5156e231924806102e2e8d8d446c8d08e13bcc3688f8b1860d0f372266207eae2d2cdbe6afded42279626a5cd7d8e67f58e7a515ba82cda11752366c7297b073e857dbf91260d43a2e950bcd24e18eeea309a2f025cfec7f7aaa3a90af305a36270312bb97ce06771d0303a2cf8042ea899a152cbfee2cf92c545b7efae43bdb903f00cede505aff933f82cdd1eac78156a3e0bdccab4ef66991d3015ad2faaa6b31807f44b4e5a4d4ecf35eb1e4cc8e6c5194622fb5e55a77d19f91fcfe994598a41d03eb460b4ecc681299f4e1c3050bc1b467bc89f27ce2e157eecb33be6f3da599b9262281be95354f0fc898d85571ffa10646dbcf345a6bb8c9f997823d36bfca2c36b5ce8f6d78db57fc1e2f6bc5948878cf17fb9b4dbc1c598834c9b4ee27a0e1b20b964081d533f8a01d8f6454e13eb871cef92e7e90d35f5482b273c705600cbeef7aec3d5f647b441a30db6b4eb70dca188f44e5a7e45a1f6ab4ed66d023aae2b11c15e1e310e4aeea8875de08f6d2c63a36cd38f225ffe69617e7b764e8d9eda92f4c5ea0e31c328810898279cc5a2fd7519764b7c5cc4fa31b51d80baac201e114724cbe936b795d497d0ad9f01005e72b399dd29cba7d2c267d2d959cbcba0f11584c01400407963ec9b0ff184866344e4bb8f4a29ce2b13462a46cee1b9a8931bca48e0726b6fcb5b64f2009b011cfb46abde8987eb7eb8afcd3fe2a38b98716ebd92f7ca438fd353b9b208a128b45725cc2f4275238a66f3edf0cdc084fe6167f2a440c42a4610dc362a147c121d1d6fb2daa9ddb09ac77746ff74e169c9a35ce5222c0614dd8a58847222ed3ffacf1327f0b161838342882324d805955c028ad63632528b69c73a6192306bca394372925190587051d98b592b9ff96b1aa6cb03f935f0dc8dd0560cf6c7aa36cbb4a36ae850d65b3f2fc08e16e62debb0401703c7084eabdce81be6b8afbd091ee608f1c874f329bc38370701d8597de0c5e383c91855c3ac016a00732b25c9ae7084dbca77", 0xb4c}], 0x2, 0x0, 0x0, 0x4}], 0x1, 0x43855)

12.904818217s ago: executing program 1 (id=1991):
socket$inet6(0xa, 0x1, 0x8010000000000084)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x84c00)
setsockopt$inet_mtu(r3, 0x0, 0xa, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.sectors\x00', 0x275a, 0x0)
sendfile(r3, r5, 0x0, 0x7ffff004)

12.41549235s ago: executing program 5 (id=1993):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
socket$packet(0x11, 0x3, 0x300)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000100), 0x12)
unshare(0x2c020400)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r5, 0x0, 0x5, &(0x7f0000000240)={@local, @dev={0xac, 0x14, 0x14, 0x3f}, 0x1, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x23, 0x1000000, 0x7e, 0x6b}, 0x3c)
setsockopt$MRT_INIT(r5, 0x0, 0xc8, &(0x7f0000000080)=0x300, 0x4)
r6 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x301880, 0x20d)
write$tun(r6, &(0x7f0000000000)=ANY=[], 0x19)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x54a, &(0x7f0000000200)="$eJzs3U9vHGcZAPBn1l7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQt0pI5R6MvbGsrL2RvW5jq4LNJ0BCCJA4wYULEh8ACUXiwhEhRYIzSEUgBClIcCgdNLOzdrqZtTdhvUvs30+azPvOv+d5N57ZmZ1XMwGcWc9HxBsR8WGapi9FxHwxvVIM0ekO2XLv3393NRuSSNO3/pZEUkzLFkvTNO1t82K+ytRBjG8mDwScLcZ7+zdXms3GdlGttzdv1Xf29q9ubK6sN9YbW0tLi68uv7b8yvK1kbTzUkS8/pU/ff87P/3q67/8/Dt/vP6XK9/K0por5vfa8Rimj5rZbXr13GzfCtuPGez/Udae6gdF5fxw69w5yYQAABgoO8f/WER8JiJeivmYOvp0FgAAAHgCpV+aiw+S7v27EjMDpgMAAABPkEreBzap1Iq+AHNRqdRq3T68n4gLlWZrp/25G63drbVuX9mFqFZubDQb14q+wgtRTbL6Yl4+rL/cV1+KiKcj4nvz5/N6bbXVXJv0jx8AAABwRlzsu/7/53z3+v9oyXiSAwAAAEZnYdIJAAAAACfO9T8AAACcatVJJwAAAACcuK+9+WY2pL33X6+9vbd7s/X21bXGzs3a5u5qbbW1fau23mqt58/s2zxue81W69YXYmv3dr3d2GnXL+3tX99s7W61r2/E7FgaBAAAADzk6U/f/X0SEZ0vns+HzMykkwLGYvqg1HumZ8ne/4enuuP3xpQUMBZTQyzz3rny6c4T4Mk23T9hwL4OnD76/wPHvdFjYOed33RHlRHnAwAAjN7lT5Xf/z/+fL7jlB+ecHZiOLv67v+n85NKBBi7/P7/sB15nCzAqVIdqgcgcJr9r/f/j5emj5QQAAAwcnP5kFRqxc97c1Gp1GoRl/LXAlaTGxvNxrWIeCoifjdfPZfVF/M1k2OvGQAAAAAAAAAAAAAAAAAAAAAAAACArjRNIgUAAABOtYjKn5NfdZ/lf3n+xbn+3wdmkn/nrwSeiYh3fvTWD26vtNvbi9n0vx9Mb/+wmP7yJH7BAAAAAPr1rtPz8b8mnQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp837999d7Q1DLH5+VHH/+uWIWCiLPx2z+Xg2qhFx4R9JTD+wXhIRUyOI37kTEZ8si59kaR2ELIs/ig+hcyfppLnS+LFQfApl8S+OID6cZXez488bZft/JZ7Px+X733TER+qPa/DxLw6Of1MD9v9LQ8Z45t7P6wPj34l4Zrr8+NeLnwyI/8JQ0avxja/v7w+am/444nLv+yc/4j0Y4bBUb2/equ/s7V/d2FxZb6w3tpaWFl9dfm35leVr9RsbzUbxb2mM7z77iw+Pav+F0u+/pMhmcPtfLNneVEn+/7l3+/7He5XOw/GvvFAS/9c/KZZ4OH6liPPZopzNv9wrd7rlBz33s98+d1T71w7bX32U//8rgzba76Ed5dnh/nQAgBOxs7d/c6XZbGyfdCG7WB5XrI8UssBjDzqawsxkPrGzU/h2Vrg3qg2maZpm+1TJrLsRMcx2khhxSyvl+RwWBh4BJn1kAgAARu3wpH/SmQAAAAAAAAAAAAAAAAAAAMDZNY6nrPXHPHwEcjKKR2gDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIzEfwMAAP//O7TZvA==")
bind$can_raw(0xffffffffffffffff, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r7, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

10.012227206s ago: executing program 5 (id=1997):
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
r0 = memfd_secret(0x0)
fchownat(r0, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8810}, 0x8000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r8)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000080)={'wpan1\x00'})
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r8, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@newtfilter={0x5c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xd, 0x4}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x4, 0x1, 0x5}, {0x4, 0xeb, 0x8, 0x2, 0x8, 0x1}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x20000, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='vfat\x00', 0x200000, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x42}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000400)="aa", 0x5dc}], 0x1}, 0x2000c014)

9.154765839s ago: executing program 0 (id=1998):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f0810000000", 0x7)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003280)=[{{&(0x7f0000000100)=@nl=@unspec, 0x12, 0x0}}], 0x1, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
socket$inet(0x10, 0x3, 0x0)

8.886655857s ago: executing program 5 (id=1999):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c3e616dc4010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x173)
mount$overlay(0x0, 0x0, 0x0, 0x20045a, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000002540)={0x2c, &(0x7f0000002380)={0x40, 0x31}, 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="020000000100030000000000040001000000000020"], 0x1c, 0x2)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1080c, &(0x7f0000000180)=ANY=[], 0x3, 0xa53, &(0x7f0000002640)="$eJzs3U2MW0cdAPBn73rzWeKUhIa0tAmFtgK62+yG8BFBUzUXoqbiVqniEqVpiUgDIpWgVQ5JTtxoFYUb4kOceqkAIdELinriUolG4tJT4cCBKEiROEBLYhTvjNf+x+6zk9196/XvJ43H783YM8/7/PZ53puZAphY9fZjo/146e2Lh//5yD823Xr+ZCdHs/043bV0K3ctLU+H9/tgajG+cf3s8X5xrZhvP+bl4tlrndduKYriXLGnuFw0i92Xrrzx7vwzR88fubD3vTcPXl2JbQcAgEnz7csH9+/821/u3/7hWw8eKjZ01ufz82Za3prO+w+lE/98/l8vepdrXaHbTMg3nUI95Jvqk6+7nEbOt7H3dbH8mfC+jQH5NpSUP9W1rt92wzjL+3GzqNVne5br9dnZxd/kRft3/Uxt9vTJUy+eqaiiwLL790NFUewRhEkLrW2dL0HldakudH0KAJWK1wtvcy62LNydzrtND1f+tafq/V8Py2C193/lx/fvrcdql1+2/b8574jD8hl+b9q4ovVYbnm78vdoa1qO1xHi/UujHn/y+02F92sMWc9B1xHG5frCoHpOrXI97tSg+sf9Yr36Rorz5/DNkN79/Yl/03H5GwP9/WfNtf9vWqpc5XUZKWwc03oLExxa1Rx2gDEQ75trJTk93tcX0zeUpG8sSd9Ukr65JH1LSTpMst+/8tPi9drS7/z4m/7G9bPtL8uw7WG5ne2eFH9ixPrE9shR2+Pifb+jutvy4/3EsJb98dhzJ776wvNXFu//r3X2/5tpf9+Tlpvpu3U5ZcjthbFdvXPvf7O3nPqAfPeG+tzTJ3/7+Y7efLUdS+9TdB1nbqvHrt7XbRuU74HefM2Qb1MK8SpIPD/ZHF6Xzz/ycTV/XtNhexthO2ZCPfJxZXuKx+tqDGtV3h8H3f+f989dRaP24slTJ55Iy3k//fNUY8Ot9ftWud7A3Ru2/8+uorf/z9bO+ka9+7iwbWl9rfu40Azr5wesX0jL+f/cd6c2tdfPHv/+qReWe+Nhwp159bXvHTt16sQPPfHEE086T6o+MgErbe6Vl38wd+bV1x4/+fKxl068dOL0woEDC/PzB762sH+ufV4/1312D6wnS//0q64JAAAAAAAAAAAAMKwfHTl85a/vfOX9xf7/S/3/cv//fOdv7v//k9D/P/aTz/3gcz/A7X3S23nCAKszIV8jhU+G+u4I5ewMr/tUijvz+KX+/7m4OK5rrs99YX0cvzfnC8MJ3DZeykwYgyTOF/jZFF9I8a8LqFDt5/1Xp7hsfOu8r+fxKYxLMZ7y3y2PZ5LHMcn9vweN65SP/9tXoY4sv9XoTlj1NgL9/WvNjf+93kPXL4bK6yKstXCj1WqtZnmtllk8gLWh6vk/c7tnjk//6Vsbb4Wc7dpTvcfLOH4p3I2q57+srPzcsDip2z9k+cs9/2dn/ruhj39hxrzmnZX7319cfb+r2GL3sOXH7c/jQO8YrfwPU/l5ax4thiu/9atQfrwgNKSPQvmbhyw/bv/FUQtOBf4vlZ8/tsceHrb8xTeo1XvrEduN8/W/2G6c3Qjbn8f2HPnvf4cTNd5M5cMkG5d5Zkc1LvP/DhLvw/hyWs4HwnyfQ5zvZNT65/sr8v+BneH9ayX/38z/O96+nuKy70Oe/zfvj80+y/Wu5Uafz3a9HmtgXH3g+p8w5qF9RrMG6jGOodVqrWyDVolKC6fyz7/q3wlVl1/1518mzv8bz+Hj/L8xPc7/G9Pj/L8xvd2u+NHSpL0xPc7/Gz/POP9vTL8vlBvnB95Vkv7pkvTdJen3l6Q/UJL+mZL0vSXpD5akP1SSfm9J+sMl6Z8rSf98SfojJemPfXz6wo9LXr/e5f4ok7r9MMli/zzff5gc+frPoO//jpJ0YHz97K19Tz//u+80F/v/z3TaQ/J1vENpuZF+O8ffS7H9ZCqlvZOW/x7S13p7B0ySOH5G/P/+aEk6ML7yfV6+3zCBav1H7Bl23KpB5/mMly+k+Isp/lKKH0/xbIrnUrwvxfOrVD9WxtO//cPB12tLv/e3hfRh7yeP/YHiOFELQ9Yntg+Mej97HMdvVHdb/h12BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhMvf24f/+uWlFcevvi4eeOnpy7tebJTo5m+3G6a6nReV1RPJHiqRT/Mj25cf3s8e74ZoprxXxRK2qd9cWz1zolbSmK4lyxp7hcNIvdl6688e78M0fPH7mw9703D15duU8AAAAA1r//BwAA///3txjh")
chdir(&(0x7f0000000080)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1ab341, 0x114)
chdir(0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x115)
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f00000001c0)='./file1\x00', 0x1, &(0x7f00000000c0)=ANY=[], 0x1e, 0x1b6, &(0x7f0000000840)="$eJzKKC4sZmBgYPj7sSaZwYEBDNgY+BhuMzIysDAggBs7hH7FBqH1oPwXUEWaUPFFUPo/FBRXVmUn5uSkFtGQgV2OCepyUkwEqUeXuvIxlp9UcwYbg4MBjxpGMgIKJ+M/kYo5McJ5yDPimSHhSB0Dvwy0d4pYBkWoEs9gxJRCcO0bmRjeglP69Y81ySBGArSUAomlQDETAwNcDSg2jyCpkWIBY0Zmhv9wNaDCD8RRZ2Bg0C/JLdAvrqzSzcxNTE9NT80zMjI2MzAxMDA10k/LzEk1gJCMSM6AFVEgGlT2gspUTiR5VgYGhnvQApYLqTBmeAmxFuY0qDwjsl5QOfwfWkhrKDOgACaG//xgvRwIMxgZDsD1QrUxgIIghEENpIyhvIERSVQFbAoLA9hLHgyMDMxQjiGs0mCE28UBltBLzs9JaWdgZGCEaVvOwAI3w/AxAyuYw4ZwI0TG2KIBJtQOpVWgtAeUXg4iLiC8J8+IWhexgE14AuVpNICcWJFYUlJkyHYeqsUQVOuBxYzYYLJGAnCbWaC2fmJD9ZwMO8MoGAWjYBSMglEwCkbBEAOAAAAA///PZVfV")
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x100)
syz_usb_control_io$hid(r0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]})
utimensat(0xffffffffffffffff, &(0x7f0000000240)='./cgroup\x00', &(0x7f00000007c0)={{}, {0x77359400}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r1, 0xc05c5340, &(0x7f0000001280)={0x0, 0x3, 0x400, {0x2ae3}, 0x135c, 0x10})

8.083633599s ago: executing program 2 (id=2000):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
read$alg(r2, &(0x7f0000002300)=""/4128, 0x1020)
sendmmsg$alg(r2, &(0x7f0000004740)=[{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000100)="2326eb3bc485ff633bcd9debcc0e6904c4d49561c4054d1b", 0x18}, {&(0x7f0000000580)="19f93ebd16d77b148e1baf8f6a44c40421251e0b1857a17f0a5bca203be047055e28838956423eb59c692e2bccf6384ccc0dcff2bc70d7e4f203914687beb53f58617138635a271ea0aebfa9823c3cdc087a4a4cf6f05d045a9078fa420a7b55db0b097de4ab8293e2d8fe0232501540fae10edb25e72b1c405b994f6a431ad7a84a3a0f889f58392fcd311ed76e927977f557573e6704336757d5cf5959f1c1cbf5dfdec7a605baa21acca336c858c12c297bcf79d05ec537c9ccb0822a41af0a087585d9f5ff4eab079b973b80df2a4a750def893b6fc122720af7e5e2075bf411588e2f03f22b7169e5bf4b23dfc8a93f8fcc5000b63446416ad40f972ee42375987022de850241bc742241dcf006ef8524446cc09a1c431038631aecd3a9e88d2c7e0251ca59af770dee5d2959944d9133a423598f8df2ca6640ac4b3c69106db75dd5d64b7a91307ede0ca702bf5fb150d35d3cebfa63b9d482e552d8fdd0c56f68c1e3b4276bd440a6e33e45ce87fa2837aff2ef1f0172dd571db93e099b5962fbf5a33c3aeee526675b2e158d459abe98828e8714f801b6f142d2167e5db04c19107c15805a08b1fa8b5324d59a2474e25ba03d59674c7abb92b7bd6c354f620553644170f48b142fa92724f71acde0029c2f35b287c465c76f194e309bd56dbf251554df3d12187eb42b49424529792a4c525763daf501fd08b0c5d39628d8c1548daa57359e91b8f1c356765f31275b0ef99b1ca4e0afded90b4d72c6dc27dd7c642b541376345f4f56b058a84cc8f91bee1dd8c3b33be183beed5ee168bf53f8b26fec087a86487874c6321d0852d6009de75391ed05486ab7c61bb99d6f67aad9517a1512483ec7a957f922efd087c06362be8335f57c872a43a4f60a847f7aeda78c892f9da94d55050b166b4c1e6bcd882f3d7f2bae25116e6eeeb7d322f3aaac27c2b7aa392d7eaf1ff9a8fc43096d816f10d202f30407a900e0a3a2588ede342032664eac0ca8f7b84d432a88ec7e8081cb8eda7f72c3fecd4254dd69a1f468647fb9e23c350293c625f32dab262948bb3613e272d7a6ed1438240841d1510df97da79938c66072f1fc12f85291b252e120014f14e33372617fd4b701500d4846233f77eb5fb83597e7d3cbb119eb264ec71d6d194157b1a56a00daf8fd0e198f42a97387046287979d71341054afe7b52d724f95dfa658eaa7b57975b5859f2910051046255abeb6a1dee2db2844f5948a4d76632a9a5240874f6dd3d88abd1135902352a5e0be91362aaea7d80a7b9957f0704af48abf1678cdc821f5b6481960bc5e385628d1cd203f8a305edfa410e0973a8f8b057c80e56811be27be95ec445179e5314ad630fb09da514a7dfe35920fbd6b654ab29311af3e202c29b96e67f2f636ae8851446801ed5ff72909606636aa250f4c81f176720c3d283ba9a3c4e70d6ec5fb7b8739ac0763e20fab7545f8622cef84cda7415f174bb6d222476c3531f83b072b8c2e60d6533086c0cf0a8806e705ade8d16d5492f0c66eca6460df9b22458b99f7cfe42b274b5471f38443a67b37c9361ec07632899dfe061d54bf2b4058361cb71bce11876e51a14309bfe4e95172cc8493c9bc5e405499080bbeadc5badbf3fb8c504989c1f56380c57171a610933ea0f9f57ea75a48f68314dd38e8bebbbcdc1fcba4c8bedc0ad9066505c9f01c438a6b8fa73409b059ba2229d50139e3ff9f6fb5efd221897c182139cd001075efcc3b7f88553ef209886530b80bc16b56c9ff5eceaaeeb458f7ee93a11c471df740fb3b23e009a450cc17106fd7a4bf6b7a9a72b616aba9abba76c6db12756ffc5c2adb049642162fdddb94a46ed4e73c1aeb6be704ca3654edd647b5a4bc3ad56de00cc9784798eb4089edc53ce998730dc49a00b91a0f2a0077425172c832a0d11cd725fd78584def9a1d7b6ddcaabb3230b8c8c43bf0e0271fa3d30e73cb979b8bd2d06295b797c58381aa43a1870ab4585f7ad54a66a2612679d8ee1c6b805dfb67484697db84a52a38f87509982bdb122e06d25641fe24f66373188e17a5649298405a4e5e051adf17ab2a23aed3e5684d6acf79fe45e308988c009c8c2487eedd89c85cde9bb2a8458c73e0cf0625f7ea27615fba8b6178d57aad958082ce97c77fc36137cdb8b44ccbf74418ea1780866b82bfaeb43163519ffbdd203f50e3ac31ddd44096ef0cefab0d5c4b9ff766052c4f13404bc1ec99000ab9867b4eca2a8c142d83a5bce0cc7d632d0d7e3d6ece6bc0a251f851773313d5896a8aea80d1d828f5c4b2eee884b1176e44b9d97d243b080c24cd93e7fd", 0x67a}], 0x2, 0x0, 0x0, 0x4}], 0x1, 0x43855)

8.007933211s ago: executing program 0 (id=2001):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
read$alg(r2, &(0x7f0000002300)=""/4128, 0x1020)
sendmmsg$alg(r2, &(0x7f0000004740)=[{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000100)="2326eb3bc485ff633bcd9debcc0e6904c4d49561c4054d1b2d20548f155c7a88bbe137c77bf5b4f8e51fa3c7100816", 0x2f}, {&(0x7f0000000580)="19f93ebd16d77b148e1baf8f6a44c40421251e0b1857a17f0a5bca203be047055e28838956423eb59c692e2bccf6384ccc0dcff2bc70d7e4f203914687beb53f58617138635a271ea0aebfa9823c3cdc087a4a4cf6f05d045a9078fa420a7b55db0b097de4ab8293e2d8fe0232501540fae10edb25e72b1c405b994f6a431ad7a84a3a0f889f58392fcd311ed76e927977f557573e6704336757d5cf5959f1c1cbf5dfdec7a605baa21acca336c858c12c297bcf79d05ec537c9ccb0822a41af0a087585d9f5ff4eab079b973b80df2a4a750def893b6fc122720af7e5e2075bf411588e2f03f22b7169e5bf4b23dfc8a93f8fcc5000b63446416ad40f972ee42375987022de850241bc742241dcf006ef8524446cc09a1c431038631aecd3a9e88d2c7e0251ca59af770dee5d2959944d9133a423598f8df2ca6640ac4b3c69106db75dd5d64b7a91307ede0ca702bf5fb150d35d3cebfa63b9d482e552d8fdd0c56f68c1e3b4276bd440a6e33e45ce87fa2837aff2ef1f0172dd571db93e099b5962fbf5a33c3aeee526675b2e158d459abe98828e8714f801b6f142d2167e5db04c19107c15805a08b1fa8b5324d59a2474e25ba03d59674c7abb92b7bd6c354f620553644170f48b142fa92724f71acde0029c2f35b287c465c76f194e309bd56dbf251554df3d12187eb42b49424529792a4c525763daf501fd08b0c5d39628d8c1548daa57359e91b8f1c356765f31275b0ef99b1ca4e0afded90b4d72c6dc27dd7c642b541376345f4f56b058a84cc8f91bee1dd8c3b33be183beed5ee168bf53f8b26fec087a86487874c6321d0852d6009de75391ed05486ab7c61bb99d6f67aad9517a1512483ec7a957f922efd087c06362be8335f57c872a43a4f60a847f7aeda78c892f9da94d55050b166b4c1e6bcd882f3d7f2bae25116e6eeeb7d322f3aaac27c2b7aa392d7eaf1ff9a8fc43096d816f10d202f30407a900e0a3a2588ede342032664eac0ca8f7b84d432a88ec7e8081cb8eda7f72c3fecd4254dd69a1f468647fb9e23c350293c625f32dab262948bb3613e272d7a6ed1438240841d1510df97da79938c66072f1fc12f85291b252e120014f14e33372617fd4b701500d4846233f77eb5fb83597e7d3cbb119eb264ec71d6d194157b1a56a00daf8fd0e198f42a97387046287979d71341054afe7b52d724f95dfa658eaa7b57975b5859f2910051046255abeb6a1dee2db2844f5948a4d76632a9a5240874f6dd3d88abd1135902352a5e0be91362aaea7d80a7b9957f0704af48abf1678cdc821f5b6481960bc5e385628d1cd203f8a305edfa410e0973a8f8b057c80e56811be27be95ec445179e5314ad630fb09da514a7dfe35920fbd6b654ab29311af3e202c29b96e67f2f636ae8851446801ed5ff72909606636aa250f4c81f176720c3d283ba9a3c4e70d6ec5fb7b8739ac0763e20fab7545f8622cef84cda7415f174bb6d222476c3531f83b072b8c2e60d6533086c0cf0a8806e705ade8d16d5492f0c66eca6460df9b22458b99f7cfe42b274b5471f38443a67b37c9361ec07632899dfe061d54bf2b4058361cb71bce11876e51a14309bfe4e95172cc8493c9bc5e405499080bbeadc5badbf3fb8c504989c1f56380c57171a610933ea0f9f57ea75a48f68314dd38e8bebbbcdc1fcba4c8bedc0ad9066505c9f01c438a6b8fa73409b059ba2229d50139e3ff9f6fb5efd221897c182139cd001075efcc3b7f88553ef209886530b80bc16b56c9ff5eceaaeeb458f7ee93a11c471df740fb3b23e009a450cc17106fd7a4bf6b7a9a72b616aba9abba76c6db12756ffc5c2adb049642162fdddb94a46ed4e73c1aeb6be704ca3654edd647b5a4bc3ad56de00cc9784798eb4089edc53ce998730dc49a00b91a0f2a0077425172c832a0d11cd725fd78584def9a1d7b6ddcaabb3230b8c8c43bf0e0271fa3d30e73cb979b8bd2d06295b797c58381aa43a1870ab4585f7ad54a66a2612679d8ee1c6b805dfb67484697db84a52a38f87509982bdb122e06d25641fe24f66373188e17a5649298405a4e5e051adf17ab2a23aed3e5684d6acf79fe45e308988c009c8c2487eedd89c85cde9bb2a8458c73e0cf0625f7ea27615fba8b6178d57aad958082ce97c77fc36137cdb8b44ccbf74418ea1780866b82bfaeb43163519ffbdd203f50e3ac31ddd44096ef0cefab0d5c4b9ff766052c4f13404bc1ec99000ab9867b4eca2a8c142d83a5bce0cc7d632d0d7e3d6ece6bc0a251f851773313d5896a8aea80d1d828f5c4b2eee884b1176e44b9d97d243b080c24cd93e7fd4a6bf1a951fc9248037e975e374c5d519b0e169f58c6fb622600e95686a24e8a68aff08a587708eb50404314ca0340c29c1d79b5635042278e939a09ce09e9d1b4303f3fb6eb5145b7a3d15d5f52e321a4cc4fabcec033a420afabf0a10fd9c300fd9df03366ae24acab23120750a2b55e46dc8f87b0d737664abdc05f60241aeb9d071f70001b759181aa563d9f3eb1be3969525da1993b903e9f6b10d41db915bc1488a256a627bb74331968d75a3853d9deddc0af06d37e53665158b729d9f0bc824b18db76ee5b6b411dc9b1f2a5a4c1760f507aad98d47bc8867a934f81e8c480244e7a7992ae7565f31d1062e60ab794f5e5245d36e783d2a07f28b4c39626866aa1e4b582ba7d1e3b01a9278c6c1e522ec43c687a4cceb5ec4c0e9312f55848eb0c39d3c5db6e98d4960f8f14c7524864981c1208a56a506e1542469235645019877f27672507ece8f86927643e90dbfb72e6a41a09f394b1857ef6b72f1897e7475a930307b56643b625908407a284a7a48cc529faf612c6732dca7ba37ab25ded83171f7dfe25426589991d90f53532fb822e2248e8c2a87a3303b1ca4d500eb6f039da96df9ca586f0ebc9e4396be76d0ba411f7347378fc7170e739ef650264ae8d8f9bdb32010401fdb64dd18b89710fc59e50ba26cd7e41876d523a42f8dee7422d5c36b2963e2ee01b792ddc6b3bce00e5156e231924806102e2e8d8d446c8d08e13bcc3688f8b1860d0f372266207eae2d2cdbe6afded42279626a5cd7d8e67f58e7a515ba82cda11752366c7297b073e857dbf91260d43a2e950bcd24e18eeea309a2f025cfec7f7aaa3a90af305a36270312bb97ce06771d0303a2cf8042ea899a152cbfee2cf92c545b7efae43bdb903f00cede505aff933f82cdd1eac78156a3e0bdccab4ef66991d3015ad2faaa6b31807f44b4e5a4d4ecf35eb1e4cc8e6c5194622fb5e55a77d19f91fcfe994598a41d03eb460b4ecc681299f4e1c3050bc1b467bc89f27ce2e157eecb33be6f3da599b9262281be95354f0fc898d85571ffa10646dbcf345a6bb8c9f997823d36bfca2c36b5ce8f6d78db57fc1e2f6bc5948878cf17fb9b4dbc1c598834c9b4ee27a0e1b20b964081d533f8a01d8f6454e13eb871cef92e7e90d35f5482b273c705600cbeef7aec3d5f647b441a30db6b4eb70dca188f44e5a7e45a1f6ab4ed66d023aae2b11c15e1e310e4aeea8875de08f6d2c63a36cd38f225ffe69617e7b764e8d9eda92f4c5ea0e31c328810898279cc5a2fd7519764b7c5cc4fa31b51d80baac201e114724cbe936b795d497d0ad9f01005e72b399dd29cba7d2c267d2d959cbcba0f11584c01400407963ec9b0ff184866344e4bb8f4a29ce2b13462a46cee1b9a8931bca48e0726b6fcb5b64f2009b011cfb46abde8987eb7eb8afcd3fe2a38b98716ebd92f7ca438fd353b9b208a128b45725cc2f4275238a66f3edf0cdc084fe6167f2a440c42a4610dc362a147c121d1d6fb2daa9ddb09ac77746ff74e169c9a35ce5222c0614dd8a58847222ed3ffacf1327f0b161838342882324d805955c028ad63632528b69c73a6192306bca394372925190587051d98b592b9ff96b1aa6cb03f935f0dc8dd0560cf6c7aa36cbb4a36ae850d65b3f2fc08e16e62debb0401703c7084eabdce81be6b8afbd091ee608f1c874f329bc38370701d8597de0c5e383c91855c3ac016a00732b25c9ae7084dbca7704ae84361cf08c1bde6a8b133e18b4bc27487ba429b06951abac6e98f9b4e779f61f9b19710e7cfaf5e74f7748947b1475a538479e75e786049fe9ed18ebd78b169a2c242cddfb824655886843eb4e59e1c340bab6b0083648892425309507222c77652c04b790c5a7de3b3806c306caa5673e201e964110d84f26bce803a1afcb9f8c005dc38014e6589ce2c5eab5a630236579fee16cac65f61516b76597fbcad6d805161cdca14c8b849e4c8fe6901b5a49471eda6d1626155aad8eb5112f2b3808b50cc663f793982e7a787860", 0xc1b}], 0x2, 0x0, 0x0, 0x4}], 0x1, 0x43855)

7.801555167s ago: executing program 1 (id=2002):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x2, 0x1}, 0x20)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
recvmsg(0xffffffffffffffff, &(0x7f000000c1c0)={0x0, 0x0, 0x0}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x0, 0x2, 0x3, 0x9, 0x0, 0xc96e}, 0x20)
close(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="018d008dffff"})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x28, 0x2, 0xfd, 0x5ae9}, {0x20, 0x7f, 0x4, 0xffeff038}, {0x6, 0x0, 0x8, 0x7}]}, 0x10)
socket$netlink(0x10, 0x3, 0x0)

7.745595888s ago: executing program 0 (id=2003):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a", 0x29}], 0x3}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r3 = accept4$alg(r2, 0x0, 0x0, 0x0)
read$alg(r3, &(0x7f0000002300)=""/4128, 0x1020)
sendmmsg$alg(r3, &(0x7f0000004740)=[{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000100)="2326eb3bc485ff633bcd9debcc0e6904c4d49561c4054d1b2d20548f155c7a88bbe137c77bf5b4f8e51fa3c7100816", 0x2f}, {&(0x7f0000000580)="19f93ebd16d77b148e1baf8f6a44c40421251e0b1857a17f0a5bca203be047055e28838956423eb59c692e2bccf6384ccc0dcff2bc70d7e4f203914687beb53f58617138635a271ea0aebfa9823c3cdc087a4a4cf6f05d045a9078fa420a7b55db0b097de4ab8293e2d8fe0232501540fae10edb25e72b1c405b994f6a431ad7a84a3a0f889f58392fcd311ed76e927977f557573e6704336757d5cf5959f1c1cbf5dfdec7a605baa21acca336c858c12c297bcf79d05ec537c9ccb0822a41af0a087585d9f5ff4eab079b973b80df2a4a750def893b6fc122720af7e5e2075bf411588e2f03f22b7169e5bf4b23dfc8a93f8fcc5000b63446416ad40f972ee42375987022de850241bc742241dcf006ef8524446cc09a1c431038631aecd3a9e88d2c7e0251ca59af770dee5d2959944d9133a423598f8df2ca6640ac4b3c69106db75dd5d64b7a91307ede0ca702bf5fb150d35d3cebfa63b9d482e552d8fdd0c56f68c1e3b4276bd440a6e33e45ce87fa2837aff2ef1f0172dd571db93e099b5962fbf5a33c3aeee526675b2e158d459abe98828e8714f801b6f142d2167e5db04c19107c15805a08b1fa8b5324d59a2474e25ba03d59674c7abb92b7bd6c354f620553644170f48b142fa92724f71acde0029c2f35b287c465c76f194e309bd56dbf251554df3d12187eb42b49424529792a4c525763daf501fd08b0c5d39628d8c1548daa57359e91b8f1c356765f31275b0ef99b1ca4e0afded90b4d72c6dc27dd7c642b541376345f4f56b058a84cc8f91bee1dd8c3b33be183beed5ee168bf53f8b26fec087a86487874c6321d0852d6009de75391ed05486ab7c61bb99d6f67aad9517a1512483ec7a957f922efd087c06362be8335f57c872a43a4f60a847f7aeda78c892f9da94d55050b166b4c1e6bcd882f3d7f2bae25116e6eeeb7d322f3aaac27c2b7aa392d7eaf1ff9a8fc43096d816f10d202f30407a900e0a3a2588ede342032664eac0ca8f7b84d432a88ec7e8081cb8eda7f72c3fecd4254dd69a1f468647fb9e23c350293c625f32dab262948bb3613e272d7a6ed1438240841d1510df97da79938c66072f1fc12f85291b252e120014f14e33372617fd4b701500d4846233f77eb5fb83597e7d3cbb119eb264ec71d6d194157b1a56a00daf8fd0e198f42a97387046287979d71341054afe7b52d724f95dfa658eaa7b57975b5859f2910051046255abeb6a1dee2db2844f5948a4d76632a9a5240874f6dd3d88abd1135902352a5e0be91362aaea7d80a7b9957f0704af48abf1678cdc821f5b6481960bc5e385628d1cd203f8a305edfa410e0973a8f8b057c80e56811be27be95ec445179e5314ad630fb09da514a7dfe35920fbd6b654ab29311af3e202c29b96e67f2f636ae8851446801ed5ff72909606636aa250f4c81f176720c3d283ba9a3c4e70d6ec5fb7b8739ac0763e20fab7545f8622cef84cda7415f174bb6d222476c3531f83b072b8c2e60d6533086c0cf0a8806e705ade8d16d5492f0c66eca6460df9b22458b99f7cfe42b274b5471f38443a67b37c9361ec07632899dfe061d54bf2b4058361cb71bce11876e51a14309bfe4e95172cc8493c9bc5e405499080bbeadc5badbf3fb8c504989c1f56380c57171a610933ea0f9f57ea75a48f68314dd38e8bebbbcdc1fcba4c8bedc0ad9066505c9f01c438a6b8fa73409b059ba2229d50139e3ff9f6fb5efd221897c182139cd001075efcc3b7f88553ef209886530b80bc16b56c9ff5eceaaeeb458f7ee93a11c471df740fb3b23e009a450cc17106fd7a4bf6b7a9a72b616aba9abba76c6db12756ffc5c2adb049642162fdddb94a46ed4e73c1aeb6be704ca3654edd647b5a4bc3ad56de00cc9784798eb4089edc53ce998730dc49a00b91a0f2a0077425172c832a0d11cd725fd78584def9a1d7b6ddcaabb3230b8c8c43bf0e0271fa3d30e73cb979b8bd2d06295b797c58381aa43a1870ab4585f7ad54a66a2612679d8ee1c6b805dfb67484697db84a52a38f87509982bdb122e06d25641fe24f66373188e17a5649298405a4e5e051adf17ab2a23aed3e5684d6acf79fe45e308988c009c8c2487eedd89c85cde9bb2a8458c73e0cf0625f7ea27615fba8b6178d57aad958082ce97c77fc36137cdb8b44ccbf74418ea1780866b82bfaeb43163519ffbdd203f50e3ac31ddd44096ef0cefab0d5c4b9ff766052c4f13404bc1ec99000ab9867b4eca2a8c142d83a5bce0cc7d632d0d7e3d6ece6bc0a251f851773313d5896a8aea80d1d828f5c4b2eee884b1176e44b9d97d243b080c24cd93e7fd4a6bf1a951fc9248037e975e374c5d519b0e169f58c6fb622600e95686a24e8a68aff08a587708eb50404314ca0340c29c1d79b5635042278e939a09ce09e9d1b4303f3fb6eb5145b7a3d15d5f52e321a4cc4fabcec033a420afabf0a10fd9c300fd9df03366ae24acab23120750a2b55e46dc8f87b0d737664abdc05f60241aeb9d071f70001b759181aa563d9f3eb1be3969525da1993b903e9f6b10d41db915bc1488a256a627bb74331968d75a3853d9deddc0af06d37e53665158b729d9f0bc824b18db76ee5b6b411dc9b1f2a5a4c1760f507aad98d47bc8867a934f81e8c480244e7a7992ae7565f31d1062e60ab794f5e5245d36e783d2a07f28b4c39626866aa1e4b582ba7d1e3b01a9278c6c1e522ec43c687a4cceb5ec4c0e9312f55848eb0c39d3c5db6e98d4960f8f14c7524864981c1208a56a506e1542469235645019877f27672507ece8f86927643e90dbfb72e6a41a09f394b1857ef6b72f1897e7475a930307b56643b625908407a284a7a48cc529faf612c6732dca7ba37ab25ded83171f7dfe25426589991d90f53532fb822e2248e8c2a87a3303b1ca4d500eb6f039da96df9ca586f0ebc9e4396be76d0ba411f7347378fc7170e739ef650264ae8d8f9bdb32010401fdb64dd18b89710fc59e50ba26cd7e41876d523a42f8dee7422d5c36b2963e2ee01b792ddc6b3bce00e5156e231924806102e2e8d8d446c8d08e13bcc3688f8b1860d0f372266207eae2d2cdbe6afded42279626a5cd7d8e67f58e7a515ba82cda11752366c7297b073e857dbf91260d43a2e950bcd24e18eeea309a2f025cfec7f7aaa3a90af305a36270312bb97ce06771d0303a2cf8042ea899a152cbfee2cf92c545b7efae43bdb903f00cede505aff933f82cdd1eac78156a3e0bdccab4ef66991d3015ad2faaa6b31807f44b4e5a4d4ecf35eb1e4cc8e6c5194622fb5e55a77d19f91fcfe994598a41d03eb460b4ecc681299f4e1c3050bc1b467bc89f27ce2e157eecb33be6f3da599b9262281be95354f0fc898d85571ffa10646dbcf345a6bb8c9f997823d36bfca2c36b5ce8f6d78db57fc1e2f6bc5948878cf17fb9b4dbc1c598834c9b4ee27a0e1b20b964081d533f8a01d8f6454e13eb871cef92e7e90d35f5482b273c705600cbeef7aec3d5f647b441a30db6b4eb70dca188f44e5a7e45a1f6ab4ed66d023aae2b11c15e1e310e4aeea8875de08f6d2c63a36cd38f225ffe69617e7b764e8d9eda92f4c5ea0e31c328810898279cc5a2fd7519764b7c5cc4fa31b51d80baac201e114724cbe936b795d497d0ad9f01005e72b399dd29cba7d2c267d2d959cbcba0f11584c01400407963ec9b0ff184866344e4bb8f4a29ce2b13462a46cee1b9a8931bca48e0726b6fcb5b64f2009b011cfb46abde8987eb7eb8afcd3fe2a38b98716ebd92f7ca438fd353b9b208a128b45725cc2f4275238a66f3edf0cdc084fe6167f2a440c42a4610dc362a147c121d1d6fb2daa9ddb09ac77746ff74e169c9a35ce5222c0614dd8a58847222ed3ffacf1327f0b161838342882324d805955c028ad63632528b69c73a6192306bca394372925190587051d98b592b9ff96b1aa6cb03f935f0dc8dd0560cf6c7aa36cbb4a36ae850d65b3f2fc08e16e62debb0401703c7084eabdce81be6b8afbd091ee608f1c874f329bc38370701d8597de0c5e383c91855c3ac016a00732b25c9ae7084dbca7704ae84361cf08c1bde6a8b133e18b4bc27487ba429b06951abac6e98f9b4e779f61f9b19710e7cfaf5e74f7748947b1475a538479e75e786049fe9ed18ebd78b169a2c242cddfb824655886843eb4e59e1c340bab6b0083648892425309507222c77652c04b790c5a7de3b3806c306caa5673e201e964110d84f26bce803a1afcb9f8c005dc38014e6589ce2c5eab5a630236579fee16cac65f61516b76597fbcad6d805161cdca14c8b849e4c8fe6901b5a49471eda6d1626155aad8eb5112f2b3808b50cc663f793982e7a787860300417fe4de5747986c3ce74a48f72810da945572bbe88e9f25de81ae0442723d6bee2d2449617966f04bc214d9973a62817bf252b7de04f01ca005ba2366eeafb3b2c308ccf448c51bedcdfa58a89941180217930c2aa6b1672cabdb5bdc59e1e318bf332ea1eae7efa5359031026bd47bc48679f1978cfb252a490fe71d800d7cc8ffd19c03cce8009aa9a6d24d33677280dd786e5fd7feaf0f11c3ff07975798e9b43c190f7b82bc6c3d981e4e54d8db62320edee5e78e59b71c0957a7afa6cf25b73dfb910cb223d9aafc1aff52d2ac9bb895966efaf2d3163587c085ca55c2511e6b53c403158b369a8f4502638c441b621c08e1e4e4f80f0b8b793b0e1174408c3603a7fe951378d6841a1692ac1b3885a86700a4c7e1c1fd1fe7ac5a4d399130c918d51b854bd972c8d7395b77b4710bb5e9ec1b690da1f63ed5193a99705a4907b3873a8f93796b4fe0c1ebfc0567a5cf01be52bb93d6e1df7a85192e2bc5d0a94177a59281f91b0c6a786399248eec42a39ecf707fcdb183d87da3f130b6849d2a08ca4f57b001515da3c50048650c619094c58adea95bdd885d88f5ebfa3b100374e4f2a975e8a16f4d8f26c992ab5b5d00df1ad12163a221560f9c233ee6bbe63d5e47c84845ed980510611061e80a0bdb4931278c603f3adfd4f0eed097640096f25f7b655898811107ed2d48b3eeb6ccc05d836efa1afb757f1dd2c7fd63f56d02e279ea7ada1bb345fadb7d0082123ba94d0a9d3702d2b560f5be519015968ddb7b2753136886312c16ea9711923ae69f205df4135781c5a26d3d59058da380cd8dda635ccf1a262c2d4d00d5a9c429b6b3b9265102d776c4fc4d854c74264946cee87b112ac69295e3c281389c81d006db7113a72f4edca5df8741a325b42d05bfbc41d28b2b12d0356d23093c7b2ef8e6ff5d7a24b83c4388b31b6dd965e959d168ac93a47621aea0f8039d473aaa264c2f5541348dc92f623f88c5c9fd37e8cec006c194b49d3a7b50b9a8e8437328836211583d0b28029d2a1033840dc8b359dbc123327c6e375771cc4905b3d895a16e9d3957901878a0d6e174dcfe324f8cc9b1070869405e5a7014c6dc49dceb5ca985e3c281cb5a151092aafc231efddd16a59941f235880d8166e726848170ae815cdad3ee4096ee78090265563dfc1a66e8835869f551e6789f750", 0xf6f}], 0x2, 0x0, 0x0, 0x4}], 0x1, 0x43855)
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
r4 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x54da04, 0x2)
getdents64(r4, &(0x7f0000005140)=""/4103, 0x1007)

7.742933778s ago: executing program 2 (id=2004):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f081000000098", 0x8)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003280)=[{{&(0x7f0000000100)=@nl=@unspec, 0x12, 0x0}}], 0x1, 0x0)
socket$inet(0x10, 0x3, 0x0)

7.237964402s ago: executing program 3 (id=2005):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x800, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})

6.758819515s ago: executing program 1 (id=2006):
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000100)='test_dummy_encryption', 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002280)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020)
mount(0x0, 0x0, 0x0, 0x2204c96, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1400c, &(0x7f0000000140)={[{@test_dummy_encryption}, {@jqfmt_vfsv0}, {@nouser_xattr}]}, 0x3, 0x473, &(0x7f00000009c0)="$eJzs281vFGUYAPBnZruFWrAV8Qv8qKKR+NFSQOXgQY0mHjAx0YMePDTtQpAFDK2JEBKLMXgyxsS78ei/4Ekvxngy8ap3Q0IMF0Eva2Z3puwuu4WW3W5hf79k4X3no+/zzMzbeWfebgBDayr7J4nYFhF/RMREo9q6wVTjvyuXz81fvXxuPola7Z2/k/p2/1w+N19sWuw3nlf2phHp50ns7tDu4pmzx+eq1crpvD6zdOKjmcUzZ58/dmLuaOVo5eT+Q4cOHph96cX9L/Qkz/FI89Kb73/91uEvW/Jvy6NHpjos21oUnqrVetzcYG1vKicjrev+2+hguGmliMhOV7ne/yeiFNdO3kS88dlAgwP6qlar1ca7r16uAXewJFrrujwMi+JGnz3/Fp/2QcAr/Rt+DNylVxsPQFneV/JPY83IyhuDctvzbS9NRcR7y/9+m32iP+8hAABa/JiNf57LRjvt47807m/a7u58bmgyIu6JiB0RcW+cjJ0RcV9EfdsHIuLBNbbfPkly/fgnvdh5z61rbKmzbPz3cj631Tr+K0Z/MVnKa9vr+ZeTI8eqlX2NY/JBPoyuzK7Sxk+v//5Vt3XN47/sk7VfjAXzOC6ObGndZ2Fuae5Wcm526XzErpFO+ScrMwFJRDwUEbvW2caxZ75/uNu6G+e/ipF1BtSk9l3E043zvxxt+ReS1ecnZ7ZGtbJvprgqrvfrbxfe7tb+LeXfA9n5v6vj9b+S/2TSPF+72P1ndTsdF/78ouszzXqv/9Hk3Xp5NF/2ydzS0unZiNHkcCPo5uX7r+1b1Ivts/z37unc/3fEtSOxOyKyi/iRiHg0Ih7LY388Ip6IiD3dD0v88tqTH7YvG7vp/Psry39hTec/LyRxZjRalnQtlI7//ENLo5MRy635X139/B+sl/bmS27m9197FNElwB4cQgAAANj00ojYFkk6vVJO0+npxt/w74xIq6cWl549curjkwuN7whMRjkt3nRNNL0Pnc3fuTTq5yOi8acFxfoD+Xvjb0pj9fr0/KnqwqCThyE33qX/Z5W/SoOODui7HsyjAbepNfX/pH9xABvP/R+G19r6/5a+xQFstHKn/j82iEiAjdfp/v/pAOIANl5b/zftB0PE+z8YXvo/DK3EnD4MpcWxWP3L+zcsFD9pnbvfsYUob4ow+laIdFOEccNCdm/bBGHcdoXB/l4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADolf8DAAD//xdy4aM=")
mkdir(0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x1, 0x4, 0x1, 0x0, r5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r5}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r7, &(0x7f0000000d40), 0x0}, 0x20)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r8, 0xfffd, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000022c0)=ANY=[@ANYBLOB="9feb010018000000000000004000000040000000020000000000000000000003000000000200000002000000030000000000000000000001050000000800000000000000010000050000000000000000"], 0x0, 0x5a}, 0x28)

4.645419873s ago: executing program 3 (id=2007):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.current\x00', 0x275a, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="010300000008fe", @ANYRESHEX], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.584106245s ago: executing program 0 (id=2008):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0x1, 0x2, 0xed4)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000240)=ANY=[@ANYBLOB="05000000000000007111310000000000fd76bd1000bd45856f00020000008500d38f0da75cf29d32586568000005000000950000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x70)
getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @broadcast, 0x4e21, 0x3, 'fo\x00', 0x11, 0x3240, 0x3a}, {@loopback, 0x4e23, 0x4, 0xc3, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000280)={{0x84, @empty, 0x4e20, 0x3, 'lblc\x00', 0x1d, 0x2, 0x2a}, {@loopback, 0x4e23, 0x10000, 0xc24, 0x9, 0xfffffffb}}, 0x44)

4.473608387s ago: executing program 5 (id=2009):
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
r0 = memfd_secret(0x0)
fchownat(r0, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8810}, 0x8000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r8)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000080)={'wpan1\x00'})
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r8, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@newtfilter={0x5c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xd, 0x4}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x4, 0x1, 0x5}, {0x4, 0xeb, 0x8, 0x2, 0x8, 0x1}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x20000, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='vfat\x00', 0x200000, 0x0)
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x42}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000400)="aa", 0x5dc}], 0x1}, 0x2000c014)

4.473324267s ago: executing program 1 (id=2010):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x14, 0x0, 0xffffffffffffffdc)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x2, 0x1}, 0x20)
add_key$fscrypt_v1(&(0x7f00000002c0), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r5 = openat$mixer(0xffffffffffffff9c, 0x0, 0x101180, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r5, 0xc0040d07, &(0x7f0000000040)=0x121)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg(r6, &(0x7f000000c1c0)={0x0, 0x0, 0x0}, 0x20)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="018d008dffff"})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x28, 0x2, 0xfd, 0x5ae9}, {0x20, 0x7f, 0x4, 0xffeff038}, {0x6, 0x0, 0x8, 0x7}]}, 0x10)
socket$netlink(0x10, 0x3, 0x0)

4.473199097s ago: executing program 2 (id=2011):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f0810000000", 0x7)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003280)=[{{&(0x7f0000000100)=@nl=@unspec, 0x12, 0x0}}], 0x1, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
socket$inet(0x10, 0x3, 0x0)

4.214800384s ago: executing program 0 (id=2012):
socket$inet6(0xa, 0x1, 0x8010000000000084)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x84c00)
setsockopt$inet_mtu(r3, 0x0, 0xa, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.sectors\x00', 0x275a, 0x0)
sendfile(r3, r5, 0x0, 0x7ffff004)

3.323704119s ago: executing program 3 (id=2013):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@nombcache}, {@user_xattr}, {@test_dummy_encryption}]}, 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x100, 0x52)
r3 = socket(0x10, 0x80002, 0x0)
socket(0x28, 0x5, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{0x0}, {&(0x7f0000000300)="87fb74cf4d67adbb", 0x8}], 0x2}, 0x0)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='nr0\x00', 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000300)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x48818}, 0x4000000)
sendmmsg$inet(r4, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1, 0x0, 0x0, 0x2000000}}], 0xfdef, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000380)=@deltaction={0x25c, 0x31, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x50, 0x1, [{0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x81}}, {0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xf86}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xd37}}]}, @TCA_ACT_TAB={0x18, 0x1, [{0x14, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}]}, @TCA_ACT_TAB={0x70, 0x1, [{0xc, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x10, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}]}, @TCA_ACT_TAB={0x68, 0x1, [{0x14, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80000001}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x10, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}, @TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}]}, @TCA_ACT_TAB={0x24, 0x1, [{0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0x10, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}, @TCA_ACT_TAB={0x2c, 0x1, [{0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x101}}, {0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @TCA_ACT_TAB={0x34, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}, @TCA_ACT_TAB={0x44, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xba75}}]}, @TCA_ACT_TAB={0x2c, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}]}, 0x25c}}, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r2, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @aes128, 0x0, @desc3})
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
syz_genetlink_get_family_id$tipc(&(0x7f0000000600), r3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)

3.291652499s ago: executing program 2 (id=2014):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
read$alg(r2, &(0x7f0000002300)=""/4128, 0x1020)
sendmmsg$alg(r2, &(0x7f0000004740)=[{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000100)="2326eb3bc485ff633bcd9debcc0e6904c4d49561c4054d1b2d20548f155c7a88bbe137c77bf5b4f8e51fa3c7100816", 0x2f}, {&(0x7f0000000580)="19f93ebd16d77b148e1baf8f6a44c40421251e0b1857a17f0a5bca203be047055e28838956423eb59c692e2bccf6384ccc0dcff2bc70d7e4f203914687beb53f58617138635a271ea0aebfa9823c3cdc087a4a4cf6f05d045a9078fa420a7b55db0b097de4ab8293e2d8fe0232501540fae10edb25e72b1c405b994f6a431ad7a84a3a0f889f58392fcd311ed76e927977f557573e6704336757d5cf5959f1c1cbf5dfdec7a605baa21acca336c858c12c297bcf79d05ec537c9ccb0822a41af0a087585d9f5ff4eab079b973b80df2a4a750def893b6fc122720af7e5e2075bf411588e2f03f22b7169e5bf4b23dfc8a93f8fcc5000b63446416ad40f972ee42375987022de850241bc742241dcf006ef8524446cc09a1c431038631aecd3a9e88d2c7e0251ca59af770dee5d2959944d9133a423598f8df2ca6640ac4b3c69106db75dd5d64b7a91307ede0ca702bf5fb150d35d3cebfa63b9d482e552d8fdd0c56f68c1e3b4276bd440a6e33e45ce87fa2837aff2ef1f0172dd571db93e099b5962fbf5a33c3aeee526675b2e158d459abe98828e8714f801b6f142d2167e5db04c19107c15805a08b1fa8b5324d59a2474e25ba03d59674c7abb92b7bd6c354f620553644170f48b142fa92724f71acde0029c2f35b287c465c76f194e309bd56dbf251554df3d12187eb42b49424529792a4c525763daf501fd08b0c5d39628d8c1548daa57359e91b8f1c356765f31275b0ef99b1ca4e0afded90b4d72c6dc27dd7c642b541376345f4f56b058a84cc8f91bee1dd8c3b33be183beed5ee168bf53f8b26fec087a86487874c6321d0852d6009de75391ed05486ab7c61bb99d6f67aad9517a1512483ec7a957f922efd087c06362be8335f57c872a43a4f60a847f7aeda78c892f9da94d55050b166b4c1e6bcd882f3d7f2bae25116e6eeeb7d322f3aaac27c2b7aa392d7eaf1ff9a8fc43096d816f10d202f30407a900e0a3a2588ede342032664eac0ca8f7b84d432a88ec7e8081cb8eda7f72c3fecd4254dd69a1f468647fb9e23c350293c625f32dab262948bb3613e272d7a6ed1438240841d1510df97da79938c66072f1fc12f85291b252e120014f14e33372617fd4b701500d4846233f77eb5fb83597e7d3cbb119eb264ec71d6d194157b1a56a00daf8fd0e198f42a97387046287979d71341054afe7b52d724f95dfa658eaa7b57975b5859f2910051046255abeb6a1dee2db2844f5948a4d76632a9a5240874f6dd3d88abd1135902352a5e0be91362aaea7d80a7b9957f0704af48abf1678cdc821f5b6481960bc5e385628d1cd203f8a305edfa410e0973a8f8b057c80e56811be27be95ec445179e5314ad630fb09da514a7dfe35920fbd6b654ab29311af3e202c29b96e67f2f636ae8851446801ed5ff72909606636aa250f4c81f176720c3d283ba9a3c4e70d6ec5fb7b8739ac0763e20fab7545f8622cef84cda7415f174bb6d222476c3531f83b072b8c2e60d6533086c0cf0a8806e705ade8d16d5492f0c66eca6460df9b22458b99f7cfe42b274b5471f38443a67b37c9361ec07632899dfe061d54bf2b4058361cb71bce11876e51a14309bfe4e95172cc8493c9bc5e405499080bbeadc5badbf3fb8c504989c1f56380c57171a610933ea0f9f57ea75a48f68314dd38e8bebbbcdc1fcba4c8bedc0ad9066505c9f01c438a6b8fa73409b059ba2229d50139e3ff9f6fb5efd221897c182139cd001075efcc3b7f88553ef209886530b80bc16b56c9ff5eceaaeeb458f7ee93a11c471df740fb3b23e009a450cc17106fd7a4bf6b7a9a72b616aba9abba76c6db12756ffc5c2adb049642162fdddb94a46ed4e73c1aeb6be704ca3654edd647b5a4bc3ad56de00cc9784798eb4089edc53ce998730dc49a00b91a0f2a0077425172c832a0d11cd725fd78584def9a1d7b6ddcaabb3230b8c8c43bf0e0271fa3d30e73cb979b8bd2d06295b797c58381aa43a1870ab4585f7ad54a66a2612679d8ee1c6b805dfb67484697db84a52a38f87509982bdb122e06d25641fe24f66373188e17a5649298405a4e5e051adf17ab2a23aed3e5684d6acf79fe45e308988c009c8c2487eedd89c85cde9bb2a8458c73e0cf0625f7ea27615fba8b6178d57aad958082ce97c77fc36137cdb8b44ccbf74418ea1780866b82bfaeb43163519ffbdd203f50e3ac31ddd44096ef0cefab0d5c4b9ff766052c4f13404bc1ec99000ab9867b4eca2a8c142d83a5bce0cc7d632d0d7e3d6ece6bc0a251f851773313d5896a8aea80d1d828f5c4b2eee884b1176e44b9d97d243b080c24cd93e7fd4a6bf1a951fc9248037e975e374c5d519b0e169f58c6fb622600e95686a24e8a68aff08a587708eb50404314ca0340c29c1d79b5635042278e939a09ce09e9d1b4303f3fb6eb5145b7a3d15d5f52e321a4cc4fabcec033a420afabf0a10fd9c300fd9df03366ae24acab23120750a2b55e46dc8f87b0d737664abdc05f60241aeb9d071f70001b759181aa563d9f3eb1be3969525da1993b903e9f6b10d41db915bc1488a256a627bb74331968d75a3853d9deddc0af06d37e53665158b729d9f0bc824b18db76ee5b6b411dc9b1f2a5a4c1760f507aad98d47bc8867a934f81e8c480244e7a7992ae7565f31d1062e60ab794f5e5245d36e783d2a07f28b4c39626866aa1e4b582ba7d1e3b01a9278c6c1e522ec43c687a4cceb5ec4c0e9312f55848eb0c39d3c5db6e98d4960f8f14c7524864981c1208a56a506e1542469235645019877f27672507ece8f86927643e90dbfb72e6a41a09f394b1857ef6b72f1897e7475a930307b56643b625908407a284a7a48cc529faf612c6732dca7ba37ab25ded83171f7dfe25426589991d90f53532fb822e2248e8c2a87a3303b1ca4d500eb6f039da96df9ca586f0ebc9e4396be76d0ba411f7347378fc7170e739ef650264ae8d8f9bdb32010401fdb64dd18b89710fc59e50ba26cd7e41876d523a42f8dee7422d5c36b2963e2ee01b792ddc6b3bce00e5156e231924806102e2e8d8d446c8d08e13bcc3688f8b1860d0f372266207eae2d2cdbe6afded42279626a5cd7d8e67f58e7a515ba82cda11752366c7297b073e857dbf91260d43a2e950bcd24e18eeea309a2f025cfec7f7aaa3a90af305a36270312bb97ce06771d0303a2cf8042ea899a152cbfee2cf92c545b7efae43bdb903f00cede505aff933f82cdd1eac78156a3e0bdccab4ef66991d3015ad2faaa6b31807f44b4e5a4d4ecf35eb1e4cc8e6c5194622fb5e55a77d19f91fcfe994598a41d03eb460b4ecc681299f4e1c3050bc1b467bc89f27ce2e157eecb33be6f3da599b9262281be95354f0fc898d85571ffa10646dbcf345a6bb8c9f997823d36bfca2c36b5ce8f6d78db57fc1e2f6bc5948878cf17fb9b4dbc1c598834c9b4ee27a0e1b20b964081d533f8a01d8f6454e13eb871cef92e7e90d35f5482b273c705600cbeef7aec3d5f647b441a30db6b4eb70dca188f44e5a7e45a1f6ab4ed66d023aae2b11c15e1e310e4aeea8875de08f6d2c63a36cd38f225ffe69617e7b764e8d9eda92f4c5ea0e31c328810898279cc5a2fd7519764b7c5cc4fa31b51d80baac201e114724cbe936b795d497d0ad9f01005e72b399dd29cba7d2c267d2d959cbcba0f11584c01400407963ec9b0ff184866344e4bb8f4a29ce2b13462a46cee1b9a8931bca48e0726b6fcb5b64f2009b011cfb46abde8987eb7eb8afcd3fe2a38b98716ebd92f7ca438fd353b9b208a128b45725cc2f4275238a66f3edf0cdc084fe6167f2a440c42a4610dc362a147c121d1d6fb2daa9ddb09ac77746ff74e169c9a35ce5222c0614dd8a58847222ed3ffacf1327f0b161838342882324d805955c028ad63632528b69c73a6192306bca394372925190587051d98b592b9ff96b1aa6cb03f935f0dc8dd0560cf6c7aa36cbb4a36ae850d65b3f2fc08e16e62debb0401703c7084eabdce81be6b8afbd091ee608f1c874f329bc38370701d8597de0c5e383c91855c3ac016a00732b25c9ae7084dbca7704ae84361cf08c1bde6a8b133e18b4bc27487ba429b06951abac6e98f9b4e779f61f9b19710e7cfaf5e74f7748947b1475a538479e75e786049fe9ed18ebd78b169a2c242cddfb824655886843eb4e59e1c340bab6b0083648892425309507222c77652c04b790c5a7de3b3806c306caa5673e201e964110d84f26bce803a1afcb9f8c005dc38014e6589ce2c5eab5a630236579fee16cac65f61516b76597fbcad6d805161cdca14c8b849e4c8fe6901b5a49471eda6d1626155aad8eb5112f2b3808b50cc663f793982e7a787860", 0xc1b}], 0x2, 0x0, 0x0, 0x4}], 0x1, 0x43855)

3.083413825s ago: executing program 5 (id=2015):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000180)={0x1, 0x0, [{0x4000009a, 0x0, 0x5}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x8140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x3}, 0x10)
syz_open_dev$evdev(&(0x7f0000000100), 0x2, 0x862b01)
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x880, &(0x7f0000000880)={[{@time_offset={'time_offset', 0x3d, 0x6}}, {@fmask={'fmask', 0x3d, 0x4}}, {@discard}, {@namecase}, {@discard}, {}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@iocharset={'iocharset', 0x3d, 'cp865'}}]}, 0x1, 0x1548, &(0x7f0000003300)="$eJzs3AuYTlXbOPD7XmvtMSSeJjkMa6178ySHRZLkkCSHJEmSJKfklCZ5JSExhCQNSUgOQxJDSA4Tk8b5fD4kJEmTJCE5Jet/Tbi8vdW/vq++1/e9c/+ua1+z7mfve+21n3s/z7P2npnnm65DazauVa0hEcFfghd+JAJALAAMBIDcABAAQLm4cnGZ67NLTPxrO2F/rwdTrvQI2JXE9c/auP5ZG9c/a+P6Z21c/6yN65+1cf2zNq4/Y1nZpmkFruEl6y58////uNi/ksyf//9BMkqN/WJNqeu6AcT8ia2zA9c/y+P6/8cK/sxGXP+sjeufVf2laSP7P+DpP7ENv/6zgmy/u4brn7Vx/RnLyq70/ec/vyAA/P39QuR/2XNwJPuFwvyb9nelzz/GGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY1nDaX+ZAoBL7Ss9LsYYY4wxxhhjjP19fLYrPQLGGGOMMcYYY4z9z0MQIEFBADGQDWIhO+QAAQBXQy7IDRG4BuLgWsgD10FeyAf5oQDEQ0EoBBoMWCAIoTAUgShcD0XhBigGxaEElAQHpaA03Ahl4CYoCzdDObgFysOtUAEqQiWoDLdBFbgdqsIdUA3uhOpQA2pCLbgLasPdUAfugbpwL9SD+6A+3A8N4AFoCA9CI3gIGsPD0AQegabQDJpDC2j5+/ntEOB38p+DnvA89ILekAh9oC+8AP2gPwyAF2EgvASD4GUYDK9AEgyBofAqDIPXYDi8DiNgJIyCN2A0vAljYCyMg/GQDBNgIrwFk+BtmAzvwBSYCikwDabDuzADZsIseA9mw/swB+bCPJgPqfABLICFkAYfwiL4CNJhMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22ww74GHbCJ7ALdsMe+BT2wmf/xfxT/5LfDQEBBQpUqDAGYzAWYzEH5sCcmBNzYS6MYATjMA7zYB7Mi3kxP+bHeIzHQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOiyNpbEM3oRlsSyWw3JYHstjBayIFbEyVsYqWAWrYlWshtWwOlbHmlgT78K7sA/WwTpYF+tiPax36fYUNsSG2AgbYWNsjE2wCTbFptgcm2NLbImtsBW2xtbYFttie2yPHbADJmACdsSO2Ak7YWfsjF2wC3bFrtgNu2P3jOeyAT6Pz2NvrC76YF/si/0wKdsAfBFfxJdwEL6ML+MrmIRDcCi+iq/iazgcT+IIHImjcBRWEW/iGByLJMZjMibjRJyIk3BS5ukG7+BUTMFpOB2n4wyciTPxPZyN7+P7OBfn4nxMxVRcgAsxDdNwEZ7CdFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9GBYCf4G7cjUm4F/fiPtyH+3E/HsADmIEZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/CZ+K8afVx8dRKITEooESNiRKyIFTlEDpFT5BS5RC4RERERJ+JEHpFH5BV5RX6RX8SLeFFIFBJGGEEijAEAERVRUVQUFcVEMVFClBBOOFFalBZlRBlRVpQV5cQtory4VVQQFUUbV1lUFlVEW1dV3CGqiWqiuqghaopaopaoLWqLOqKOqCvqinqinqgv7hcNRB8cgA+KzMo0FkOwiRiKTUUzIS++g7USw7G1aCPainZiJI7ADqKVSxBPio5iDHYS/xBj8WnRRYzHruJZ0U10Fz3Ec6KnaO16id5iMvYRfcVU7Cf6iwHiRTEDa4j3cHb2muIVkSSGiKHiVTEfXxPDxetihBgpRok3so8Wb4oxYqwYJ8aLZDFBTBRviUnibTFZvCOmiKkiRUwT08W7YoaYKWaJ98Rs8b6YI+aKeWK+SBUfiAVioUgTH4pF4iORLhaLJWKpWCaWixVipVglVos1Yq1YJ9aLDWKj2CQ2iy1iq9gmtosd4mOxU3widondYo/4VOwVn4l94nOxX3whDogvRYb4ShwUX4tD4htxWHwrjojvxFFxTBwX34sT4gdxUpwSp8UZcVb8KM6Jn8R54QVIlEJKqWQgY2Q2GSuzyxzyKplTBhef3WtknLxW5pHXybwyn8wvC8h4WVAWkloaaSXJUBaWRWRUXi+LyhtkMVlclpAlpZOlZGl5oywjb5Jl5c2ynLxFlpe3ygqyoqwkK8vbZBV5u4TIhX1UlzVkTVlL3iUT4W5ZR94j68p7ZT15n6wv75cN5AOyoXxQNpIPycbyYdlEPiKbymayuWwhW8pHZSv5mGwt28i2sp1sLx+XHeQTMkE+KTtKf/EUeVp2kc/IrvJZ2U12lz3kT/K89LKX7C2hD8i+8gXZT/aXA2IBQL4kB8mX5WD5ikySQ+RQ+aocJl+Tw+XrcoQcKUfJN+Ro+aYcI8fKcXK8TJYT5ET5lpwk35aT5TtyipwqU+Q0OUAO/LmnWVL+Yf5bv5E/+Oe9b5Sb5Ga5RW6V2+R2uUN+LHfKnXKX3CX3yD1yr9wr98l9cr/cLw/IAzJDZsiD8qA8JA/Jw/KwPCKPyKPymDwjv5cn5A/ypDwlT8kz8qw8K89dfA5AoRJKKqUCFaOyqViVXeVQV6mc6mqVS+VWEXWNist8F1bXqbwqn8qvCqh4VVAVUloZZRWpUBVWRVRUXY8XTxhVQpVUTpVSpdWNF/LVtSrPH+erouoGVUwV/0X+pfEl/s74WqqWqpVqpVqr1qqtaqvaq/aqg+qgElSC6qg6qk6qk+qsOqsuqovqqrqqbqqb6qF6qJ6qp+qleqlElaj6qhdUP9VfDVAvqoHqJTVIDVKD1WCVpJLUUDVUDVPD1HA1XI1QI9QoNUqNVqPVGDVGjVPjVLJKVhPVRDVJTVKT1WQ1RU1RKSpFTVfT1Qw1Q81Ss9RsNVvNUXPUPDVPpapUtUAtUGkqTS1Si1S6WqwWq6VqqVqulquVaqVarVartWqtWq/Wq3S1SW1SW9QWtU1tUzvUDrVT7VS71C61R+1Re9VetU/tU/vVfnVAHVAZKkMdVAfVIXVIHVaH1RF1RB1VR9VxdVydUCfUSXVSnVan1Vl1Vp1T59R5dT5z2heIQAQqUEFMEBPEBrFBjiBHkDPIGeQKcgWRIBLEBXFBnuC6IG+QL8gfFAjig4JBoUAHJrCBuFj0aHB9UDS4ISgWFA9KBCUDF5QKSgc3BmWCm4Kywc1BueCWoHxwa1AhqBhUCioHtwVVgtuDqsEdQbXgzqB6UCOoGdQK7gpqB3cHdYJ7grrBvUG94L6gfnB/0CB4IGgYPBg0Ch4KGgcPB02CR4KmQbOgedAiaPm39u/9yXyPuV66t07UfXRf/YLup/vrAfpFPVC/pAfpl/Vg/YpO0kP0UP2qHqZf08P163qEHqlH6Tf0aP2mHqPH6nF6vE7WE/RE/ZaepN/Wk/U7eoqeqlP0ND1dv6tn6Jl6ln5Pz9bv6zl6rp6n5+tU/YFeoBfqNP2hXqQ/0ul6sV6il+plerleoVfqVXq1XqPX6nV6vQK9UW/Sm/UWvVVv09v1Dv2x3qk/0bv0br1Hf6r36s/0Pv253q+/0Af0lzpDf6UP6q/1If2NPqy/1Uf0d/qoPqaP6+/1Cf2DPqlP6dP6jD6rf9Tn9E/6vPaZk/vMj3ejjDIxJsbEmliTw+QwOU1Ok8vkMhETMXEmzuQxeUxek9fkN/lNvIk3hUwhk4kMmcKmsImaqClqippippgpYUoYZ5wpbUqbMqaMKWvKmnKmnClvypsKpoKpZCqZ28xt5nZzu7nD3GHuNHeaGqaGqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYpqapaW6am5ampWllWpnWprVpa9qa9qa96WA6mASTYDqajqaT6WQ6m86mi+liupquppvpZnqYHqan6Wl6mV4m0SSavqav6Wf6mQFmgBloBppBZpAZbAabJJNkhpqhZpgZZoab4WaEGWlGZU5UzZtmjBlrxpnxJtkkm4lmoplkJpnJZrKZYqaYFJNippvpZoaZYWaZWWa2mW3mmDlmnplnUk2qWWAWmDSTZhaZRSbdpJslZolZZpaZFWaFWWVWmTVmjVkH68wGs8FsMpvMFrPFbDPbzA6zw+w0O80us8vsMXvMXrPXI4DZb/abA+aAyTAZ5qA5aA6ZQ+awOWyOmCPmqDlqjpvj5oQ5YU6ak+a0OW3OmnwXPy+9ibXZbQ57lc1pr7a5bG77r3F+W8DG24K2kNU2r833i9hYa4vZ4raELWmdLWVL2xt/FVewFW0lW9neZqvY223VX8W17d22jr3H1rX32lr2rl/E9ex9tr592DZABLDNbCPbwja2D9sm9hHb1DazzW0L294+bjvYJ2yCfdJ2tE/9Kl5gF9pVdrVdY9faXXa3PW3P2EP2G3vW/mh72d52oH3JDrIv28H2FZtkh/wqHmXfsKPtm3aMHWvH2fG/iqfYqTbFTrPT7bt2hp35qzjVfmBn2zQ7x8618+z8n+PMMaXZD+0i+5FNtwEssUvtMrvcrrArL43V57br7Qa70e60n9gtdqvdZrfbHZcmwna33WM/tXvtZ/ag/drut1/YA/awzbBf/RxnHt9h+609Yr+zR+0xe9x+b0/YH9Sl7Mxj/97+ZM9bb4GQgCQpCiiGslEsZaccdBXlpKspF+WmCF1DcXQt5aHrKC/lo/xUgOKpIBUiTYYsEYVUmIpQlK6nS8MrQSXJUSkqTTdSGbqJytLNVI5uofJ0K1WgilSJKtNtVIVup6p0B1WjO6k61aCaVIvuotp0N9Whe6gu3Uv16D6qT/dTA3qAGtKD1Igeosb0MDWhR6gpNaPm1IJa0qPUih6j1tSG2lI7ak+PUwd6ghLoSepIT1En+gd1pqepCz1DXelZ6kbdqQc9Rz3peepFvSmR+lBfeoH6UX8aQC/SQHqJBtHLNJheoSQaQkPpVRpGr9Fwep1G0EgaRW/QaHqTxtBYGkfjKZkm0ER6iybR2zSZ3qEpNJVSaBpNp3dpBs2kWfQezab3aQ7NpXk0n1LpA1pACymNPqRF9BGl02JaQktpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbacd9DHtpE9oF+2mPfQp7aXPaB99TvvpCzpAX1IGfUUH6Ws6RN/QYfrW96bv6Cgdo+P0PZ2gH+gknaLTdIbO0o90jn6i8+QJQgxFKEMVBmFMmC2MDbOHOcKrwpzh1WGuMHcYCa8J48JrwzzhdWHeMF+YPywQxocFw0KhDk1oQwrDsHBYJIyG14dFwxvCYmHxsERYMnRhqbB0eGNYJrwpLBveHJYLbwnLh7eGFcKK4cP3Vg5vC6uEt4dVwzvCauGdYfWwRlgzrBXeFdYO7w7rhPeEdcN7w7LhfWH98P6wQfhA2DB8MGwUPhQ2Dh8Om4SPhE3DZmHzsEXYMnw0bBU+FrYO24Rtw3Zh+/DxsEP4RJgQPhl2DJ/6ef19C39/fWLYJ+wbvhC+EHp/j5wXnR9NjX4QXRBdGE2LfhhdFP0omh5dHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH90Q3Rj1vlY2cOiEk065wMW4bC7WZXc53FUup7va5XK5XcRd4+LctS6Pu87ldflcflfAxbuCrpDTzjjryIWusCviou56V9Td4Iq54q6EK+mcK+VKuxaupWvpWrnHXGvXxrV17Vw797h73D3hnnBPuo7uKdfJ/cN1dk+7Lu4Z94x71nVz3V0P95zr6SbkuvCaTHR9XV/Xz/VzA9wAN9ANdIPcIDfYDXZJLskNdUPdMDfMDXfD3Qg3wo1yo9xoN9qNcWPcODfOJbtkN9FNdJPcJDfZTXZT3BSX4lLcdDfdzXAzXJWZF/Yyx81x89w8l+pS3QKXOWdMc4vcIpfu0t0St8Qtc8vcCrfCrXKr3Bq3xq1z69wGt8FtcpvcFrfFbXPb3A63w+10O90un/tCp26v2+f2uf1uvzvgvnQZ7it30H3tDrlv3GH3rTvivnNH3TF33H3vTrgf3El3yp12Z9xZ96M7535y5513yZEJkYmRtyKTIm9HJkfeiUyJTI2kRKZFpkfejcyIzIzMirwXmR15PzInMjcyLzI/khr5ILIgsjCSFvkwsijyUSQ9sjiyJLI0siyyPOJ9wS2hL+yL+Ki/3hf1N/hivrgv4Ut650v50v5GX8bf5Mv6m305f4sv72/1FXxFX8k/4pv6Zr65b+Fb+kd9K/+Yb+3b+La+nW/vH/cd/BM+wT/pO/qnfCf/D9/ZP+27+Gd8V/+s7+a7+x7+Od/TP+97+d4+0ffxff0Lvp/v7wf4F/1A/5If5F/2g/0rPskP8UP9q36Yf80P96/7EX6kHxXzhh996RIZxvtkP8FP9G/5Sf5tP9m/46f4qT7FT/PT/bt+hp/pZ/n3/Gz/vp/j5/p5fr5P9R/4BX6hT/Mf+kX+I5/uF1+6qexX+JV+lV/t1/i1fp1f7zf4jX6T3+y3+K1+m9/ud/iP/U7/id/ld/s9/lO/13/m9/nP/X7/hT/gv/QZ/it/0H/tD/lv/GH/rT/iv/NH/TF/3H/vT/gf/El/yp/2Z/xZ/6M/53/y5/l/1hhjjDHG/pQJl5vil2su3M7v8xs54p827gsAV28tkPHP6zNnlOvyXmj3F/HtIwDwZO+uD15aqldPTEy8uG26hKDIXIBLvwnKFAOX48XQFh6HBGgDZX5z/P1F97P0B/1HbwHI8U85sXA5vtz/5wCY+Bv9P9pu1ILy4em4/0//cwGKFbmckx0ux4uh7c/3V9pA2d8Zf75WfzD+7F8kA7T+p5yccCk+ePHbGjLHXxoeg6cg4RdbMsYYY4wxxhhjF/QXlTpfuv689Befv3V9Hq8u52SDy/EfXZ8zxhhjjDHGGGPsynu6e48nHk1IaNP5v96o+t/K+tONJvA/1TM3frPhPcClRxQA/MUOATIb8t95FJv/LftKuvjS+ddVy874AP53lPLvaFzhNybGGGOMMcbY3+7ypP+Xj6srNSDGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYywL+nd8ndiVPkbGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsSvt/AQAA///BeAKt")
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xe}, {0x5, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010829bd7000000000000b00000008000300", @ANYRES32=r7, @ANYBLOB="60005080110001004abee339084eeef16f162471f4000000080003000aac0f000500020007"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
close(r3)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0xc004743e, 0x110e22fff6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r9=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000300)=@ethtool_cmd={0x25, 0x7, 0x40, 0x0, 0x4, 0x8, 0x0, 0x5, 0x7, 0x42, 0x5, 0x10, 0x3, 0x6d, 0x6, 0x6, [0xad]}})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x30, r11, 0x1, 0x72bd29, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_TX_RATES={0x14, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x10, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x5, 0x9}]}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x4004040)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000180)={0x2, &(0x7f00000000c0)=[{0x20, 0x1, 0x0, 0xfffff038}, {0x6, 0x0, 0x0, 0x2}]})
ioctl$TUNGETVNETLE(r3, 0x40107447, &(0x7f0000000000))
r13 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r13, 0x4004743d, 0x110e22fff6)
write$cgroup_type(r13, &(0x7f0000000280), 0x9)

2.90532443s ago: executing program 2 (id=2016):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x2, 0x1}, 0x20)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
recvmsg(0xffffffffffffffff, &(0x7f000000c1c0)={0x0, 0x0, 0x0}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x0, 0x2, 0x3, 0x9, 0x0, 0xc96e}, 0x20)
close(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="018d008dffff"})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x28, 0x2, 0xfd, 0x5ae9}, {0x20, 0x7f, 0x4, 0xffeff038}, {0x6, 0x0, 0x8, 0x7}]}, 0x10)
socket$netlink(0x10, 0x3, 0x0)

1.873180828s ago: executing program 3 (id=2017):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x800, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})

1.767162741s ago: executing program 2 (id=2018):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c73d8a0870272091776c0102ef010902120001000000000904"], 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r1, &(0x7f0000000340), 0x8)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

1.353515102s ago: executing program 0 (id=2019):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c3e616dc4010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x173)
mount$overlay(0x0, 0x0, 0x0, 0x20045a, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000002540)={0x2c, &(0x7f0000002380)={0x40, 0x31}, 0x0, 0x0, 0x0, &(0x7f0000002500)})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="020000000100030000000000040001000000000020"], 0x1c, 0x2)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1080c, &(0x7f0000000180)=ANY=[], 0x3, 0xa53, &(0x7f0000002640)="$eJzs3U2MW0cdAPBn73rzWeKUhIa0tAmFtgK62+yG8BFBUzUXoqbiVqniEqVpiUgDIpWgVQ5JTtxoFYUb4kOceqkAIdELinriUolG4tJT4cCBKEiROEBLYhTvjNf+x+6zk9196/XvJ43H783YM8/7/PZ53puZAphY9fZjo/146e2Lh//5yD823Xr+ZCdHs/043bV0K3ctLU+H9/tgajG+cf3s8X5xrZhvP+bl4tlrndduKYriXLGnuFw0i92Xrrzx7vwzR88fubD3vTcPXl2JbQcAgEnz7csH9+/821/u3/7hWw8eKjZ01ufz82Za3prO+w+lE/98/l8vepdrXaHbTMg3nUI95Jvqk6+7nEbOt7H3dbH8mfC+jQH5NpSUP9W1rt92wzjL+3GzqNVne5br9dnZxd/kRft3/Uxt9vTJUy+eqaiiwLL790NFUewRhEkLrW2dL0HldakudH0KAJWK1wtvcy62LNydzrtND1f+tafq/V8Py2C193/lx/fvrcdql1+2/b8574jD8hl+b9q4ovVYbnm78vdoa1qO1xHi/UujHn/y+02F92sMWc9B1xHG5frCoHpOrXI97tSg+sf9Yr36Rorz5/DNkN79/Yl/03H5GwP9/WfNtf9vWqpc5XUZKWwc03oLExxa1Rx2gDEQ75trJTk93tcX0zeUpG8sSd9Ukr65JH1LSTpMst+/8tPi9drS7/z4m/7G9bPtL8uw7WG5ne2eFH9ixPrE9shR2+Pifb+jutvy4/3EsJb98dhzJ776wvNXFu//r3X2/5tpf9+Tlpvpu3U5ZcjthbFdvXPvf7O3nPqAfPeG+tzTJ3/7+Y7efLUdS+9TdB1nbqvHrt7XbRuU74HefM2Qb1MK8SpIPD/ZHF6Xzz/ycTV/XtNhexthO2ZCPfJxZXuKx+tqDGtV3h8H3f+f989dRaP24slTJ55Iy3k//fNUY8Ot9ftWud7A3Ru2/8+uorf/z9bO+ka9+7iwbWl9rfu40Azr5wesX0jL+f/cd6c2tdfPHv/+qReWe+Nhwp159bXvHTt16sQPPfHEE086T6o+MgErbe6Vl38wd+bV1x4/+fKxl068dOL0woEDC/PzB762sH+ufV4/1312D6wnS//0q64JAAAAAAAAAAAAMKwfHTl85a/vfOX9xf7/S/3/cv//fOdv7v//k9D/P/aTz/3gcz/A7X3S23nCAKszIV8jhU+G+u4I5ewMr/tUijvz+KX+/7m4OK5rrs99YX0cvzfnC8MJ3DZeykwYgyTOF/jZFF9I8a8LqFDt5/1Xp7hsfOu8r+fxKYxLMZ7y3y2PZ5LHMcn9vweN65SP/9tXoY4sv9XoTlj1NgL9/WvNjf+93kPXL4bK6yKstXCj1WqtZnmtllk8gLWh6vk/c7tnjk//6Vsbb4Wc7dpTvcfLOH4p3I2q57+srPzcsDip2z9k+cs9/2dn/ruhj39hxrzmnZX7319cfb+r2GL3sOXH7c/jQO8YrfwPU/l5ax4thiu/9atQfrwgNKSPQvmbhyw/bv/FUQtOBf4vlZ8/tsceHrb8xTeo1XvrEduN8/W/2G6c3Qjbn8f2HPnvf4cTNd5M5cMkG5d5Zkc1LvP/DhLvw/hyWs4HwnyfQ5zvZNT65/sr8v+BneH9ayX/38z/O96+nuKy70Oe/zfvj80+y/Wu5Uafz3a9HmtgXH3g+p8w5qF9RrMG6jGOodVqrWyDVolKC6fyz7/q3wlVl1/1518mzv8bz+Hj/L8xPc7/G9Pj/L8xvd2u+NHSpL0xPc7/Gz/POP9vTL8vlBvnB95Vkv7pkvTdJen3l6Q/UJL+mZL0vSXpD5akP1SSfm9J+sMl6Z8rSf98SfojJemPfXz6wo9LXr/e5f4ok7r9MMli/zzff5gc+frPoO//jpJ0YHz97K19Tz//u+80F/v/z3TaQ/J1vENpuZF+O8ffS7H9ZCqlvZOW/x7S13p7B0ySOH5G/P/+aEk6ML7yfV6+3zCBav1H7Bl23KpB5/mMly+k+Isp/lKKH0/xbIrnUrwvxfOrVD9WxtO//cPB12tLv/e3hfRh7yeP/YHiOFELQ9Yntg+Mej97HMdvVHdb/h12BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhMvf24f/+uWlFcevvi4eeOnpy7tebJTo5m+3G6a6nReV1RPJHiqRT/Mj25cf3s8e74ZoprxXxRK2qd9cWz1zolbSmK4lyxp7hcNIvdl6688e78M0fPH7mw9703D15duU8AAAAA1r//BwAA///3txjh")
chdir(&(0x7f0000000080)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1ab341, 0x114)
chdir(0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x115)
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f00000001c0)='./file1\x00', 0x1, &(0x7f00000000c0)=ANY=[], 0x1e, 0x1b6, &(0x7f0000000840)="$eJzKKC4sZmBgYPj7sSaZwYEBDNgY+BhuMzIysDAggBs7hH7FBqH1oPwXUEWaUPFFUPo/FBRXVmUn5uSkFtGQgV2OCepyUkwEqUeXuvIxlp9UcwYbg4MBjxpGMgIKJ+M/kYo5McJ5yDPimSHhSB0Dvwy0d4pYBkWoEs9gxJRCcO0bmRjeglP69Y81ySBGArSUAomlQDETAwNcDSg2jyCpkWIBY0Zmhv9wNaDCD8RRZ2Bg0C/JLdAvrqzSzcxNTE9NT80zMjI2MzAxMDA10k/LzEk1gJCMSM6AFVEgGlT2gspUTiR5VgYGhnvQApYLqTBmeAmxFuY0qDwjsl5QOfwfWkhrKDOgACaG//xgvRwIMxgZDsD1QrUxgIIghEENpIyhvIERSVQFbAoLA9hLHgyMDMxQjiGs0mCE28UBltBLzs9JaWdgZGCEaVvOwAI3w/AxAyuYw4ZwI0TG2KIBJtQOpVWgtAeUXg4iLiC8J8+IWhexgE14AuVpNICcWJFYUlJkyHYeqsUQVOuBxYzYYLJGAnCbWaC2fmJD9ZwMO8MoGAWjYBSMglEwCkbBEAOAAAAA///PZVfV")
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x100)
syz_usb_control_io$hid(r0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]})
utimensat(0xffffffffffffffff, &(0x7f0000000240)='./cgroup\x00', &(0x7f00000007c0)={{}, {0x77359400}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r1, 0xc05c5340, &(0x7f0000001280)={0x0, 0x3, 0x400, {0x2ae3}, 0x135c, 0x10})

550.679134ms ago: executing program 3 (id=2020):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="11000000040000000400000005"], 0x50)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRES16=r0], 0x448}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x40000000000003a, 0x0) (fail_nth: 5)

179.283755ms ago: executing program 1 (id=2021):
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000100)='test_dummy_encryption', 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002280)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020)
mount(0x0, 0x0, 0x0, 0x2204c96, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1400c, &(0x7f0000000140)={[{@test_dummy_encryption}, {@jqfmt_vfsv0}, {@nouser_xattr}]}, 0x3, 0x473, &(0x7f00000009c0)="$eJzs281vFGUYAPBnZruFWrAV8Qv8qKKR+NFSQOXgQY0mHjAx0YMePDTtQpAFDK2JEBKLMXgyxsS78ei/4Ekvxngy8ap3Q0IMF0Eva2Z3puwuu4WW3W5hf79k4X3no+/zzMzbeWfebgBDayr7J4nYFhF/RMREo9q6wVTjvyuXz81fvXxuPola7Z2/k/p2/1w+N19sWuw3nlf2phHp50ns7tDu4pmzx+eq1crpvD6zdOKjmcUzZ58/dmLuaOVo5eT+Q4cOHph96cX9L/Qkz/FI89Kb73/91uEvW/Jvy6NHpjos21oUnqrVetzcYG1vKicjrev+2+hguGmliMhOV7ne/yeiFNdO3kS88dlAgwP6qlar1ca7r16uAXewJFrrujwMi+JGnz3/Fp/2QcAr/Rt+DNylVxsPQFneV/JPY83IyhuDctvzbS9NRcR7y/9+m32iP+8hAABa/JiNf57LRjvt47807m/a7u58bmgyIu6JiB0RcW+cjJ0RcV9EfdsHIuLBNbbfPkly/fgnvdh5z61rbKmzbPz3cj631Tr+K0Z/MVnKa9vr+ZeTI8eqlX2NY/JBPoyuzK7Sxk+v//5Vt3XN47/sk7VfjAXzOC6ObGndZ2Fuae5Wcm526XzErpFO+ScrMwFJRDwUEbvW2caxZ75/uNu6G+e/ipF1BtSk9l3E043zvxxt+ReS1ecnZ7ZGtbJvprgqrvfrbxfe7tb+LeXfA9n5v6vj9b+S/2TSPF+72P1ndTsdF/78ouszzXqv/9Hk3Xp5NF/2ydzS0unZiNHkcCPo5uX7r+1b1Ivts/z37unc/3fEtSOxOyKyi/iRiHg0Ih7LY388Ip6IiD3dD0v88tqTH7YvG7vp/Psry39hTec/LyRxZjRalnQtlI7//ENLo5MRy635X139/B+sl/bmS27m9197FNElwB4cQgAAANj00ojYFkk6vVJO0+npxt/w74xIq6cWl549curjkwuN7whMRjkt3nRNNL0Pnc3fuTTq5yOi8acFxfoD+Xvjb0pj9fr0/KnqwqCThyE33qX/Z5W/SoOODui7HsyjAbepNfX/pH9xABvP/R+G19r6/5a+xQFstHKn/j82iEiAjdfp/v/pAOIANl5b/zftB0PE+z8YXvo/DK3EnD4MpcWxWP3L+zcsFD9pnbvfsYUob4ow+laIdFOEccNCdm/bBGHcdoXB/l4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADolf8DAAD//xdy4aM=")
mkdir(0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x1, 0x4, 0x1, 0x0, r5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r5}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r7, &(0x7f0000000d40), 0x0}, 0x20)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r8, 0xfffd, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000022c0)=ANY=[@ANYBLOB="9feb010018000000000000004000000040000000020000000000000000000003000000000200000002000000030000000000000000000001050000000800000000000000010000050000000000000000"], 0x0, 0x5a}, 0x28)

117.775126ms ago: executing program 3 (id=2022):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f081000000098", 0x8)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003280)=[{{&(0x7f0000000100)=@nl=@unspec, 0x12, 0x0}}], 0x1, 0x0)
socket$inet(0x10, 0x3, 0x0)

0s ago: executing program 5 (id=2023):
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x0, 0x3, 0x7, 0x0, 0x1}, 0x50)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map, 0xffffffffffffffff, 0x7}, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)={0x14, 0x16, 0xa01, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'pim6reg1\x00', 0x2})
ioctl$SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000000000)={'dvmrp1\x00'})
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r0)
socket$packet(0x11, 0x3, 0x300)

kernel console output (not intermixed with test programs):

idge0: port 1(bridge_slave_0) entered forwarding state
[  502.797029][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  502.830998][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  502.843348][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  502.862436][ T4365] bridge0: port 2(bridge_slave_1) entered blocking state
[  502.869617][ T4365] bridge0: port 2(bridge_slave_1) entered forwarding state
[  502.920404][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  502.962534][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  502.981065][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  503.003484][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  503.021205][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  503.041371][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  503.064388][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  503.076109][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  503.086433][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  503.105792][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  503.116077][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  503.127347][ T8355] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  503.178399][ T4240] mcp2221 0003:04D8:00DD.000A: USB HID v0.01 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  503.400213][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  503.413121][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  503.436970][ T8355] 8021q: adding VLAN 0 to HW filter on device batadv0
[  503.647350][ T8436] loop2: detected capacity change from 0 to 512
[  503.683914][ T8436] EXT4-fs (loop2): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  503.869280][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  503.879670][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  503.935877][ T8442] udc-core: couldn't find an available UDC or it's busy
[  503.966831][ T8442] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  504.007636][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  504.017324][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  504.027006][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  504.035133][ T4365] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  504.047133][ T8355] device veth0_vlan entered promiscuous mode
[  504.161289][ T8355] device veth1_vlan entered promiscuous mode
[  504.620246][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  504.635855][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  504.716933][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  504.759745][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  504.933995][ T8355] device veth0_macvtap entered promiscuous mode
[  504.948559][ T8355] device veth1_macvtap entered promiscuous mode
[  504.967580][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  504.978382][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  504.989897][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  505.000914][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  505.011729][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  505.022697][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  505.926267][ T8452] loop2: detected capacity change from 0 to 131072
[  505.937500][   T21] usb 2-1: USB disconnect, device number 12
[  505.948074][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  505.971929][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  505.983653][ T8355] batman_adv: batadv0: Interface activated: batadv_slave_0
[  506.056002][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  506.085332][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  506.151307][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  506.166399][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  506.279675][ T8452] F2FS-fs (loop2): invalid crc value
[  506.305163][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  508.133503][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  508.144337][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  508.158127][ T8452] F2FS-fs (loop2): Found nat_bits in checkpoint
[  508.187666][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  508.199459][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  508.211913][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  508.267530][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  508.287112][ T8355] batman_adv: batadv0: Interface activated: batadv_slave_1
[  508.344594][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  508.394800][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  508.416965][ T8355] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  508.428257][ T8470] FAT-fs (nullb0): bogus number of reserved sectors
[  508.455528][ T8470] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  508.472902][ T8355] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  508.513960][ T8355] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  508.536325][ T8355] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  508.618203][ T8464] device syzkaller0 entered promiscuous mode
[  508.724309][ T4233] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  509.684353][ T4233] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  509.692505][ T4233] usb 4-1: config 0 has no interface number 0
[  509.724869][ T4233] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  509.758173][ T4233] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  509.792265][ T4233] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  509.796403][  T636] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  509.823610][ T4233] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.046631][ T4233] usb 4-1: config 0 descriptor??
[  510.140661][  T636] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  510.203570][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  510.774433][ T4233] usbhid 4-1:0.1: can't add hid device: -71
[  510.780480][ T4233] usbhid: probe of 4-1:0.1 failed with error -71
[  510.802292][  T636] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  510.803908][ T4233] usb 4-1: USB disconnect, device number 16
[  510.906186][  T636] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  510.963639][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  511.665655][ T8497] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1170'.
[  511.788410][ T8491] loop1: detected capacity change from 0 to 131072
[  511.854198][ T8491] F2FS-fs (loop1): invalid crc value
[  511.915649][ T8491] F2FS-fs (loop1): Found nat_bits in checkpoint
[  511.973160][ T8491] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  512.156403][ T8491] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1169'.
[  512.489062][ T8513] F2FS-fs (loop1): invalid namelen(0), ino:8, run fsck to fix.
[  513.924886][ T8520] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1174'.
[  514.670567][ T8533] loop1: detected capacity change from 0 to 512
[  514.694263][ T8534] FAT-fs (nullb0): bogus number of reserved sectors
[  514.909435][ T8534] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  514.944891][ T8533] EXT4-fs (loop1): Test dummy encryption mode enabled
[  514.952240][ T8533] EXT4-fs (loop1): Mount option "nouser_xattr" will be removed by 3.5
[  514.952240][ T8533] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  514.952240][ T8533] 
[  514.970986][ T8533] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  515.005014][ T8533] EXT4-fs error (device loop1): ext4_orphan_get:1432: comm syz.1.1178: bad orphan inode 131083
[  515.016234][ T8533] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,jqfmt=vfsv0,nouser_xattr,,errors=continue. Quota mode: none.
[  515.016829][ T8528] device syzkaller0 entered promiscuous mode
[  515.055264][ T8539] syz.0.1179[8539] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  515.055366][ T8539] syz.0.1179[8539] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  517.091940][ T8551] loop3: detected capacity change from 0 to 4096
[  517.407574][ T8551] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  517.671877][ T8554] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1184'.
[  522.652990][ T4363] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.810332][ T4363] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.910546][ T4363] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.057583][ T4363] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.613291][ T8616] loop1: detected capacity change from 0 to 512
[  523.800644][ T8622] loop3: detected capacity change from 0 to 1024
[  523.892580][ T8616] EXT4-fs (loop1): orphan cleanup on readonly fs
[  523.957064][ T8616] EXT4-fs error (device loop1): ext4_find_extent:929: inode #4: comm syz.1.1200: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0)
[  524.029791][ T4363] tipc: Left network mode
[  524.046992][ T8609] FAULT_INJECTION: forcing a failure.
[  524.046992][ T8609] name failslab, interval 1, probability 0, space 0, times 1
[  524.114294][ T8609] CPU: 1 PID: 8609 Comm: syz.0.1199 Not tainted syzkaller #0
[  524.121739][ T8609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  524.132026][ T8609] Call Trace:
[  524.135347][ T8609]  <TASK>
[  524.138309][ T8609]  dump_stack_lvl+0x188/0x250
[  524.143029][ T8609]  ? show_regs_print_info+0x20/0x20
[  524.148260][ T8609]  ? load_image+0x400/0x400
[  524.152895][ T8609]  ? __might_sleep+0xf0/0xf0
[  524.153365][ T8617] loop5: detected capacity change from 0 to 4096
[  524.157602][ T8609]  ? __lock_acquire+0x7d10/0x7d10
[  524.157666][ T8609]  ? __lock_acquire+0x12e8/0x7d10
[  524.157688][ T8609]  ? look_up_lock_class+0x71/0x110
[  524.157724][ T8609]  should_fail+0x38c/0x4c0
[  524.183839][ T8609]  should_failslab+0x5/0x20
[  524.184023][ T8616] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=-117
[  524.188476][ T8609]  slab_pre_alloc_hook+0x51/0xc0
[  524.203234][ T8609]  __kmalloc+0x6b/0x330
[  524.207422][ T8609]  ? tomoyo_realpath_from_path+0x118/0x610
[  524.213362][ T8609]  ? mark_lock+0x94/0x320
[  524.217752][ T8609]  tomoyo_realpath_from_path+0x118/0x610
[  524.223561][ T8609]  tomoyo_path_number_perm+0x242/0x660
[  524.229067][ T8609]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  524.234568][ T8609]  ? verify_lock_unused+0x140/0x140
[  524.239815][ T8609]  ? __lock_acquire+0x13bc/0x7d10
[  524.245097][ T8609]  ? make_kuid+0x680/0x680
[  524.249551][ T8609]  ? rwsem_write_trylock+0x135/0x1c0
[  524.254871][ T8609]  ? clear_nonspinnable+0x60/0x60
[  524.260033][ T8609]  tomoyo_path_chown+0x42/0xb0
[  524.264827][ T8609]  security_path_chown+0xdd/0x130
[  524.269893][ T8609]  chown_common+0x456/0x660
[  524.274467][ T8609]  ? __ia32_sys_chmod+0x70/0x70
[  524.279356][ T8609]  ? rcu_read_lock_any_held+0xb0/0x130
[  524.284858][ T8609]  ? rcu_read_lock_bh_held+0xf0/0xf0
[  524.290547][ T8609]  ? __mnt_want_write+0x1e2/0x260
[  524.295912][ T8609]  ? mnt_want_write_file+0x174/0x200
[  524.301238][ T8609]  ksys_fchown+0xe2/0x150
[  524.305798][ T8609]  __x64_sys_fchown+0x76/0x80
[  524.310796][ T8609]  do_syscall_64+0x4c/0xa0
[  524.315249][ T8609]  ? clear_bhb_loop+0x30/0x80
[  524.319956][ T8609]  ? clear_bhb_loop+0x30/0x80
[  524.324757][ T8609]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  524.330678][ T8609] RIP: 0033:0x7f1aa8f56dd9
[  524.335128][ T8609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  524.355425][ T8609] RSP: 002b:00007f1aa71b0028 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[  524.363877][ T8609] RAX: ffffffffffffffda RBX: 00007f1aa91cffa0 RCX: 00007f1aa8f56dd9
[  524.371656][ T8616] EXT4-fs warning (device loop1): ext4_enable_quotas:6488: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  524.371963][ T8609] RDX: 000000000000000a RSI: 000000003a736e6f RDI: 0000000000000003
[  524.394644][ T8609] RBP: 00007f1aa71b0090 R08: 0000000000000000 R09: 0000000000000000
[  524.402656][ T8609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.410663][ T8609] R13: 00007f1aa91d0038 R14: 00007f1aa91cffa0 R15: 00007ffcd75199c8
[  524.411634][ T8622] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  524.418690][ T8609]  </TASK>
[  524.454014][ T8616] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  524.455717][ T8617] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512)
[  524.462649][ T8616] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,journal_ioprio=0x0000000000000005,,errors=continue. Quota mode: writeback.
[  524.488960][ T8629] hfsplus: b-tree write err: -5, ino 22
[  524.544722][ T8622] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  524.715893][ T8616] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.1200: iget: bad i_size value: 360287970189639690
[  524.761771][ T8616] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.1200: iget: bad i_size value: 360287970189639690
[  524.986683][ T4247] hfsplus: b-tree write err: -5, ino 25
[  524.992960][ T4247] hfsplus: b-tree write err: -5, ino 4
[  525.029227][ T4247] hfsplus: b-tree write err: -5, ino 2
[  525.055297][ T4247] hfsplus: b-tree write err: -5, ino 23
[  525.069671][ T4247] hfsplus: b-tree write err: -5, ino 22
[  525.398016][ T8609] ERROR: Out of memory at tomoyo_realpath_from_path.
[  528.144192][ T8676] FAT-fs (nullb0): bogus number of reserved sectors
[  528.150886][ T8676] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  528.204115][ T5805] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  528.212695][ T8670] device syzkaller0 entered promiscuous mode
[  528.453924][ T5805] usb 2-1: Using ep0 maxpacket: 8
[  528.537362][ T4363] device hsr_slave_0 left promiscuous mode
[  528.560032][ T4363] device hsr_slave_1 left promiscuous mode
[  528.574721][ T5805] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  528.574964][ T4363] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  528.600184][ T5805] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  528.607412][ T4363] batman_adv: batadv0: Removing interface: batadv_slave_0
[  528.630596][ T4363] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  528.640939][ T4363] batman_adv: batadv0: Removing interface: batadv_slave_1
[  528.649617][ T4363] device bridge_slave_1 left promiscuous mode
[  528.658721][ T4363] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.122251][ T4363] device bridge_slave_0 left promiscuous mode
[  529.129451][ T4363] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.179441][ T4363] device veth1_macvtap left promiscuous mode
[  529.193994][ T4363] device veth0_macvtap left promiscuous mode
[  529.336176][ T4363] device veth1_vlan left promiscuous mode
[  529.362169][ T4363] device veth0_vlan left promiscuous mode
[  529.368975][ T5805] usb 2-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  529.392990][ T5805] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  529.409594][ T5805] usb 2-1: Product: syz
[  529.430444][ T5805] usb 2-1: Manufacturer: syz
[  529.452156][ T5805] usb 2-1: SerialNumber: syz
[  529.494879][ T5805] usb 2-1: config 0 descriptor??
[  529.884142][   T23] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  530.149861][ T4363] team0 (unregistering): Port device team_slave_1 removed
[  530.154100][   T23] usb 6-1: Using ep0 maxpacket: 16
[  530.180266][ T4363] team0 (unregistering): Port device team_slave_0 removed
[  530.198209][ T4363] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  530.228094][ T4363] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  530.284474][   T23] usb 6-1: config 0 has an invalid interface number: 238 but max is 0
[  530.295629][   T23] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  530.320780][   T23] usb 6-1: config 0 has no interface number 0
[  530.388396][ T4363] bond0 (unregistering): Released all slaves
[  530.514567][   T23] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  530.528350][   T23] usb 6-1: New USB device strings: Mfr=1, Product=219, SerialNumber=244
[  530.537855][   T23] usb 6-1: Product: syz
[  530.542215][   T23] usb 6-1: Manufacturer: syz
[  530.547523][   T23] usb 6-1: SerialNumber: syz
[  530.563081][   T23] usb 6-1: config 0 descriptor??
[  530.675547][   T23] usb 6-1: selecting invalid altsetting 1
[  530.681773][   T23] usb 6-1: Can not set alternate setting to 1, error: -22
[  530.701999][   T23] synaptics_usb: probe of 6-1:0.238 failed with error -22
[  530.814598][ T8723] syz.3.1222[8723] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  530.814705][ T8723] syz.3.1222[8723] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  530.921821][ T5377] usb 6-1: USB disconnect, device number 2
[  530.942894][   T23] usb 2-1: USB disconnect, device number 13
[  531.136600][ T8731] device syzkaller0 entered promiscuous mode
[  531.165140][ T8731] FAT-fs (nullb0): bogus number of reserved sectors
[  531.183274][ T8731] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  532.540308][ T8743] loop5: detected capacity change from 0 to 131072
[  532.864844][ T8743] F2FS-fs (loop5): invalid crc value
[  532.985969][ T8743] F2FS-fs (loop5): Found nat_bits in checkpoint
[  533.034006][ T8743] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  534.268192][ T8743] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1227'.
[  534.538543][ T8778] F2FS-fs (loop5): invalid namelen(0), ino:8, run fsck to fix.
[  534.594461][ T4239] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  535.205139][ T4239] usb 2-1: Using ep0 maxpacket: 8
[  535.314535][ T8790] netlink: 'syz.3.1237': attribute type 4 has an invalid length.
[  535.344117][ T4239] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  535.382411][ T4239] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  535.604131][ T4239] usb 2-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  535.619133][ T4239] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.658302][ T4239] usb 2-1: Product: syz
[  535.671577][ T4239] usb 2-1: Manufacturer: syz
[  535.688100][ T4239] usb 2-1: SerialNumber: syz
[  536.944938][ T4239] usb 2-1: config 0 descriptor??
[  537.729725][ T8827] 9pnet: Insufficient options for proto=fd
[  537.957262][ T8831] dlm: non-version read from control device 8192
[  538.004473][ T4239] usb 2-1: can't set config #0, error -71
[  538.056129][ T4239] usb 2-1: USB disconnect, device number 14
[  538.288666][ T8829] loop3: detected capacity change from 0 to 4096
[  538.342704][ T8829] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  539.272374][ T8870] loop2: detected capacity change from 0 to 512
[  539.391616][ T8870] EXT4-fs (loop2): inline encryption not supported
[  540.384512][ T8870] EXT4-fs (loop2): 1 orphan inode deleted
[  540.390318][ T8870] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,inlinecrypt,usrquota,jqfmt=vfsv1,jqfmt=vfsv0,delalloc,journal_dev=0x000000000000844d,debug_want_extra_isize=0x000000000000005c,i_version,,errors=continue. Quota mode: writeback.
[  542.857731][ T8891] FAULT_INJECTION: forcing a failure.
[  542.857731][ T8891] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  542.990347][ T8891] CPU: 0 PID: 8891 Comm: syz.0.1258 Not tainted syzkaller #0
[  542.997973][ T8891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  543.008593][ T8891] Call Trace:
[  543.011913][ T8891]  <TASK>
[  543.014920][ T8891]  dump_stack_lvl+0x188/0x250
[  543.019651][ T8891]  ? show_regs_print_info+0x20/0x20
[  543.024975][ T8891]  ? load_image+0x400/0x400
[  543.029632][ T8891]  ? __lock_acquire+0x7d10/0x7d10
[  543.034713][ T8891]  should_fail+0x38c/0x4c0
[  543.039306][ T8891]  prepare_alloc_pages+0x1e4/0x5f0
[  543.044561][ T8891]  __alloc_pages+0x11b/0x480
[  543.049789][ T8891]  ? zone_statistics+0x170/0x170
[  543.054777][ T8891]  ? count_memcg_event_mm+0x324/0x370
[  543.060358][ T8891]  get_zeroed_page+0x13/0x30
[  543.065186][ T8891]  __pud_alloc+0x31/0x140
[  543.069563][ T8891]  ? handle_mm_fault+0x4c0/0x4410
[  543.074613][ T8891]  handle_mm_fault+0x2c0f/0x4410
[  543.079596][ T8891]  ? get_page+0xe0/0xe0
[  543.083782][ T8891]  ? follow_page_mask+0x280/0x12d0
[  543.088935][ T8891]  ? vma_is_secretmem+0x9/0x40
[  543.093889][ T8891]  ? check_vma_flags+0x367/0x480
[  543.099164][ T8891]  __get_user_pages+0x94b/0x11e0
[  543.104485][ T8891]  ? populate_vma_page_range+0x290/0x290
[  543.110367][ T8891]  ? __might_sleep+0xf0/0xf0
[  543.115141][ T8891]  ? read_lock_is_recursive+0x10/0x10
[  543.120534][ T8891]  __get_user_pages_remote+0x1cd/0x770
[  543.126011][ T8891]  ? get_user_pages_remote+0x55/0xa0
[  543.131305][ T8891]  get_arg_page+0x11d/0x350
[  543.135917][ T8891]  ? copy_string_kernel+0x280/0x280
[  543.141243][ T8891]  ? up_write+0x1bb/0x420
[  543.145585][ T8891]  ? alloc_bprm+0x597/0x6a0
[  543.150271][ T8891]  copy_string_kernel+0x14d/0x280
[  543.155565][ T8891]  do_execveat_common+0x371/0x6d0
[  543.160747][ T8891]  __x64_sys_execveat+0xc0/0xe0
[  543.165634][ T8891]  do_syscall_64+0x4c/0xa0
[  543.170171][ T8891]  ? clear_bhb_loop+0x30/0x80
[  543.175052][ T8891]  ? clear_bhb_loop+0x30/0x80
[  543.179757][ T8891]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  543.185852][ T8891] RIP: 0033:0x7f1aa8f56dd9
[  543.190368][ T8891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  543.210348][ T8891] RSP: 002b:00007f1aa71b0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  543.219038][ T8891] RAX: ffffffffffffffda RBX: 00007f1aa91cffa0 RCX: 00007f1aa8f56dd9
[  543.227104][ T8891] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  543.235456][ T8891] RBP: 00007f1aa71b0090 R08: 0000000000001000 R09: 0000000000000000
[  543.243539][ T8891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  543.251775][ T8891] R13: 00007f1aa91d0038 R14: 00007f1aa91cffa0 R15: 00007ffcd75199c8
[  543.260316][ T8891]  </TASK>
[  543.407843][ T8898] loop2: detected capacity change from 0 to 256
[  543.956949][ T8901] ªªªªªª: renamed from vlan0
[  544.072688][ T8901] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  544.196102][ T8901] overlayfs: failed to set xattr on upper
[  544.244571][ T8901] overlayfs: ...falling back to index=off,metacopy=off.
[  544.384443][ T8912] loop2: detected capacity change from 0 to 2048
[  544.495491][ T8903] loop3: detected capacity change from 0 to 131072
[  544.562140][ T8912] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  544.594667][ T8912] UDF-fs: Scanning with blocksize 512 failed
[  544.634853][ T8903] F2FS-fs (loop3): invalid crc value
[  544.642603][ T8912] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  544.692966][ T8903] F2FS-fs (loop3): Mismatch valid blocks 4 vs. 5
[  544.700623][ T8903] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117)
[  544.902112][ T8890] loop5: detected capacity change from 0 to 32768
[  544.930071][ T8921] loop1: detected capacity change from 0 to 1024
[  544.945864][ T8912] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1265'.
[  545.079393][ T8921] hfsplus: unable to parse mount options
[  545.111777][ T8890] XFS (loop5): Mounting V5 Filesystem
[  546.238244][ T8890] XFS (loop5): Ending clean mount
[  546.307321][ T8946] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1271'.
[  546.353363][ T8355] XFS (loop5): Unmounting Filesystem
[  546.409762][ T8948] loop2: detected capacity change from 0 to 64
[  547.374141][ T8966] netlink: 'syz.3.1276': attribute type 33 has an invalid length.
[  547.555260][ T8966] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1276'.
[  548.494006][ T8569] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  548.675740][ T8970] loop3: detected capacity change from 0 to 4096
[  548.773964][ T8569] usb 3-1: Using ep0 maxpacket: 8
[  549.818975][ T8569] usb 3-1: unable to get BOS descriptor or descriptor too short
[  550.907793][ T8986] loop1: detected capacity change from 0 to 131072
[  550.953994][ T8569] usb 3-1: unable to read config index 0 descriptor/start: -71
[  550.963185][ T8569] usb 3-1: can't read configurations, error -71
[  550.980783][ T8989] loop5: detected capacity change from 0 to 4096
[  551.098624][ T8986] F2FS-fs (loop1): invalid crc value
[  551.160482][ T9007] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1280'.
[  551.205667][ T9007] loop3: detected capacity change from 0 to 512
[  551.429158][ T8989] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512)
[  551.971266][ T8986] F2FS-fs (loop1): Found nat_bits in checkpoint
[  552.139085][ T9007] EXT4-fs (loop3): orphan cleanup on readonly fs
[  552.147305][ T9007] Quota error (device loop3): v2_read_file_info: Block with free entry too big (9 >= 6).
[  552.158008][ T9007] EXT4-fs warning (device loop3): ext4_enable_quotas:6488: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  552.173419][ T9007] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  552.191983][ T9007] EXT4-fs error (device loop3): ext4_orphan_get:1432: comm syz.3.1280: bad orphan inode 14
[  552.203166][ T9007] ext4_test_bit(bit=13, block=18) = 1
[  552.209112][ T9007] is_bad_inode(inode)=0
[  552.213438][ T9007] NEXT_ORPHAN(inode)=0
[  552.218136][ T9007] max_ino=32
[  552.221439][ T9007] i_nlink=1
[  552.224854][ T9007] EXT4-fs (loop3): 1 truncate cleaned up
[  552.230618][ T9007] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  552.306515][ T9001] tipc: Failed to remove unknown binding: 66,0,0/0:3563949989/3563949990
[  552.675965][ T8986] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  552.806152][ T9012] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1278'.
[  552.989899][ T9003] loop2: detected capacity change from 0 to 131072
[  553.139767][ T9003] F2FS-fs (loop2): invalid crc value
[  553.341629][ T9003] F2FS-fs (loop2): Found nat_bits in checkpoint
[  553.492581][ T9003] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  554.726250][ T9035] loop2: detected capacity change from 0 to 64
[  554.776578][ T9039] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1285'.
[  554.867567][ T9035] MINIX-fs: mounting file system with errors, running fsck is recommended
[  554.924698][ T9035] afs: Unknown parameter 'º]B¥/nÆ]'
[  554.976240][ T9035] MINIX-fs warning: remounting fs with errors, running fsck is recommended
[  555.030301][ T9051] MINIX-fs warning: remounting unchecked fs, running fsck is recommended
[  556.249249][ T9053] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  556.565990][ T9047] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1287'.
[  560.173200][ T9068] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1292'.
[  562.889257][ T9088] loop5: detected capacity change from 0 to 4096
[  562.980974][ T9088] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512)
[  563.306217][ T9092] loop3: detected capacity change from 0 to 131072
[  563.335550][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  563.355036][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  563.412707][ T9092] F2FS-fs (loop3): invalid crc value
[  563.885596][ T9092] F2FS-fs (loop3): Found nat_bits in checkpoint
[  564.025254][ T9092] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  564.351693][ T9115] netlink: 'syz.0.1301': attribute type 29 has an invalid length.
[  564.360891][ T9115] netlink: 'syz.0.1301': attribute type 29 has an invalid length.
[  564.370397][ T9115] netlink: 'syz.0.1301': attribute type 29 has an invalid length.
[  564.475626][ T9120] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1298'.
[  565.952537][ T9109] loop2: detected capacity change from 0 to 40427
[  566.070341][ T9109] F2FS-fs (loop2): invalid crc value
[  566.161219][ T9125] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1302'.
[  566.383766][ T9109] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  566.773681][ T9109] F2FS-fs (loop2): Start checkpoint disabled!
[  566.851394][ T9109] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  567.031366][   T26] audit: type=1804 audit(566.961:6): pid=9109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1300" name="/newroot/259/bus/bus" dev="loop2" ino=10 res=1 errno=0
[  567.056711][ T5805] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  567.099097][ T9109] attempt to access beyond end of device
[  567.099097][ T9109] loop2: rw=10241, want=45104, limit=40427
[  568.637503][ T9109] attempt to access beyond end of device
[  568.637503][ T9109] loop2: rw=2049, want=45104, limit=40427
[  568.714067][ T5805] usb 2-1: Using ep0 maxpacket: 16
[  568.875533][ T5805] usb 2-1: unable to get BOS descriptor or descriptor too short
[  569.034366][ T5805] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  569.052264][ T9164] loop5: detected capacity change from 0 to 4096
[  569.997362][    T9] attempt to access beyond end of device
[  569.997362][    T9] loop2: rw=2049, want=45112, limit=40427
[  570.054155][ T5805] usb 2-1: string descriptor 0 read error: -71
[  570.070026][ T5805] usb 2-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[  570.096274][ T9164] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512)
[  570.176508][ T5805] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  570.364096][ T5805] usb 2-1: can't set config #1, error -71
[  571.242386][ T4240] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  571.250644][ T5805] usb 2-1: USB disconnect, device number 15
[  571.934307][ T4240] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  571.943075][ T4240] usb 4-1: config 0 has no interface number 0
[  571.977729][ T4240] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  572.004055][ T5805] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  572.022234][ T4240] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  572.039869][ T9192] loop5: detected capacity change from 0 to 8192
[  572.052327][ T4240] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  572.095184][ T4240] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.121543][ T4240] usb 4-1: config 0 descriptor??
[  572.144179][ T4240] usb 4-1: can't set config #0, error -71
[  572.153350][ T4240] usb 4-1: USB disconnect, device number 18
[  572.305975][ T9192] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  572.348635][ T9192] REISERFS (device loop5): using ordered data mode
[  572.355596][ T9192] reiserfs: using flush barriers
[  572.550109][ T9192] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  573.041275][ T9192] REISERFS (device loop5): checking transaction log (loop5)
[  573.194018][ T5805] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  573.203302][ T5805] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.246474][ T5805] usb 2-1: config 0 descriptor??
[  574.197231][ T5805] cp210x 2-1:0.0: cp210x converter detected
[  574.220889][ T9226] loop3: detected capacity change from 0 to 256
[  574.274055][ T5805] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  574.284753][ T9226] exfat: Deprecated parameter 'utf8'
[  574.301051][ T9226] exfat: Deprecated parameter 'utf8'
[  574.327311][ T9226] exfat: Deprecated parameter 'utf8'
[  574.402595][ T9192] REISERFS (device loop5): Using tea hash to sort names
[  574.415188][ T9237] loop2: detected capacity change from 0 to 64
[  574.426602][ T9226] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d)
[  574.427850][ T9192] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  574.491612][ T9237] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  574.512791][ T9192] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  574.541184][ T5805] usb 2-1: cp210x converter now attached to ttyUSB0
[  574.545530][ T9226] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1321'.
[  574.769544][ T4267] usb 2-1: USB disconnect, device number 16
[  574.800700][ T4267] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  574.882180][ T4267] cp210x 2-1:0.0: device disconnected
[  575.205367][ T9248] loop3: detected capacity change from 0 to 4096
[  575.334782][ T9248] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  575.804234][   T23] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  575.834310][ T9269] loop3: detected capacity change from 0 to 1024
[  575.944699][ T9269] hfsplus: unable to parse mount options
[  576.135520][ T9269] loop3: detected capacity change from 0 to 1024
[  576.181662][ T9269] EXT4-fs (loop3): inline encryption not supported
[  576.341113][ T9269] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000006,norecovery,noauto_da_alloc,debug_want_extra_isize=0x0000000000000080,jqfmt=vfsv1,inlinecrypt,grpquota,norecovery,,errors=continue. Quota mode: writeback.
[  576.675344][   T23] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  576.731970][   T23] usb 3-1: config 0 has no interface number 0
[  576.788311][   T23] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.862617][   T23] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.080002][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  577.091029][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  577.106529][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  577.116844][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  577.124701][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  577.140277][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  577.148491][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  577.159353][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  577.170028][ T9288] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  577.211007][   T23] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  577.231442][   T23] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.306058][   T23] usb 3-1: config 0 descriptor??
[  577.377200][ T9281] loop5: detected capacity change from 0 to 131072
[  577.465815][ T9281] F2FS-fs (loop5): invalid crc value
[  577.525594][ T9288] syz.0.1334 (9288) used greatest stack depth: 19984 bytes left
[  577.535307][ T9281] F2FS-fs (loop5): Found nat_bits in checkpoint
[  577.559303][ T9295] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1335'.
[  577.592848][ T9281] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  577.644201][ T9281] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1332'.
[  577.827753][   T23] prodikeys 0003:041E:2801.000B: item fetching failed at offset 6/7
[  577.837870][   T23] prodikeys 0003:041E:2801.000B: hid parse failed
[  577.844951][   T23] prodikeys: probe of 0003:041E:2801.000B failed with error -22
[  577.884064][ T5805] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  577.952652][ T9301] F2FS-fs (loop5): invalid namelen(0), ino:8, run fsck to fix.
[  578.105517][ T5377] usb 3-1: USB disconnect, device number 16
[  578.554180][ T5805] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  578.602424][ T5805] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  578.714135][ T5805] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  578.723327][ T5805] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  578.834041][ T5805] usb 1-1: SerialNumber: syz
[  579.854864][ T9309] loop3: detected capacity change from 0 to 4096
[  579.891586][ T9309] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  580.017527][ T5805] usb 1-1: 0:2 : does not exist
[  580.261656][ T5805] usb 1-1: USB disconnect, device number 16
[  581.440763][ T4180] udevd[4180]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  581.493222][ T9341] loop3: detected capacity change from 0 to 512
[  581.578908][ T9341] EXT4-fs (loop3): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  581.699601][ T9351] loop5: detected capacity change from 0 to 1024
[  581.900332][ T9351] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
[  584.137665][ T9384] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1357'.
[  585.109634][ T9364] loop5: detected capacity change from 0 to 32768
[  585.200507][ T9364] *** Log Format Error ! ***
[  585.232562][ T9364] lmLogInit: exit(-22)
[  585.263086][ T9364] lmLogOpen: exit(-22)
[  585.324111][ T9364] jfs_mount_rw failed, return code = -22
[  585.367757][ T9409] FAULT_INJECTION: forcing a failure.
[  585.367757][ T9409] name failslab, interval 1, probability 0, space 0, times 0
[  585.563925][ T9409] CPU: 0 PID: 9409 Comm: syz.3.1362 Not tainted syzkaller #0
[  585.572615][ T9409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  585.583141][ T9409] Call Trace:
[  585.586443][ T9409]  <TASK>
[  585.589496][ T9409]  dump_stack_lvl+0x188/0x250
[  585.594517][ T9409]  ? show_regs_print_info+0x20/0x20
[  585.600048][ T9409]  ? load_image+0x400/0x400
[  585.604904][ T9409]  ? __might_sleep+0xf0/0xf0
[  585.609891][ T9409]  ? __lock_acquire+0x7d10/0x7d10
[  585.615032][ T9409]  ? tomoyo_get_local_path+0x667/0x7b0
[  585.620795][ T9409]  should_fail+0x38c/0x4c0
[  585.625453][ T9409]  should_failslab+0x5/0x20
[  585.630077][ T9409]  slab_pre_alloc_hook+0x51/0xc0
[  585.635150][ T9409]  __kmalloc+0x6b/0x330
[  585.639415][ T9409]  ? tomoyo_encode+0x27e/0x540
[  585.644383][ T9409]  tomoyo_encode+0x27e/0x540
[  585.649154][ T9409]  tomoyo_realpath_from_path+0x5cd/0x610
[  585.655193][ T9409]  tomoyo_path_number_perm+0x242/0x660
[  585.660961][ T9409]  ? verify_lock_unused+0x140/0x140
[  585.666707][ T9409]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  585.672366][ T9409]  ? ksys_write+0x1c6/0x260
[  585.676957][ T9409]  security_file_ioctl+0x6c/0xa0
[  585.681930][ T9409]  __se_sys_ioctl+0x48/0x170
[  585.686724][ T9409]  do_syscall_64+0x4c/0xa0
[  585.691162][ T9409]  ? clear_bhb_loop+0x30/0x80
[  585.695860][ T9409]  ? clear_bhb_loop+0x30/0x80
[  585.700825][ T9409]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  585.707041][ T9409] RIP: 0033:0x7fae578efdd9
[  585.711603][ T9409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  585.732242][ T9409] RSP: 002b:00007fae55b49028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  585.741241][ T9409] RAX: ffffffffffffffda RBX: 00007fae57b68fa0 RCX: 00007fae578efdd9
[  585.750252][ T9409] RDX: 0000000000000000 RSI: 0000000000005450 RDI: 0000000000000003
[  585.758843][ T9409] RBP: 00007fae55b49090 R08: 0000000000000000 R09: 0000000000000000
[  585.766854][ T9409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  585.775034][ T9409] R13: 00007fae57b69038 R14: 00007fae57b68fa0 R15: 00007fff2b88b5e8
[  585.783224][ T9409]  </TASK>
[  585.786629][    C0] vkms_vblank_simulate: vblank timer overrun
[  585.910374][ T9409] ERROR: Out of memory at tomoyo_realpath_from_path.
[  586.198563][ T9420] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  586.594549][ T9424] loop5: detected capacity change from 0 to 4096
[  586.596149][ T9435] netlink: 'syz.1.1370': attribute type 1 has an invalid length.
[  586.612336][ T9435] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1370'.
[  586.626624][ T9424] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512)
[  587.981466][ T9447] loop3: detected capacity change from 0 to 4096
[  588.330156][ T9447] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  588.609424][ T9459] loop5: detected capacity change from 0 to 512
[  588.716124][ T9459] EXT4-fs error (device loop5): __ext4_iget:4919: inode #2: block 100663296: comm syz.5.1374: invalid block
[  588.744672][ T9459] EXT4-fs (loop5): no journal found
[  588.793425][ T9462] FAULT_INJECTION: forcing a failure.
[  588.793425][ T9462] name failslab, interval 1, probability 0, space 0, times 0
[  588.870814][ T9462] CPU: 0 PID: 9462 Comm: syz.2.1375 Not tainted syzkaller #0
[  588.878265][ T9462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  588.888361][ T9462] Call Trace:
[  588.891669][ T9462]  <TASK>
[  588.894757][ T9462]  dump_stack_lvl+0x188/0x250
[  588.899841][ T9462]  ? show_regs_print_info+0x20/0x20
[  588.905251][ T9462]  ? load_image+0x400/0x400
[  588.909875][ T9462]  ? __lock_acquire+0x7d10/0x7d10
[  588.915117][ T9462]  should_fail+0x38c/0x4c0
[  588.919803][ T9462]  should_failslab+0x5/0x20
[  588.924519][ T9462]  slab_pre_alloc_hook+0x51/0xc0
[  588.929600][ T9462]  __kmalloc+0x6b/0x330
[  588.934003][ T9462]  ? __se_sys_memfd_create+0x142/0x450
[  588.939518][ T9462]  ? strnlen_user+0x19b/0x250
[  588.944280][ T9462]  __se_sys_memfd_create+0x142/0x450
[  588.949746][ T9462]  ? lock_chain_count+0x20/0x20
[  588.954824][ T9462]  ? __x64_sys_memfd_create+0x60/0x60
[  588.960333][ T9462]  ? lockdep_hardirqs_on+0x94/0x140
[  588.965584][ T9462]  do_syscall_64+0x4c/0xa0
[  588.970174][ T9462]  ? clear_bhb_loop+0x30/0x80
[  588.975165][ T9462]  ? clear_bhb_loop+0x30/0x80
[  588.980058][ T9462]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  588.986875][ T9462] RIP: 0033:0x7f776bfa2dd9
[  588.991471][ T9462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  589.011495][ T9462] RSP: 002b:00007f776a1fbe08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  589.020073][ T9462] RAX: ffffffffffffffda RBX: 0000000000001513 RCX: 00007f776bfa2dd9
[  589.028095][ T9462] RDX: 00007f776a1fbee0 RSI: 0000000000000000 RDI: 00007f776c038f49
[  589.036417][ T9462] RBP: 0000200000001f80 R08: 00000000ffffffff R09: 0000000000000000
[  589.044520][ T9462] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000580
[  589.052669][ T9462] R13: 00007f776a1fbee0 R14: 00007f776a1fbea0 R15: 0000200000000000
[  589.061139][ T9462]  </TASK>
[  589.104281][ T9459] ecryptfs_parse_options: eCryptfs: unrecognized option [&@]
[  589.112016][ T9459] ecryptfs_parse_options: eCryptfs: unrecognized option [/kernel/debug/damon/rm_contexts]
[  589.221808][ T9459] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  589.255292][ T9459] Error parsing options; rc = [-22]
[  589.573976][ T5805] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  590.383878][ T5805] usb 1-1: Using ep0 maxpacket: 8
[  591.674130][ T5805] usb 1-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  591.703957][ T5805] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.712105][ T5805] usb 1-1: Product: syz
[  591.712710][ T9513] netlink: 'syz.2.1387': attribute type 10 has an invalid length.
[  591.753864][ T5805] usb 1-1: Manufacturer: syz
[  591.758787][ T5805] usb 1-1: SerialNumber: syz
[  591.801041][ T9513] openvswitch: netlink: Flow key attr not present in new flow.
[  591.804928][ T5805] usb 1-1: config 0 descriptor??
[  591.876422][ T5805] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  591.915528][ T9513] loop2: detected capacity change from 0 to 2048
[  591.978001][ T9513] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  592.023872][ T9513] NILFS (loop2): unrecognized mount option "
"
[  592.099461][ T9528] loop3: detected capacity change from 0 to 512
[  592.227081][ T9528] EXT4-fs (loop3): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  592.314078][ T5805] gspca_sonixj: reg_r err -32
[  592.319049][ T5805] sonixj: probe of 1-1:0.0 failed with error -32
[  592.435442][ T9539] loop2: detected capacity change from 0 to 512
[  592.470578][ T9539] EXT4-fs (loop2): Unrecognized mount option "uid<00000000000000000000" or missing value
[  593.156620][ T9547] FAULT_INJECTION: forcing a failure.
[  593.156620][ T9547] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  593.251844][ T9547] CPU: 1 PID: 9547 Comm: syz.2.1393 Not tainted syzkaller #0
[  593.259300][ T9547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  593.269489][ T9547] Call Trace:
[  593.273019][ T9547]  <TASK>
[  593.276074][ T9547]  dump_stack_lvl+0x188/0x250
[  593.280800][ T9547]  ? show_regs_print_info+0x20/0x20
[  593.286369][ T9547]  ? load_image+0x400/0x400
[  593.290995][ T9547]  ? __might_sleep+0xf0/0xf0
[  593.295702][ T9547]  ? __lock_acquire+0x7d10/0x7d10
[  593.300875][ T9547]  should_fail+0x38c/0x4c0
[  593.305337][ T9547]  copy_page_from_iter+0x33c/0x760
[  593.310563][ T9547]  tun_get_user+0x1983/0x3a70
[  593.315441][ T9547]  ? tun_ring_recv+0xc40/0xc40
[  593.320220][ T9547]  ? rcu_lock_release+0x5/0x20
[  593.325105][ T9547]  ? __lock_acquire+0x7d10/0x7d10
[  593.330283][ T9547]  tun_chr_write_iter+0x112/0x1e0
[  593.335495][ T9547]  vfs_write+0x745/0xd60
[  593.339753][ T9547]  ? file_end_write+0x250/0x250
[  593.344701][ T9547]  ? __fget_files+0x40f/0x480
[  593.349863][ T9547]  ? __fdget_pos+0x1e2/0x370
[  593.354570][ T9547]  ? ksys_write+0x71/0x260
[  593.359156][ T9547]  ksys_write+0x152/0x260
[  593.363495][ T9547]  ? __ia32_sys_read+0x80/0x80
[  593.368544][ T9547]  ? lockdep_hardirqs_on+0x94/0x140
[  593.373750][ T9547]  do_syscall_64+0x4c/0xa0
[  593.378355][ T9547]  ? clear_bhb_loop+0x30/0x80
[  593.383174][ T9547]  ? clear_bhb_loop+0x30/0x80
[  593.387951][ T9547]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  593.394025][ T9547] RIP: 0033:0x7f776bf6360e
[  593.398628][ T9547] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  593.418951][ T9547] RSP: 002b:00007f776a1fbfb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  593.427750][ T9547] RAX: ffffffffffffffda RBX: 00007f776a1fc6c0 RCX: 00007f776bf6360e
[  593.435900][ T9547] RDX: 0000000000000032 RSI: 0000200000000000 RDI: 00000000000000c8
[  593.443965][ T9547] RBP: 00007f776a1fc090 R08: 0000000000000000 R09: 0000000000000000
[  593.452125][ T9547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  593.460277][ T9547] R13: 00007f776c21c038 R14: 00007f776c21bfa0 R15: 00007ffd95314088
[  593.469029][ T9547]  </TASK>
[  593.659989][ T9553] sp0: Synchronizing with TNC
[  594.076926][ T5805] usb 1-1: USB disconnect, device number 17
[  594.287892][ T9569] hub 9-0:1.0: USB hub found
[  594.306119][ T9569] hub 9-0:1.0: 1 port detected
[  594.333452][ T9574] loop2: detected capacity change from 0 to 1024
[  594.413886][ T9574] hfsplus: unable to parse mount options
[  595.190333][ T9571] loop3: detected capacity change from 0 to 131072
[  595.306419][ T9571] F2FS-fs (loop3): invalid crc value
[  595.323918][ T5805] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  595.347763][ T9571] F2FS-fs (loop3): Found nat_bits in checkpoint
[  595.409323][ T9571] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  595.542298][ T9571] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1396'.
[  595.872351][ T9601] F2FS-fs (loop3): invalid namelen(0), ino:8, run fsck to fix.
[  595.884441][ T5805] usb 1-1: New USB device found, idVendor=13d8, idProduct=0010, bcdDevice=8f.72
[  596.200621][ T5805] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.333876][ T5805] usb 1-1: Product: syz
[  596.398958][ T5805] usb 1-1: Manufacturer: syz
[  596.470827][ T5805] usb 1-1: SerialNumber: syz
[  596.655141][ T5805] usb 1-1: config 0 descriptor??
[  596.850989][ T9609] loop2: detected capacity change from 0 to 512
[  596.938909][ T9609] EXT4-fs (loop2): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  596.965873][ T9575] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1397'.
[  599.128959][ T9623] loop2: detected capacity change from 0 to 2048
[  599.221183][ T5805] usb 1-1: selecting invalid altsetting 1
[  599.243850][ T5805] comedi comedi5: could not switch to alternate setting 1
[  599.287705][ T5805] usbduxfast 1-1:0.0: driver 'usbduxfast' failed to auto-configure device.
[  599.395320][ T5805] usb 1-1: USB disconnect, device number 18
[  599.464728][ T9623] netlink: 404 bytes leftover after parsing attributes in process `syz.2.1407'.
[  599.618932][ T9632] device syzkaller0 entered promiscuous mode
[  599.625478][ T9635] sp0: Synchronizing with TNC
[  599.749206][ T9637] device syzkaller0 entered promiscuous mode
[  599.768533][ T9637] FAT-fs (nullb0): bogus number of reserved sectors
[  599.795849][ T9637] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  602.856549][ T9688] syz.2.1420 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  602.868842][ T9688] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1420'.
[  602.877313][ T9690] fuse: Bad value for 'fd'
[  602.884145][ T9688] ubi31: attaching mtd0
[  602.891385][ T9688] ubi31: scanning is finished
[  602.896568][ T9688] ubi31: empty MTD device detected
[  602.972093][ T9688] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  602.980555][ T9688] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  602.988175][ T9688] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  602.995331][ T9688] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  603.003107][ T9688] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  603.010573][ T9688] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  603.019256][ T9688] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3929684718
[  603.029679][ T9688] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  603.044729][ T9696] ubi31: background thread "ubi_bgt31d" started, PID 9696
[  604.075163][ T9702] FAT-fs (nullb0): bogus number of reserved sectors
[  604.081872][ T9702] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  604.205601][ T9710] loop2: detected capacity change from 0 to 1024
[  604.243689][ T9710] hfsplus: unable to parse mount options
[  606.561598][ T9740] loop2: detected capacity change from 0 to 131072
[  607.188366][ T9736] loop5: detected capacity change from 0 to 4096
[  607.417617][ T9736] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512)
[  607.420721][ T9740] F2FS-fs (loop2): invalid crc value
[  607.478513][ T9740] F2FS-fs (loop2): Found nat_bits in checkpoint
[  607.573973][ T9740] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  607.611986][ T9740] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1434'.
[  609.588660][ T9771] device syzkaller0 entered promiscuous mode
[  609.674321][ T9771] FAT-fs (nullb0): bogus number of reserved sectors
[  609.694027][ T9771] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  610.887428][ T9792] hub 9-0:1.0: USB hub found
[  610.921052][ T9792] hub 9-0:1.0: 1 port detected
[  612.284850][ T9795] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1449'.
[  612.503400][ T9788] loop2: detected capacity change from 0 to 32768
[  612.711516][ T9788] program syz.2.1446 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  614.043473][ T9811] netlink: 332 bytes leftover after parsing attributes in process `syz.2.1452'.
[  614.052968][ T9811] netlink: 196 bytes leftover after parsing attributes in process `syz.2.1452'.
[  614.099352][ T9811] loop2: detected capacity change from 0 to 512
[  615.070307][ T9819] loop3: detected capacity change from 0 to 32768
[  615.197225][ T9819] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1454 (9819)
[  615.226665][ T9811] fscrypt (loop2, inode 2): Error -61 getting encryption context
[  615.235564][ T9811] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61
[  615.244263][ T9811] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #13: comm syz.2.1452: iget: bad i_size value: 12154757448730
[  615.257599][ T9811] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.1452: couldn't read orphan inode 13 (err -117)
[  615.270023][ T9811] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,stripe=0x0000000000010003,sysvgroups,jqfmt=vfsold,nouid32,grpjquota=.grpquota,nolazytime,,errors=continue. Quota mode: writeback.
[  615.347498][ T9819] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  615.356990][ T9819] BTRFS info (device loop3): turning on async discard
[  615.364446][ T9819] BTRFS info (device loop3): turning on sync discard
[  615.371166][ T9819] BTRFS info (device loop3): enabling ssd optimizations
[  615.378645][ T9819] BTRFS info (device loop3): using free space tree
[  615.385368][ T9819] BTRFS info (device loop3): has skinny extents
[  615.818716][    T9] BTRFS warning (device loop3): checksum verify failed on 5337088 wanted 0x069db4c1f964a3fa7920222c4cd8dd34649c9e9233b7b654e99777786dec5adc found 0x6c6aa271b1be9e8609681b25c4bae4e290bd5d072147458fc44626b5768f153b level 0
[  616.051172][ T9819] BTRFS warning (device loop3): failed to read root (objectid=2): -5
[  616.398692][ T4234] Bluetooth: hci5: command 0x0406 tx timeout
[  616.895022][ T9819] BTRFS error (device loop3): open_ctree failed: -22
[  619.681937][ T9864] loop2: detected capacity change from 0 to 131072
[  620.300758][ T9864] F2FS-fs (loop2): invalid crc value
[  620.311656][ T9864] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-12)
[  622.064809][ T9882] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1463'.
[  623.068360][ T9905] FAT-fs (nullb0): bogus number of reserved sectors
[  623.106117][ T9905] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  623.919469][ T9901] loop2: detected capacity change from 0 to 131072
[  624.034797][ T9901] F2FS-fs (loop2): invalid crc value
[  624.090559][ T9901] F2FS-fs (loop2): Found nat_bits in checkpoint
[  624.156293][ T9901] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  624.480140][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  625.263659][ T9908] loop5: detected capacity change from 0 to 32768
[  625.436990][ T9926] F2FS-fs (loop2): invalid namelen(0), ino:8, run fsck to fix.
[  625.470748][ T9908] XFS (loop5): Mounting V5 Filesystem
[  625.785474][ T9908] XFS (loop5): Ending clean mount
[  625.882041][ T9944] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1475'.
[  625.933292][ T8355] XFS (loop5): Unmounting Filesystem
[  626.023315][ T9944] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1475'.
[  626.060288][ T9944] A link change request failed with some changes committed already. Interface veth0_virt_wifi may have been left with an inconsistent configuration, please check.
[  626.872100][ T9964] device syzkaller0 entered promiscuous mode
[  626.987512][ T9967] FAT-fs (nullb0): bogus number of reserved sectors
[  627.055902][ T9967] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  627.127473][ T9952] loop3: detected capacity change from 0 to 131072
[  627.218349][ T9952] F2FS-fs (loop3): invalid crc value
[  627.375699][ T9952] F2FS-fs (loop3): Found nat_bits in checkpoint
[  627.661305][ T9952] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  628.034942][ T9975] lo speed is unknown, defaulting to 1000
[  628.071173][ T9985] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1478'.
[  628.887454][ T4234] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  629.344406][ T4234] usb 1-1: Using ep0 maxpacket: 8
[  629.714888][ T4234] usb 1-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  630.168336][ T4234] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  630.184103][ T4234] usb 1-1: Product: syz
[  630.188323][ T4234] usb 1-1: Manufacturer: syz
[  630.192944][ T4234] usb 1-1: SerialNumber: syz
[  630.245386][ T4234] usb 1-1: config 0 descriptor??
[  630.326182][ T4234] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  632.556690][T10026] loop5: detected capacity change from 0 to 32768
[  632.631685][T10026] XFS (loop5): Mounting V5 Filesystem
[  632.843829][T10026] XFS (loop5): Ending clean mount
[  632.986078][ T5377] usb 1-1: USB disconnect, device number 19
[  633.124136][T10049] ODEBUG: Out of memory. ODEBUG disabled
[  633.398328][T10058] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1497'.
[  633.418704][ T8355] XFS (loop5): Unmounting Filesystem
[  634.271709][T10053] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1495'.
[  634.548776][T10078] loop3: detected capacity change from 0 to 512
[  634.614785][T10078] EXT4-fs (loop3): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  636.886222][T10103] device syzkaller1 entered promiscuous mode
[  637.245848][T10114] hub 9-0:1.0: USB hub found
[  637.316385][T10114] hub 9-0:1.0: 1 port detected
[  637.408228][   T21] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  637.803890][   T21] usb 3-1: Using ep0 maxpacket: 32
[  638.304203][   T21] usb 3-1: New USB device found, idVendor=0582, idProduct=0114, bcdDevice= 0.40
[  638.453897][ T8569] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  638.722267][   T21] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  638.731533][   T21] usb 3-1: Product: syz
[  638.736108][   T21] usb 3-1: Manufacturer: syz
[  638.740849][   T21] usb 3-1: SerialNumber: syz
[  638.868288][T10130] mmap: syz.1.1514 (10130) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  638.933877][ T8569] usb 4-1: Using ep0 maxpacket: 32
[  639.724085][ T8569] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  639.914156][ T8569] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  639.929115][ T8569] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  639.968845][ T8569] usb 4-1: Product: syz
[  639.973463][ T8569] usb 4-1: Manufacturer: syz
[  640.003831][ T8569] usb 4-1: SerialNumber: syz
[  640.030182][   T21] usb 3-1: MIDIStreaming interface descriptor not found
[  640.034722][ T8569] usb 4-1: config 0 descriptor??
[  640.094161][T10124] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  640.114794][ T8569] hub 4-1:0.0: bad descriptor, ignoring hub
[  640.121032][ T8569] hub: probe of 4-1:0.0 failed with error -5
[  640.130450][   T21] usb 3-1: USB disconnect, device number 17
[  640.428256][T10145] loop5: detected capacity change from 0 to 512
[  640.459784][ T8569] usb 4-1: USB disconnect, device number 19
[  640.507672][ T4432] udevd[4432]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  640.541127][T10124] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  640.576503][T10145] EXT4-fs (loop5): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  640.628659][T10149] CIFS mount error: No usable UNC path provided in device string!
[  640.628659][T10149] 
[  640.703990][T10149] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  641.479956][T10158] hub 9-0:1.0: USB hub found
[  641.527531][T10158] hub 9-0:1.0: 1 port detected
[  641.705797][T10151] syz.2.1521 (10151) used greatest stack depth: 18328 bytes left
[  644.352369][T10178] afs: Unknown parameter ''
[  644.523063][T10197] xt_connbytes: Forcing CT accounting to be enabled
[  644.530041][T10197] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  644.636126][T10203] hub 9-0:1.0: USB hub found
[  644.663354][T10203] hub 9-0:1.0: 1 port detected
[  645.044325][T10218] tun0: tun_chr_ioctl cmd 1074025675
[  645.071436][T10218] tun0: persist enabled
[  645.082112][T10218] tun0: tun_chr_ioctl cmd 1074025675
[  645.111988][T10218] tun0: persist disabled
[  645.825247][T10220] loop5: detected capacity change from 0 to 256
[  646.460870][T10220] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  646.484039][T10220] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  646.519453][T10220] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c91aa, utbl_chksum : 0xe619d30d)
[  646.971092][T10208] netlink: 'syz.0.1539': attribute type 24 has an invalid length.
[  648.480706][T10239] loop3: detected capacity change from 0 to 4096
[  648.704202][   T21] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  648.818563][ T5805] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  648.938489][T10279] Restarting kernel threads ... done.
[  649.013963][ T5377] usb 4-1: new low-speed USB device number 20 using dummy_hcd
[  649.034186][   T21] usb 1-1: Using ep0 maxpacket: 8
[  649.380282][   T21] usb 1-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  649.400985][   T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  649.427954][   T21] usb 1-1: Product: syz
[  649.432343][   T21] usb 1-1: Manufacturer: syz
[  649.447654][   T21] usb 1-1: SerialNumber: syz
[  649.505110][   T21] usb 1-1: config 0 descriptor??
[  649.542447][ T5805] usb 6-1: Using ep0 maxpacket: 32
[  649.562786][   T21] gspca_main: sq905-2.14.0 probing 2770:9120
[  649.613909][ T5377] usb 4-1: device descriptor read/64, error -71
[  649.723937][ T5805] usb 6-1: device descriptor read/all, error -71
[  649.810940][T10290] hub 9-0:1.0: USB hub found
[  649.820623][T10290] hub 9-0:1.0: 1 port detected
[  649.884034][ T5377] usb 4-1: new low-speed USB device number 21 using dummy_hcd
[  650.045198][   T21] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71)
[  650.052905][   T21] sq905: probe of 1-1:0.0 failed with error -71
[  650.066100][   T21] usb 1-1: USB disconnect, device number 20
[  650.083936][ T5377] usb 4-1: device descriptor read/64, error -71
[  650.214485][ T5377] usb usb4-port1: attempt power cycle
[  650.624291][ T5377] usb 4-1: new low-speed USB device number 22 using dummy_hcd
[  650.724113][ T5377] usb 4-1: device descriptor read/8, error -71
[  650.994010][ T5377] usb 4-1: new low-speed USB device number 23 using dummy_hcd
[  651.094034][ T5377] usb 4-1: device descriptor read/8, error -71
[  651.215793][ T5377] usb usb4-port1: unable to enumerate USB device
[  651.844228][ T4234] Bluetooth: hci5: command 0x0405 tx timeout
[  652.020476][T10286] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  652.216750][T10312] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1571'.
[  653.249535][T10331] loop2: detected capacity change from 0 to 512
[  653.318600][T10331] EXT4-fs (loop2): Test dummy encryption mode enabled
[  653.325689][T10331] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[  653.325689][T10331] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  653.325689][T10331] 
[  653.344945][T10331] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  653.482589][T10331] EXT4-fs error (device loop2): ext4_orphan_get:1432: comm syz.2.1577: bad orphan inode 131083
[  653.505296][T10331] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,jqfmt=vfsv0,nouser_xattr,,errors=continue. Quota mode: none.
[  654.083877][ T9860] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  654.444147][ T9860] usb 1-1: config 32 has an invalid interface number: 97 but max is 0
[  654.455017][ T9860] usb 1-1: config 32 has no interface number 0
[  654.492858][ T9860] usb 1-1: too many endpoints for config 32 interface 97 altsetting 97: 39, using maximum allowed: 30
[  654.517220][ T9860] usb 1-1: config 32 interface 97 altsetting 97 has 0 endpoint descriptors, different from the interface descriptor's value: 39
[  654.558431][ T9860] usb 1-1: config 32 interface 97 has no altsetting 0
[  654.569483][ T9860] usb 1-1: New USB device found, idVendor=057b, idProduct=0000, bcdDevice= 0.00
[  654.581876][ T9860] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.752119][T10354] loop3: detected capacity change from 0 to 512
[  654.809402][T10354] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  654.819210][T10354] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  655.642380][T10356] loop5: detected capacity change from 0 to 128
[  655.657882][T10356] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  655.684076][ T9860] usb 1-1: string descriptor 0 read error: -71
[  655.691408][T10356] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  655.702440][ T9860] usb-storage 1-1:32.97: USB Mass Storage device detected
[  655.755289][ T9860] usb-storage 1-1:32.97: Quirks match for vid 057b pid 0000: 1
[  655.766261][ T9860] usb-storage 1-1:32.97: This device (057b,0000,0000 S 79 P 01) has an unneeded Protocol entry in unusual_devs.h (kernel syzkaller)
[  655.766261][ T9860]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  655.853993][ T9860] usb 1-1: USB disconnect, device number 21
[  656.290660][ T4337] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  657.531457][T10388] loop2: detected capacity change from 0 to 1024
[  657.622215][T10388] hfsplus: unable to parse mount options
[  659.674666][T10401] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1601'.
[  659.768231][T10408] loop3: detected capacity change from 0 to 4096
[  659.850639][T10408] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  661.925345][T10427] ALSA: mixer_oss: invalid OSS volume 'ð'
[  662.704245][ T8380] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  663.003921][ T8380] usb 6-1: Using ep0 maxpacket: 8
[  663.056246][ T5805] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  663.065588][T10454] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1614'.
[  663.313850][ T5805] usb 4-1: Using ep0 maxpacket: 32
[  663.320255][ T8380] usb 6-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  663.343635][ T8380] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.369044][ T8380] usb 6-1: Product: syz
[  663.380431][ T8380] usb 6-1: Manufacturer: syz
[  663.396146][ T8380] usb 6-1: SerialNumber: syz
[  663.431211][ T8380] usb 6-1: config 0 descriptor??
[  663.436452][ T5805] usb 4-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  663.436532][ T5805] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  663.455748][ T5805] usb 4-1: config 0 descriptor??
[  663.502546][ T8380] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  663.505897][ T5805] gspca_main: sq930x-2.14.0 probing 041e:403c
[  663.952125][T10443] loop3: detected capacity change from 0 to 128
[  664.016313][T10443] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  664.054654][T10443] hpfs: filesystem error: improperly stopped
[  664.061280][T10443] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  664.079829][T10443] hpfs: You really don't want any checks? You are crazy...
[  664.097840][T10443] hpfs: hpfs_map_sector(): read error
[  664.113643][T10443] hpfs: code page support is disabled
[  664.142687][T10443] hpfs: hpfs_map_4sectors(): unaligned read
[  664.149485][T10443] hpfs: hpfs_map_4sectors(): unaligned read
[  664.180353][T10443] hpfs: filesystem error: unable to find root dir
[  664.253964][ T5805] gspca_sq930x: ucbus_write failed -110
[  664.259853][ T5805] sq930x: probe of 4-1:0.0 failed with error -110
[  664.390926][T10458] loop2: detected capacity change from 0 to 32768
[  664.445204][T10458] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.1615 (10458)
[  664.510730][T10458] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  664.526635][T10458] BTRFS info (device loop2): using free space tree
[  664.533548][T10458] BTRFS info (device loop2): has skinny extents
[  665.013294][T10445] udc-core: couldn't find an available UDC or it's busy
[  665.254456][T10445] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  665.304047][T10429] loop5: detected capacity change from 0 to 2048
[  665.402317][T10429] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  665.424090][T10458] BTRFS info (device loop2): enabling ssd optimizations
[  665.453324][    T9] BTRFS warning (device loop2): checksum verify failed on 5267456 wanted 0x3831e3715d987aad found 0xc1fe972999a37482 level 0
[  665.531119][T10458] BTRFS warning (device loop2): failed to read fs tree: -5
[  665.562594][T10486] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  666.104013][T10458] BTRFS error (device loop2): open_ctree failed: -5
[  666.276705][ T8380] usb 4-1: USB disconnect, device number 24
[  667.042555][ T4196] usb 6-1: USB disconnect, device number 5
[  667.681309][T10528] loop2: detected capacity change from 0 to 512
[  667.735328][T10528] EXT4-fs (loop2): Test dummy encryption mode enabled
[  667.742371][T10528] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[  667.742371][T10528] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  667.742371][T10528] 
[  667.761014][T10528] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  667.810979][T10529] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1627'.
[  667.872457][T10528] EXT4-fs error (device loop2): ext4_orphan_get:1432: comm syz.2.1626: bad orphan inode 131083
[  667.883834][T10528] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,jqfmt=vfsv0,nouser_xattr,,errors=continue. Quota mode: none.
[  672.013404][T10563] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1637'.
[  672.093917][ T4196] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  672.147154][T10566] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1639'.
[  672.214060][T10570] loop2: detected capacity change from 0 to 64
[  672.364161][ T4196] usb 4-1: Using ep0 maxpacket: 8
[  672.644483][ T4196] usb 4-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  672.705617][ T4196] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  672.881376][ T4196] usb 4-1: Product: syz
[  673.127480][ T4196] usb 4-1: Manufacturer: syz
[  673.157926][ T4196] usb 4-1: SerialNumber: syz
[  673.203379][ T4196] usb 4-1: config 0 descriptor??
[  673.285210][ T4196] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  673.619856][T10581] loop5: detected capacity change from 0 to 8192
[  673.699538][T10581] netlink: 'syz.5.1645': attribute type 1 has an invalid length.
[  674.144192][ T4196] gspca_sonixj: reg_r err -32
[  674.149292][ T4196] sonixj: probe of 4-1:0.0 failed with error -32
[  674.214686][T10559] loop3: detected capacity change from 0 to 2048
[  674.293594][T10585] loop2: detected capacity change from 0 to 131072
[  674.302196][T10559] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  674.375247][T10585] F2FS-fs (loop2): invalid crc value
[  674.396546][T10591] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  674.512432][T10585] F2FS-fs (loop2): Found nat_bits in checkpoint
[  674.610685][T10585] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  674.924891][T10600] F2FS-fs (loop2): invalid namelen(0), ino:8, run fsck to fix.
[  675.959308][T10606] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1650'.
[  676.148531][T10611] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1652'.
[  676.348626][T10502] usb 4-1: USB disconnect, device number 25
[  676.833490][T10624] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1648'.
[  676.960642][T10630] tmpfs: Unknown parameter 'usrquota'
[  677.219253][T10635] loop3: detected capacity change from 0 to 2048
[  677.392820][T10645] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1661'.
[  677.450219][T10635] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  679.901752][T10683] lo speed is unknown, defaulting to 1000
[  680.297269][T10690] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1673'.
[  681.766578][T10710] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1679'.
[  682.020526][ T1347] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  682.343915][ T1347] usb 6-1: Using ep0 maxpacket: 16
[  682.504786][ T1347] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  682.794187][ T1347] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=9d.3d
[  682.812619][ T1347] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  682.863068][ T1347] usb 6-1: Product: syz
[  682.863097][ T1347] usb 6-1: Manufacturer: syz
[  682.863115][ T1347] usb 6-1: SerialNumber: syz
[  682.884700][ T1347] usb 6-1: config 0 descriptor??
[  682.954761][ T1347] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  683.137511][ T1347] usb 6-1: USB disconnect, device number 6
[  683.204095][  T144] usb 6-1: Failed to submit usb control message: -71
[  683.204213][  T144] usb 6-1: unable to send the bmi data to the device: -71
[  683.204235][  T144] usb 6-1: unable to get target info from device
[  683.204252][  T144] usb 6-1: could not get target info (-71)
[  683.204335][  T144] usb 6-1: could not probe fw (-71)
[  684.020731][T10735] loop5: detected capacity change from 0 to 128
[  684.129133][T10739] syz.3.1687[10739] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  684.129199][T10739] syz.3.1687[10739] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  685.974592][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  687.123038][T10753] loop5: detected capacity change from 0 to 32768
[  687.464064][T10753] OCFS2: ERROR (device loop5): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #66: i_blkno is 50331714
[  687.553939][T10753] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  687.704360][T10753] OCFS2: File system is now read-only.
[  687.767143][T10753] (syz.5.1689,10753,1):ocfs2_read_locked_inode:521 ERROR: status = -30
[  687.865637][T10753] (syz.5.1689,10753,1):ocfs2_init_global_system_inodes:449 ERROR: status = -30
[  687.938645][T10753] (syz.5.1689,10753,1):ocfs2_init_global_system_inodes:473 ERROR: status = -30
[  688.054150][T10753] (syz.5.1689,10753,1):ocfs2_initialize_super:2281 ERROR: status = -30
[  688.135285][T10783] loop2: detected capacity change from 0 to 128
[  688.143799][T10753] (syz.5.1689,10753,0):ocfs2_fill_super:1177 ERROR: status = -30
[  688.749871][T10789] FAT-fs (nullb0): bogus number of reserved sectors
[  688.777402][T10789] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  689.301410][T10798] syz.5.1701[10798] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  689.301524][T10798] syz.5.1701[10798] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  689.441240][T10801] program syz.5.1704 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  689.768770][T10801] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  690.166982][T10801] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1704'.
[  690.349017][T10806] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1704'.
[  690.556879][T10818] loop5: detected capacity change from 0 to 512
[  690.806032][T10818] EXT4-fs error (device loop5): ext4_xattr_inode_iget:401: inode #12: comm syz.5.1709: missing EA_INODE flag
[  690.931443][T10818] EXT4-fs error (device loop5): ext4_xattr_inode_iget:406: comm syz.5.1709: error while reading EA inode 12 err=-117
[  691.044885][T10818] EXT4-fs (loop5): 1 orphan inode deleted
[  691.088583][T10818] EXT4-fs (loop5): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback.
[  691.438220][T10832] loop3: detected capacity change from 0 to 128
[  693.343264][T10848] syz.3.1715[10848] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  693.343362][T10848] syz.3.1715[10848] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  693.584175][T10852] loop3: detected capacity change from 0 to 1024
[  693.655491][T10852] hfsplus: unable to parse mount options
[  695.917236][T10869] loop5: detected capacity change from 0 to 512
[  695.997632][T10869] EXT4-fs (loop5): Test dummy encryption mode enabled
[  696.004756][T10869] EXT4-fs (loop5): Mount option "nouser_xattr" will be removed by 3.5
[  696.004756][T10869] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  696.004756][T10869] 
[  696.024248][T10869] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  696.154844][T10869] EXT4-fs error (device loop5): ext4_orphan_get:1432: comm syz.5.1724: bad orphan inode 131083
[  696.178580][T10869] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,jqfmt=vfsv0,nouser_xattr,,errors=continue. Quota mode: none.
[  696.277578][T10876] loop3: detected capacity change from 0 to 1024
[  696.380977][T10876] EXT4-fs (loop3): inline encryption not supported
[  696.488024][T10876] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv1,stripe=0x0000000000000006,norecovery,noauto_da_alloc,debug_want_extra_isize=0x0000000000000080,jqfmt=vfsv1,inlinecrypt,grpquota,norecovery,,errors=continue. Quota mode: writeback.
[  696.628582][T10866] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1723'.
[  696.874308][T10885] loop5: detected capacity change from 0 to 128
[  698.113882][T10907] syz.3.1728[10907] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  698.113982][T10907] syz.3.1728[10907] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  698.757204][T10904] loop2: detected capacity change from 0 to 131072
[  698.834336][T10904] F2FS-fs (loop2): invalid crc value
[  698.870571][T10904] F2FS-fs (loop2): Found nat_bits in checkpoint
[  698.921641][T10904] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  699.012391][T10924] loop3: detected capacity change from 0 to 1024
[  699.135843][T10928] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1737'.
[  699.169815][T10928] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1737'.
[  699.227854][T10924] EXT4-fs error (device loop3): ext4_map_blocks:631: inode #3: block 2: comm syz.3.1736: lblock 2 mapped to illegal pblock 2 (length 1)
[  699.250154][T10929] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1733'.
[  699.306000][T10932] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1737'.
[  699.368500][T10924] EXT4-fs (loop3): Remounting filesystem read-only
[  699.404485][T10924] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  699.412986][T10924] EXT4-fs error (device loop3): ext4_map_blocks:631: inode #3: block 48: comm syz.3.1736: lblock 0 mapped to illegal pblock 48 (length 1)
[  699.530958][T10933] F2FS-fs (loop2): invalid namelen(0), ino:8, run fsck to fix.
[  699.580987][T10924] EXT4-fs (loop3): Remounting filesystem read-only
[  699.648522][T10924] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  699.710924][T10924] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.1736: Failed to acquire dquot type 0
[  699.770310][T10924] EXT4-fs (loop3): Remounting filesystem read-only
[  699.802803][T10924] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  699.934502][T10924] EXT4-fs (loop3): Remounting filesystem read-only
[  699.941262][T10924] EXT4-fs error (device loop3): ext4_evict_inode:284: inode #11: comm syz.3.1736: mark_inode_dirty error
[  700.063589][T10924] EXT4-fs (loop3): Remounting filesystem read-only
[  700.093922][T10924] EXT4-fs warning (device loop3): ext4_evict_inode:287: couldn't mark inode dirty (err -117)
[  700.162512][T10924] EXT4-fs (loop3): 1 orphan inode deleted
[  700.210789][T10924] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,nojournal_checksum,errors=remount-ro,nodiscard,stripe=0x0000000000000004,noauto_da_alloc,. Quota mode: none.
[  700.246574][  T636] EXT4-fs error (device loop3): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  700.325883][  T636] EXT4-fs (loop3): Remounting filesystem read-only
[  700.332986][  T636] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  700.433676][  T636] EXT4-fs error (device loop3): ext4_release_dquot:6272: comm kworker/u4:3: Failed to release dquot type 0
[  700.483969][ T4196] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  700.565973][  T636] EXT4-fs (loop3): Remounting filesystem read-only
[  700.744388][T10945] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1736'.
[  700.753986][ T4196] usb 6-1: Using ep0 maxpacket: 16
[  700.874277][ T4196] usb 6-1: config index 0 descriptor too short (expected 51443, got 18)
[  701.054662][ T4196] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  701.094776][ T4196] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.104813][T10939] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1739'.
[  701.120425][ T4196] usb 6-1: Product: syz
[  701.128613][ T4196] usb 6-1: Manufacturer: syz
[  701.138332][ T4196] usb 6-1: SerialNumber: syz
[  701.157314][ T4193] EXT4-fs error (device loop3): __ext4_get_inode_loc:4334: comm syz-executor: Invalid inode table block 1 in block_group 0
[  701.183591][ T4193] EXT4-fs (loop3): Remounting filesystem read-only
[  701.191734][ T4193] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  701.212906][ T4196] r8152-cfgselector 6-1: config 0 descriptor??
[  701.243103][ T4193] EXT4-fs (loop3): Remounting filesystem read-only
[  701.274258][ T4193] EXT4-fs error (device loop3): ext4_quota_off:6542: inode #3: comm syz-executor: mark_inode_dirty error
[  701.293814][ T4193] EXT4-fs (loop3): Remounting filesystem read-only
[  701.764195][ T4196] r8152-cfgselector 6-1: Unknown version 0x0000
[  701.774000][ T4196] r8152-cfgselector 6-1: bad CDC descriptors
[  701.834304][ T4196] r8152-cfgselector 6-1: Unknown version 0x0000
[  701.896479][ T4196] r8152-cfgselector 6-1: USB disconnect, device number 7
[  702.092902][T10951] loop3: detected capacity change from 0 to 4096
[  702.334086][T10951] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  702.895147][T10960] loop3: detected capacity change from 0 to 2048
[  702.949368][T10970] loop5: detected capacity change from 0 to 128
[  703.023015][T10960] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  703.478411][ T9860] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  703.789013][ T9860] usb 4-1: Using ep0 maxpacket: 32
[  703.974214][ T9860] usb 4-1: unable to get BOS descriptor or descriptor too short
[  705.423856][ T9860] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  705.434878][ T9860] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  705.445322][ T9860] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  706.929645][T11022] loop2: detected capacity change from 0 to 512
[  707.436795][T11022] EXT4-fs (loop2): Test dummy encryption mode enabled
[  707.443789][T11022] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[  707.443789][T11022] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  707.443789][T11022] 
[  707.462895][T11022] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  708.168674][ T9860] usb 4-1: New USB device found, idVendor=0763, idProduct=1033, bcdDevice= 0.40
[  708.393240][ T9860] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.426381][T11022] EXT4-fs error (device loop2): ext4_orphan_get:1432: comm syz.2.1761: bad orphan inode 131083
[  708.438045][T11022] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,jqfmt=vfsv0,nouser_xattr,,errors=continue. Quota mode: none.
[  708.494182][ T9860] usb 4-1: can't set config #1, error -71
[  708.502814][ T9860] usb 4-1: USB disconnect, device number 26
[  708.948469][T11052] loop2: detected capacity change from 0 to 2048
[  709.068312][T11052] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  709.675209][T11050] EXT4-fs error (device loop2): ext4_ext_precache:608: inode #2: comm syz.2.1770: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  711.077168][T11069] loop3: detected capacity change from 0 to 512
[  711.942106][T11069] EXT4-fs (loop3): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  711.971415][T11074] syz.5.1777[11074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  711.971516][T11074] syz.5.1777[11074] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  714.353950][ T1347] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  715.004700][ T1347] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  715.087881][ T1347] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  715.404209][ T1347] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  715.433968][ T1347] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  715.462677][ T1347] usb 6-1: Manufacturer: syz
[  715.515007][ T1347] usb 6-1: config 0 descriptor??
[  715.745297][T11115] openvswitch: netlink: Key 0 has unexpected len 4 expected 0
[  715.791071][T11108] capability: warning: `syz.1.1787' uses deprecated v2 capabilities in a way that may be insecure
[  717.152405][T11125] loop2: detected capacity change from 0 to 32768
[  717.909045][T11137] loop5: detected capacity change from 0 to 512
[  718.225284][T11125] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.1793 (11125)
[  718.248657][T11137] EXT4-fs (loop5): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  720.795768][T11151] loop3: detected capacity change from 0 to 128
[  720.859866][T11157] udc-core: couldn't find an available UDC or it's busy
[  720.867241][T11125] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  720.958239][T11125] BTRFS info (device loop2): setting nodatacow, compression disabled
[  721.006931][T11125] BTRFS info (device loop2): force clearing of disk cache
[  721.061374][T11157] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  721.073857][T11157] qrtr: Invalid version 4
[  721.080796][T11157] udc-core: couldn't find an available UDC or it's busy
[  721.088667][T11157] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  721.104021][T11125] BTRFS info (device loop2): enabling ssd optimizations
[  721.111049][T11125] BTRFS info (device loop2): using spread ssd allocation scheme
[  721.134027][T11125] BTRFS info (device loop2): turning off barriers
[  721.141450][T11125] BTRFS info (device loop2): disabling free space tree
[  721.157955][T11125] BTRFS info (device loop2): not using ssd optimizations
[  721.178812][T11164] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1804'.
[  721.189695][T11125] BTRFS info (device loop2): not using spread ssd allocation scheme
[  721.216346][T11125] BTRFS info (device loop2): has skinny extents
[  721.373642][T11180] fuse: Bad value for 'fd'
[  721.584136][ T1347] uclogic 0003:256C:006D.000C: interface is invalid, ignoring
[  721.636619][ T4182] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by udevd (4182)
[  721.648814][T11125] BTRFS error (device loop2): open_ctree failed: -12
[  721.770508][T11187] udc-core: couldn't find an available UDC or it's busy
[  721.783829][T11187] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  721.813894][T11182] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  721.839693][T11187] udc-core: couldn't find an available UDC or it's busy
[  721.864838][T11187] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  722.108198][T11193] FAULT_INJECTION: forcing a failure.
[  722.108198][T11193] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  722.122314][T11193] CPU: 0 PID: 11193 Comm: syz.3.1806 Not tainted syzkaller #0
[  722.129937][T11193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  722.140931][T11193] Call Trace:
[  722.144406][T11193]  <TASK>
[  722.147534][T11193]  dump_stack_lvl+0x188/0x250
[  722.152778][T11193]  ? show_regs_print_info+0x20/0x20
[  722.158793][T11193]  ? load_image+0x400/0x400
[  722.163405][T11193]  ? __lock_acquire+0x7d10/0x7d10
[  722.168765][T11193]  ? mark_lock+0x94/0x320
[  722.173384][T11193]  should_fail+0x38c/0x4c0
[  722.178274][T11193]  prepare_alloc_pages+0x1e4/0x5f0
[  722.183679][T11193]  __alloc_pages+0x11b/0x480
[  722.188283][T11193]  ? zone_statistics+0x170/0x170
[  722.193334][T11193]  ? verify_lock_unused+0x140/0x140
[  722.198863][T11193]  alloc_pages_vma+0x393/0x7c0
[  722.203987][T11193]  wp_page_copy+0x21e/0x2050
[  722.208968][T11193]  ? do_wp_page+0x902/0xad0
[  722.213845][T11193]  ? insert_page_into_pte_locked+0x480/0x480
[  722.220674][T11193]  ? do_raw_spin_unlock+0x11d/0x230
[  722.225910][T11193]  ? _raw_spin_unlock+0x24/0x40
[  722.231266][T11193]  ? do_wp_page+0x902/0xad0
[  722.235997][T11193]  handle_mm_fault+0x1f06/0x4410
[  722.241420][T11193]  ? get_page+0xe0/0xe0
[  722.245700][T11193]  ? vmacache_find+0x238/0x590
[  722.250575][T11193]  ? find_vma+0xd2/0x230
[  722.254943][T11193]  do_user_addr_fault+0x489/0xc80
[  722.260307][T11193]  exc_page_fault+0x60/0x100
[  722.265201][T11193]  asm_exc_page_fault+0x22/0x30
[  722.270560][T11193] RIP: 0033:0x7fae577a6e63
[  722.275181][T11193] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  722.295513][T11193] RSP: 002b:00007fae55b06470 EFLAGS: 00010206
[  722.301607][T11193] RAX: 000000000001a019 RBX: 00007fae55b06530 RCX: 00007fae4d6e7000
[  722.309856][T11193] RDX: 00007fae55b066d0 RSI: 0000000000000000 RDI: 00007fae55b065d0
[  722.317920][T11193] RBP: 000000000000001f R08: 0000000000000008 R09: 00000000000000b2
[  722.326460][T11193] R10: 00000000000000ca R11: 00007fae55b06530 R12: 0000000000000001
[  722.334627][T11193] R13: 00007fae579a5900 R14: 0000000000000003 R15: 00007fae55b065d0
[  722.343187][T11193]  </TASK>
[  722.350262][T11193] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  722.483300][T11193] loop3: detected capacity change from 0 to 1024
[  723.074935][T11182] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  723.182912][T11182] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  723.444114][T11182] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  724.289869][T11192] hfsplus: catalog searching failed
[  724.467005][T11182] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  724.594127][T11182] usb 1-1: string descriptor 0 read error: -71
[  724.608126][T11182] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  724.667618][T11182] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  724.937811][  T154] hfsplus: bad catalog file entry
[  724.957931][  T154] hfsplus: b-tree write err: -5, ino 3
[  725.002540][T11182] usb 1-1: config 0 descriptor??
[  725.024149][T11182] usb 1-1: can't set config #0, error -71
[  725.041933][T11182] usb 1-1: USB disconnect, device number 22
[  728.904148][T11231] loop3: detected capacity change from 0 to 512
[  729.105322][T11231] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  730.883402][T11256] loop2: detected capacity change from 0 to 512
[  731.005304][T11256] EXT4-fs (loop2): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  732.326173][ T4196] usb 6-1: USB disconnect, device number 8
[  732.715068][   T26] audit: type=1804 audit(746.647:7): pid=11280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1830" name="bus" dev="ramfs" ino=57837 res=1 errno=0
[  732.783851][   T26] audit: type=1804 audit(746.707:8): pid=11282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1830" name="bus" dev="ramfs" ino=57837 res=1 errno=0
[  733.886233][T11282] FAULT_INJECTION: forcing a failure.
[  733.886233][T11282] name failslab, interval 1, probability 0, space 0, times 0
[  734.207314][T11282] CPU: 1 PID: 11282 Comm: syz.2.1830 Not tainted syzkaller #0
[  734.215042][T11282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  734.225303][T11282] Call Trace:
[  734.228728][T11282]  <TASK>
[  734.231812][T11282]  dump_stack_lvl+0x188/0x250
[  734.236527][T11282]  ? show_regs_print_info+0x20/0x20
[  734.241833][T11282]  ? load_image+0x400/0x400
[  734.246447][T11282]  ? __might_sleep+0xf0/0xf0
[  734.251257][T11282]  ? __lock_acquire+0x7d10/0x7d10
[  734.256325][T11282]  should_fail+0x38c/0x4c0
[  734.260975][T11282]  should_failslab+0x5/0x20
[  734.265596][T11282]  slab_pre_alloc_hook+0x51/0xc0
[  734.270920][T11282]  kmem_cache_alloc_trace+0x47/0x2a0
[  734.276320][T11282]  ? alloc_pipe_info+0xe4/0x4b0
[  734.281229][T11282]  alloc_pipe_info+0xe4/0x4b0
[  734.286201][T11282]  splice_direct_to_actor+0x9b0/0xc10
[  734.291887][T11282]  ? aa_file_perm+0x38b/0xe80
[  734.296592][T11282]  ? direct_file_splice_eof+0xa0/0xa0
[  734.302002][T11282]  ? pipe_to_sendpage+0x320/0x320
[  734.307233][T11282]  ? common_file_perm+0x171/0x1c0
[  734.312403][T11282]  ? fsnotify_perm+0x5d/0x560
[  734.317210][T11282]  ? security_file_permission+0x75/0xa0
[  734.322790][T11282]  do_splice_direct+0x1d4/0x2f0
[  734.327854][T11282]  ? splice_direct_to_actor+0xc10/0xc10
[  734.333693][T11282]  ? rcu_read_lock_any_held+0xb0/0x130
[  734.339198][T11282]  ? do_splice_direct+0x2f0/0x2f0
[  734.344536][T11282]  ? common_file_perm+0x171/0x1c0
[  734.349598][T11282]  do_sendfile+0x5fc/0xeb0
[  734.354337][T11282]  ? do_pwritev+0x3a0/0x3a0
[  734.359063][T11282]  ? __lock_acquire+0x7d10/0x7d10
[  734.364127][T11282]  __se_sys_sendfile64+0x141/0x1a0
[  734.369280][T11282]  ? lock_chain_count+0x20/0x20
[  734.374322][T11282]  ? __x64_sys_sendfile64+0xa0/0xa0
[  734.379574][T11282]  ? lockdep_hardirqs_on+0x94/0x140
[  734.385001][T11282]  do_syscall_64+0x4c/0xa0
[  734.389545][T11282]  ? clear_bhb_loop+0x30/0x80
[  734.394260][T11282]  ? clear_bhb_loop+0x30/0x80
[  734.399138][T11282]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  734.405209][T11282] RIP: 0033:0x7f776bfa2dd9
[  734.409957][T11282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  734.430229][T11282] RSP: 002b:00007f776a1db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  734.439512][T11282] RAX: ffffffffffffffda RBX: 00007f776c21c090 RCX: 00007f776bfa2dd9
[  734.448027][T11282] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  734.456486][T11282] RBP: 00007f776a1db090 R08: 0000000000000000 R09: 0000000000000000
[  734.464871][T11282] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[  734.473926][T11282] R13: 00007f776c21c128 R14: 00007f776c21c090 R15: 00007ffd95314088
[  734.482522][T11282]  </TASK>
[  735.094015][ T1347] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  735.514018][ T1347] usb 1-1: Using ep0 maxpacket: 16
[  735.634073][ T1347] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  735.645826][ T1347] usb 1-1: config 0 has no interface number 0
[  735.656946][ T1347] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  735.671978][ T1347] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  735.784601][ T1347] usb 1-1: config 0 interface 41 has no altsetting 0
[  735.964604][ T1347] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  735.984669][ T1347] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  736.046029][ T1347] usb 1-1: Product: syz
[  736.058842][ T1347] usb 1-1: Manufacturer: syz
[  736.068374][ T1347] usb 1-1: SerialNumber: syz
[  736.096262][ T1347] usb 1-1: config 0 descriptor??
[  736.114391][T11303] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  736.121569][T11322] loop3: detected capacity change from 0 to 4096
[  736.122094][T11303] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  736.168991][T11322] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  736.194122][T11322] EXT4-fs (loop3): Test dummy encryption mode enabled
[  736.232009][T11322] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,nombcache,user_xattr,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  736.485609][T11325] EXT4-fs (loop3): shut down requested (1)
[  736.491843][T11303] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  736.506670][T11325] EXT4-fs warning (device loop3): ext4_empty_dir:3156: inode #12: comm syz.3.1842: directory missing '..'
[  736.532404][T11303] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  736.565064][T11329] loop2: detected capacity change from 0 to 128
[  737.478643][T11327] loop5: detected capacity change from 0 to 131072
[  737.893932][T11327] F2FS-fs (loop5): invalid crc value
[  737.964197][T11327] F2FS-fs (loop5): Found nat_bits in checkpoint
[  738.021912][T11327] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  738.030472][ T1347] sr9700 1-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[  738.097617][ T1347] usb 1-1: USB disconnect, device number 23
[  738.139185][T11342] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1843'.
[  738.389942][T11348] loop3: detected capacity change from 0 to 512
[  738.494410][T11352] IPVS: set_ctl: invalid protocol: 221 10.1.1.2:20003
[  738.617699][T11352] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1850'.
[  738.650392][T11348] EXT4-fs (loop3): 1 truncate cleaned up
[  738.704511][T11348] EXT4-fs (loop3): mounted filesystem without journal. Opts: prjquota,grpquota,debug_want_extra_isize=0x000000000000005c,sysvgroups,lazytime,errors=continue,grpjquota=,,errors=continue. Quota mode: writeback.
[  739.560715][T11340] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1848'.
[  740.264345][T11372] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1853'.
[  741.621830][T11383] loop2: detected capacity change from 0 to 4096
[  741.730264][T11383] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  741.754733][T11383] EXT4-fs (loop2): Test dummy encryption mode enabled
[  741.845781][T11383] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,nombcache,user_xattr,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  742.013242][T11393] loop3: detected capacity change from 0 to 4096
[  742.081874][T11383] EXT4-fs (loop2): shut down requested (1)
[  742.106559][T11383] EXT4-fs warning (device loop2): ext4_empty_dir:3156: inode #12: comm syz.2.1858: directory missing '..'
[  742.117790][T11393] ntfs: volume version 3.1.
[  742.514845][T11402] loop3: detected capacity change from 0 to 8192
[  742.738767][T11402] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  742.757438][T11402] REISERFS (device loop3): using ordered data mode
[  742.773251][T11402] reiserfs: using flush barriers
[  742.957872][T11402] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  743.008733][T11402] REISERFS (device loop3): checking transaction log (loop3)
[  743.957108][T11402] REISERFS (device loop3): Using tea hash to sort names
[  743.979355][T11402] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  744.031882][T11402] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  744.095227][T11184] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  744.143704][T11431] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  744.250718][T11417] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1866'.
[  744.284639][T11433] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1871'.
[  744.384052][T11184] usb 3-1: Using ep0 maxpacket: 8
[  744.425198][ T4196] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  744.674972][T11184] usb 3-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  744.813685][T11184] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  744.894203][ T4196] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  744.930097][T11184] usb 3-1: Product: syz
[  744.957603][ T4196] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  745.089432][T11184] usb 3-1: Manufacturer: syz
[  745.176991][T11184] usb 3-1: SerialNumber: syz
[  745.229286][T11184] usb 3-1: config 0 descriptor??
[  745.286210][T11184] gspca_main: sq905-2.14.0 probing 2770:9120
[  745.353634][T11441] capability: warning: `syz.1.1873' uses 32-bit capabilities (legacy support in use)
[  745.444207][ T4196] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  745.454298][ T4196] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  745.536622][T11444] loop5: detected capacity change from 0 to 4096
[  745.643580][ T4196] usb 1-1: Product: syz
[  745.647997][ T4196] usb 1-1: Manufacturer: syz
[  745.653262][ T4196] usb 1-1: SerialNumber: syz
[  745.689454][T11444] ntfs: (device loop5): ntfs_read_locked_inode(): $DATA attribute is missing.
[  745.704894][ T4196] cdc_ncm 1-1:1.0: skipping garbage
[  745.707465][T11444] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  745.714111][ T4196] cdc_ncm 1-1:1.0: NCM or ECM functional descriptors missing
[  745.724707][T11444] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  745.848600][ T4196] cdc_ncm 1-1:1.0: bind() failure
[  746.021263][T11444] ntfs: volume version 3.1.
[  746.026267][T11184] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71)
[  746.063502][T11184] sq905: probe of 3-1:0.0 failed with error -71
[  746.110469][ T4196] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  746.146840][T11184] usb 3-1: USB disconnect, device number 18
[  746.176713][ T4196] cdc_ncm 1-1:1.1: bind() failure
[  746.348619][T11454] loop3: detected capacity change from 0 to 512
[  746.417676][T11454] EXT4-fs (loop3): Unrecognized mount option "smackfstransmute=trusted.overlay.origin" or missing value
[  746.447548][ T8355] ntfs: (device loop5): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  747.369911][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  747.850871][T11478] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1884'.
[  747.863019][T11480] loop2: detected capacity change from 0 to 128
[  748.064621][T10497] usb 1-1: USB disconnect, device number 24
[  748.478590][T11476] loop3: detected capacity change from 0 to 131072
[  748.509231][T11476] F2FS-fs (loop3): invalid crc value
[  748.542609][T11476] F2FS-fs (loop3): Found nat_bits in checkpoint
[  748.593353][T11497] device macsec0 entered promiscuous mode
[  748.629866][T11476] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  748.682926][T11501] FAULT_INJECTION: forcing a failure.
[  748.682926][T11501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  748.743877][T11501] CPU: 0 PID: 11501 Comm: syz.5.1891 Not tainted syzkaller #0
[  748.751605][T11501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  748.760567][T11502] loop2: detected capacity change from 0 to 1764
[  748.761684][T11501] Call Trace:
[  748.761695][T11501]  <TASK>
[  748.774364][T11501]  dump_stack_lvl+0x188/0x250
[  748.779253][T11501]  ? show_regs_print_info+0x20/0x20
[  748.784494][T11501]  ? load_image+0x400/0x400
[  748.789036][T11501]  ? __lock_acquire+0x7d10/0x7d10
[  748.794284][T11501]  should_fail+0x38c/0x4c0
[  748.798828][T11501]  _copy_from_user+0x2e/0x170
[  748.803731][T11501]  __copy_msghdr_from_user+0xc9/0x630
[  748.809291][T11501]  ? verify_lock_unused+0x140/0x140
[  748.814785][T11501]  ? __ia32_sys_shutdown+0x1d0/0x1d0
[  748.820205][T11501]  ___sys_sendmsg+0x19a/0x2e0
[  748.824923][T11501]  ? __sys_sendmsg+0x2a0/0x2a0
[  748.829728][T11501]  ? vfs_write+0x8b2/0xd60
[  748.834282][T11501]  __se_sys_sendmsg+0x1af/0x290
[  748.839295][T11501]  ? __x64_sys_sendmsg+0x80/0x80
[  748.844570][T11501]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  748.852262][T11501]  ? lockdep_hardirqs_on+0x94/0x140
[  748.857588][T11501]  do_syscall_64+0x4c/0xa0
[  748.862248][T11501]  ? clear_bhb_loop+0x30/0x80
[  748.867150][T11501]  ? clear_bhb_loop+0x30/0x80
[  748.872328][T11501]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  748.878467][T11501] RIP: 0033:0x7fca2f68cdd9
[  748.882920][T11501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  748.891422][T11504] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1883'.
[  748.903013][T11501] RSP: 002b:00007fca2d8e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  748.903048][T11501] RAX: ffffffffffffffda RBX: 00007fca2f905fa0 RCX: 00007fca2f68cdd9
[  748.903062][T11501] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  748.903076][T11501] RBP: 00007fca2d8e6090 R08: 0000000000000000 R09: 0000000000000000
[  748.903088][T11501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  748.903100][T11501] R13: 00007fca2f906038 R14: 00007fca2f905fa0 R15: 00007ffea59cff48
[  748.903129][T11501]  </TASK>
[  749.212655][T11502] iso9660: Corrupted directory entry in block 2 of inode 1920
[  750.688538][T11523] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1898'.
[  751.533696][T11527] loop2: detected capacity change from 0 to 131072
[  751.674650][T11527] F2FS-fs (loop2): invalid crc value
[  751.802429][T11527] F2FS-fs (loop2): Found nat_bits in checkpoint
[  751.857887][T11527] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  752.294844][T11527] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1897'.
[  752.606763][T11545] FAULT_INJECTION: forcing a failure.
[  752.606763][T11545] name failslab, interval 1, probability 0, space 0, times 0
[  752.620166][T11545] CPU: 0 PID: 11545 Comm: syz.0.1903 Not tainted syzkaller #0
[  752.628543][T11545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  752.638712][T11545] Call Trace:
[  752.642200][T11545]  <TASK>
[  752.645342][T11545]  dump_stack_lvl+0x188/0x250
[  752.650472][T11545]  ? show_regs_print_info+0x20/0x20
[  752.655781][T11545]  ? load_image+0x400/0x400
[  752.660284][T11545]  ? __might_sleep+0xf0/0xf0
[  752.664875][T11545]  ? __lock_acquire+0x7d10/0x7d10
[  752.670000][T11545]  should_fail+0x38c/0x4c0
[  752.674452][T11545]  should_failslab+0x5/0x20
[  752.679178][T11545]  slab_pre_alloc_hook+0x51/0xc0
[  752.684130][T11545]  ? getname_flags+0xb5/0x500
[  752.688829][T11545]  kmem_cache_alloc+0x3d/0x290
[  752.693622][T11545]  getname_flags+0xb5/0x500
[  752.695704][T11547] F2FS-fs (loop2): invalid namelen(0), ino:8, run fsck to fix.
[  752.698258][T11545]  do_sys_openat2+0xdd/0x4b0
[  752.698301][T11545]  ? do_sys_open+0xe0/0xe0
[  752.698324][T11545]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  752.698350][T11545]  __x64_sys_openat+0x135/0x160
[  752.727230][T11545]  do_syscall_64+0x4c/0xa0
[  752.731665][T11545]  ? clear_bhb_loop+0x30/0x80
[  752.736754][T11545]  ? clear_bhb_loop+0x30/0x80
[  752.741854][T11545]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  752.747838][T11545] RIP: 0033:0x7f1aa8f56dd9
[  752.752569][T11545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  752.772979][T11545] RSP: 002b:00007f1aa718f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  752.781752][T11545] RAX: ffffffffffffffda RBX: 00007f1aa91d0090 RCX: 00007f1aa8f56dd9
[  752.789970][T11545] RDX: 0000000000000201 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  752.798282][T11545] RBP: 00007f1aa718f090 R08: 0000000000000000 R09: 0000000000000000
[  752.806592][T11545] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[  752.815465][T11545] R13: 00007f1aa91d0128 R14: 00007f1aa91d0090 R15: 00007ffcd75199c8
[  752.823750][T11545]  </TASK>
[  756.099508][T11576] loop5: detected capacity change from 0 to 512
[  756.198877][T11576] EXT4-fs (loop5): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  756.742774][T11590] loop2: detected capacity change from 0 to 512
[  756.878805][T11590] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  756.888263][T11590] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  758.204436][T11595] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1912'.
[  761.393613][T11620] loop2: detected capacity change from 0 to 131072
[  761.515460][T11620] F2FS-fs (loop2): invalid crc value
[  761.646640][T11620] F2FS-fs (loop2): Found nat_bits in checkpoint
[  761.748810][T11620] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  761.975652][T11620] F2FS-fs (loop2): invalid namelen(0), ino:8, run fsck to fix.
[  762.630898][T11640] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1931'.
[  762.995268][T11647] loop5: detected capacity change from 0 to 512
[  764.065572][T11647] EXT4-fs (loop5): orphan cleanup on readonly fs
[  764.083963][T11647] EXT4-fs error (device loop5): ext4_ext_check_inode:501: inode #4: comm syz.5.1934: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  764.199636][T11647] EXT4-fs error (device loop5): ext4_quota_enable:6447: comm syz.5.1934: Bad quota inode: 4, type: 1
[  764.283406][T11647] EXT4-fs warning (device loop5): ext4_enable_quotas:6488: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  764.341498][T11647] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  764.358969][T11647] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  764.397965][T11664] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  764.761729][T11664] EXT4-fs warning (device loop5): ext4_multi_mount_protect:337: MMP interval 2680 higher than expected, please wait.
[  764.761729][T11664] 
[  765.412256][T11664] EXT4-fs warning (device loop5): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount
[  765.412256][T11664] 
[  765.560357][T11683] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1943'.
[  766.040781][T11699] fuse: Bad value for 'fd'
[  768.437764][T11678] loop3: detected capacity change from 0 to 32768
[  769.229434][T11718] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  769.276464][T11720] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1955'.
[  769.341924][T11718] tipc: Resetting bearer <eth:syzkaller0>
[  769.517553][T11726] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  769.749984][T11726] FAULT_INJECTION: forcing a failure.
[  769.749984][T11726] name failslab, interval 1, probability 0, space 0, times 0
[  769.857764][T11731] tipc: Resetting bearer <eth:syzkaller0>
[  769.921194][T11731] device syzkaller0 left promiscuous mode
[  769.953171][T11726] CPU: 1 PID: 11726 Comm: syz.0.1956 Not tainted syzkaller #0
[  769.960696][T11726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  769.970968][T11726] Call Trace:
[  769.974367][T11726]  <TASK>
[  769.977577][T11726]  dump_stack_lvl+0x188/0x250
[  769.982646][T11726]  ? show_regs_print_info+0x20/0x20
[  769.988073][T11726]  ? load_image+0x400/0x400
[  769.992620][T11726]  ? __might_sleep+0xf0/0xf0
[  769.997416][T11726]  ? __lock_acquire+0x7d10/0x7d10
[  770.002601][T11726]  ? mark_lock+0x94/0x320
[  770.006980][T11726]  should_fail+0x38c/0x4c0
[  770.011437][T11726]  should_failslab+0x5/0x20
[  770.016051][T11726]  slab_pre_alloc_hook+0x51/0xc0
[  770.021017][T11726]  __kmalloc+0x6b/0x330
[  770.025279][T11726]  ? tomoyo_realpath_from_path+0x118/0x610
[  770.031579][T11726]  tomoyo_realpath_from_path+0x118/0x610
[  770.037249][T11726]  tomoyo_path_number_perm+0x242/0x660
[  770.042745][T11726]  ? verify_lock_unused+0x140/0x140
[  770.048171][T11726]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  770.053657][T11726]  ? ksys_write+0x1c6/0x260
[  770.058229][T11726]  security_file_ioctl+0x6c/0xa0
[  770.063342][T11726]  __se_sys_ioctl+0x48/0x170
[  770.068146][T11726]  do_syscall_64+0x4c/0xa0
[  770.072671][T11726]  ? clear_bhb_loop+0x30/0x80
[  770.077472][T11726]  ? clear_bhb_loop+0x30/0x80
[  770.082287][T11726]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  770.088488][T11726] RIP: 0033:0x7f1aa8f56dd9
[  770.093180][T11726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  770.113533][T11726] RSP: 002b:00007f1aa71b0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  770.122346][T11726] RAX: ffffffffffffffda RBX: 00007f1aa91cffa0 RCX: 00007f1aa8f56dd9
[  770.130361][T11726] RDX: 0000200000002280 RSI: 0000000000008922 RDI: 0000000000000004
[  770.138550][T11726] RBP: 00007f1aa71b0090 R08: 0000000000000000 R09: 0000000000000000
[  770.146732][T11726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.154743][T11726] R13: 00007f1aa91d0038 R14: 00007f1aa91cffa0 R15: 00007ffcd75199c8
[  770.162771][T11726]  </TASK>
[  770.305979][T11183] tipc: Node number set to 3982884885
[  770.413821][T11726] ERROR: Out of memory at tomoyo_realpath_from_path.
[  770.964045][T11742] fuse: Bad value for 'fd'
[  771.370121][T11737] loop5: detected capacity change from 0 to 131072
[  771.436576][T11741] loop3: detected capacity change from 0 to 128
[  771.467611][T11737] F2FS-fs (loop5): invalid crc value
[  771.607305][T11737] F2FS-fs (loop5): Found nat_bits in checkpoint
[  771.615489][T11741] FAT-fs (loop3): Unrecognized mount option "GPL" or missing value
[  771.658185][T11737] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  773.252330][T11760] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1960'.
[  773.674769][T11763] F2FS-fs (loop5): invalid namelen(0), ino:8, run fsck to fix.
[  773.686231][ T9860] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  773.857659][T11769] loop3: detected capacity change from 0 to 64
[  773.963849][ T9860] usb 1-1: Using ep0 maxpacket: 8
[  774.000141][T11769] hfs: get root inode failed
[  774.296907][ T9860] usb 1-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  774.316470][ T9860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.356023][ T9860] usb 1-1: Product: syz
[  774.370920][ T9860] usb 1-1: Manufacturer: syz
[  774.387394][ T9860] usb 1-1: SerialNumber: syz
[  774.432084][ T9860] usb 1-1: config 0 descriptor??
[  774.516327][ T9860] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  775.773891][ T9860] gspca_sonixj: reg_w1 err -110
[  775.778916][ T9860] sonixj: probe of 1-1:0.0 failed with error -110
[  776.312257][T11784] loop2: detected capacity change from 0 to 4096
[  776.405782][T11792] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  777.332749][ T4196] usb 1-1: USB disconnect, device number 25
[  777.705025][T11798] loop2: detected capacity change from 0 to 131072
[  778.025131][T11798] F2FS-fs (loop2): invalid crc value
[  778.275754][T11798] F2FS-fs (loop2): Found nat_bits in checkpoint
[  778.343879][T11798] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  778.645475][T11818] F2FS-fs (loop2): invalid namelen(0), ino:8, run fsck to fix.
[  781.558361][T11843] device syzkaller0 entered promiscuous mode
[  781.623207][T11843] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  781.696952][T11845] FAT-fs (nullb0): bogus number of reserved sectors
[  781.703693][T11845] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  784.836746][T11876] loop5: detected capacity change from 0 to 512
[  785.210702][T11876] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  785.220488][T11876] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  786.778780][T11887] device syzkaller0 entered promiscuous mode
[  786.999404][T11889] FAT-fs (nullb0): bogus number of reserved sectors
[  787.048669][T11889] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  788.463923][ T5826] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  788.703845][ T5826] usb 6-1: Using ep0 maxpacket: 8
[  788.984788][ T5826] usb 6-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  789.047946][ T5826] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.235110][ T5826] usb 6-1: Product: syz
[  789.329184][ T5826] usb 6-1: Manufacturer: syz
[  789.404048][ T5826] usb 6-1: SerialNumber: syz
[  789.438751][ T5826] usb 6-1: config 0 descriptor??
[  789.773249][T11918] fuse: Bad value for 'fd'
[  789.830053][ T5826] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  791.803839][ T5826] gspca_sonixj: reg_w1 err -71
[  791.810700][ T5826] sonixj: probe of 6-1:0.0 failed with error -71
[  791.886988][ T5826] usb 6-1: USB disconnect, device number 9
[  791.954298][T11932] device syzkaller0 entered promiscuous mode
[  791.983688][T11932] FAT-fs (nullb0): bogus number of reserved sectors
[  792.001141][T11932] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  793.228463][T11947] loop3: detected capacity change from 0 to 4096
[  793.334686][T11947] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  793.370551][T11950] loop5: detected capacity change from 0 to 256
[  793.391677][T11947] EXT4-fs (loop3): Test dummy encryption mode enabled
[  793.398186][T11950] exfat: Deprecated parameter 'namecase'
[  793.438232][T11947] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,nombcache,user_xattr,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  793.446036][T11950] exfat: Deprecated parameter 'utf8'
[  793.663480][T11950] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d)
[  793.704636][T11957] EXT4-fs (loop3): shut down requested (1)
[  793.743835][T11957] EXT4-fs warning (device loop3): ext4_empty_dir:3156: inode #12: comm syz.3.2013: directory missing '..'
[  794.566406][T11950] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2015'.
[  795.013861][T11184] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  795.284042][T11184] usb 3-1: Using ep0 maxpacket: 8
[  795.494312][ T5826] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  795.634365][T11184] usb 3-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  795.663642][T11184] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  795.684025][T11184] usb 3-1: Product: syz
[  795.688337][T11184] usb 3-1: Manufacturer: syz
[  795.731823][T11184] usb 3-1: SerialNumber: syz
[  795.780207][T11184] usb 3-1: config 0 descriptor??
[  795.809300][T11983] FAULT_INJECTION: forcing a failure.
[  795.809300][T11983] name failslab, interval 1, probability 0, space 0, times 0
[  795.831416][T11983] CPU: 1 PID: 11983 Comm: syz.3.2020 Not tainted syzkaller #0
[  795.839116][T11983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  795.849743][T11983] Call Trace:
[  795.853222][T11983]  <TASK>
[  795.856173][T11983]  dump_stack_lvl+0x188/0x250
[  795.860885][T11983]  ? show_regs_print_info+0x20/0x20
[  795.866192][T11983]  ? load_image+0x400/0x400
[  795.870722][T11983]  ? __might_sleep+0xf0/0xf0
[  795.875421][T11983]  ? __lock_acquire+0x7d10/0x7d10
[  795.880475][T11983]  ? mark_lock+0x94/0x320
[  795.884828][T11983]  should_fail+0x38c/0x4c0
[  795.889372][T11983]  should_failslab+0x5/0x20
[  795.893897][T11983]  slab_pre_alloc_hook+0x51/0xc0
[  795.898953][T11983]  kmem_cache_alloc_trace+0x47/0x2a0
[  795.904439][T11983]  ? bcm_rx_setup+0x479/0x19b0
[  795.909397][T11983]  ? __local_bh_enable_ip+0x136/0x1c0
[  795.914883][T11983]  bcm_rx_setup+0x479/0x19b0
[  795.919598][T11983]  bcm_sendmsg+0x3d3/0x660
[  795.924051][T11983]  ? bcm_sock_no_ioctlcmd+0x10/0x10
[  795.929299][T11983]  ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0
[  795.935748][T11983]  ? aa_sock_msg_perm+0x94/0x150
[  795.940912][T11983]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  795.946564][T11983]  ? security_socket_sendmsg+0x7c/0xa0
[  795.952046][T11983]  ? bcm_sock_no_ioctlcmd+0x10/0x10
[  795.957315][T11983]  ____sys_sendmsg+0x5b7/0x8f0
[  795.962129][T11983]  ? __sys_sendmsg_sock+0x30/0x30
[  795.967280][T11983]  ? import_iovec+0x6f/0xa0
[  795.971992][T11983]  ___sys_sendmsg+0x236/0x2e0
[  795.976879][T11983]  ? __sys_sendmsg+0x2a0/0x2a0
[  795.981986][T11983]  __sys_sendmmsg+0x2ba/0x500
[  795.986697][T11983]  ? __ia32_sys_sendmsg+0x80/0x80
[  795.991840][T11983]  ? __context_tracking_exit+0x4c/0x80
[  795.998228][T11983]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  796.004496][T11983]  ? lock_chain_count+0x20/0x20
[  796.009474][T11983]  ? vtime_user_exit+0x2c8/0x3e0
[  796.014626][T11983]  __x64_sys_sendmmsg+0x9c/0xb0
[  796.019793][T11983]  do_syscall_64+0x4c/0xa0
[  796.024229][T11983]  ? clear_bhb_loop+0x30/0x80
[  796.029011][T11983]  ? clear_bhb_loop+0x30/0x80
[  796.033805][T11983]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  796.040121][T11983] RIP: 0033:0x7fae578efdd9
[  796.044837][T11983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  796.064824][T11983] RSP: 002b:00007fae55b49028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  796.073713][T11983] RAX: ffffffffffffffda RBX: 00007fae57b68fa0 RCX: 00007fae578efdd9
[  796.082090][T11983] RDX: 040000000000003a RSI: 0000200000001b00 RDI: 0000000000000004
[  796.090254][T11983] RBP: 00007fae55b49090 R08: 0000000000000000 R09: 0000000000000000
[  796.098852][T11983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  796.107066][T11983] R13: 00007fae57b69038 R14: 00007fae57b68fa0 R15: 00007fff2b88b5e8
[  796.115638][T11983]  </TASK>
[  796.127989][T11184] gspca_main: sq905-2.14.0 probing 2770:9120
[  796.134337][ T5826] usb 1-1: Using ep0 maxpacket: 8
[  796.586017][ T8355] 
[  796.588406][ T8355] ======================================================
[  796.595482][ T8355] WARNING: possible circular locking dependency detected
[  796.602506][ T8355] syzkaller #0 Not tainted
[  796.606929][ T8355] ------------------------------------------------------
[  796.614134][ T8355] syz-executor/8355 is trying to acquire lock:
[  796.620293][ T8355] ffff888074123120 (sk_lock-AF_BLUETOOTH-BTPROTO_SCO){+.+.}-{0:0}, at: sco_conn_del+0x142/0x360
[  796.631233][ T8355] 
[  796.631233][ T8355] but task is already holding lock:
[  796.638806][ T8355] ffffffff8d5838e8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa4/0x220
[  796.648431][ T8355] 
[  796.648431][ T8355] which lock already depends on the new lock.
[  796.648431][ T8355] 
[  796.659057][ T8355] 
[  796.659057][ T8355] the existing dependency chain (in reverse order) is:
[  796.668179][ T8355] 
[  796.668179][ T8355] -> #2 (hci_cb_list_lock){+.+.}-{3:3}:
[  796.676020][ T8355]        __mutex_lock_common+0x1e3/0x2400
[  796.681939][ T8355]        mutex_lock_nested+0x17/0x20
[  796.687460][ T8355]        hci_remote_features_evt+0x5f5/0xa40
[  796.693839][ T8355]        hci_event_packet+0x63a/0x1370
[  796.699499][ T8355]        hci_rx_work+0x255/0xa10
[  796.704455][ T8355]        process_one_work+0x85f/0x1010
[  796.709928][ T8355]        worker_thread+0xaa6/0x1290
[  796.715146][ T8355]        kthread+0x436/0x520
[  796.720033][ T8355]        ret_from_fork+0x1f/0x30
[  796.724990][ T8355] 
[  796.724990][ T8355] -> #1 (&hdev->lock){+.+.}-{3:3}:
[  796.732406][ T8355]        __mutex_lock_common+0x1e3/0x2400
[  796.738233][ T8355]        mutex_lock_nested+0x17/0x20
[  796.743538][ T8355]        sco_sock_connect+0x18f/0x910
[  796.748933][ T8355]        __sys_connect+0x3cb/0x450
[  796.754152][ T8355]        __x64_sys_connect+0x76/0x80
[  796.759539][ T8355]        do_syscall_64+0x4c/0xa0
[  796.764588][ T8355]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  796.771204][ T8355] 
[  796.771204][ T8355] -> #0 (sk_lock-AF_BLUETOOTH-BTPROTO_SCO){+.+.}-{0:0}:
[  796.780436][ T8355]        __lock_acquire+0x2c42/0x7d10
[  796.785833][ T8355]        lock_acquire+0x19e/0x400
[  796.790873][ T8355]        lock_sock_nested+0x44/0x100
[  796.796522][ T8355]        sco_conn_del+0x142/0x360
[  796.801669][ T8355]        hci_conn_hash_flush+0x107/0x220
[  796.807294][ T8355]        hci_dev_do_close+0x991/0x1030
[  796.812753][ T8355]        hci_unregister_dev+0x2d7/0x580
[  796.818308][ T8355]        vhci_release+0x73/0xc0
[  796.823248][ T8355]        __fput+0x234/0x930
[  796.827858][ T8355]        task_work_run+0x125/0x1a0
[  796.832976][ T8355]        do_exit+0x626/0x20c0
[  796.837962][ T8355]        do_group_exit+0x12e/0x300
[  796.843161][ T8355]        __x64_sys_exit_group+0x3b/0x40
[  796.848726][ T8355]        do_syscall_64+0x4c/0xa0
[  796.853676][ T8355]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  796.860273][ T8355] 
[  796.860273][ T8355] other info that might help us debug this:
[  796.860273][ T8355] 
[  796.871125][ T8355] Chain exists of:
[  796.871125][ T8355]   sk_lock-AF_BLUETOOTH-BTPROTO_SCO --> &hdev->lock --> hci_cb_list_lock
[  796.871125][ T8355] 
[  796.885375][ T8355]  Possible unsafe locking scenario:
[  796.885375][ T8355] 
[  796.892823][ T8355]        CPU0                    CPU1
[  796.898182][ T8355]        ----                    ----
[  796.903547][ T8355]   lock(hci_cb_list_lock);
[  796.908045][ T8355]                                lock(&hdev->lock);
[  796.914650][ T8355]                                lock(hci_cb_list_lock);
[  796.921758][ T8355]   lock(sk_lock-AF_BLUETOOTH-BTPROTO_SCO);
[  796.928184][ T8355] 
[  796.928184][ T8355]  *** DEADLOCK ***
[  796.928184][ T8355] 
[  796.936601][ T8355] 3 locks held by syz-executor/8355:
[  796.942409][ T8355]  #0: ffff888078620ff0 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x5f/0x1030
[  796.952253][ T8355]  #1: ffff888078620078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_do_close+0x3f4/0x1030
[  796.961846][ T8355]  #2: ffffffff8d5838e8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa4/0x220
[  796.972347][ T8355] 
[  796.972347][ T8355] stack backtrace:
[  796.978466][ T8355] CPU: 0 PID: 8355 Comm: syz-executor Not tainted syzkaller #0
[  796.986193][ T8355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  796.996961][ T8355] Call Trace:
[  797.000746][ T8355]  <TASK>
[  797.003693][ T8355]  dump_stack_lvl+0x188/0x250
[  797.008610][ T8355]  ? load_image+0x400/0x400
[  797.014028][ T8355]  ? show_regs_print_info+0x20/0x20
[  797.020160][ T8355]  ? print_circular_bug+0x12b/0x1a0
[  797.025475][ T8355]  check_noncircular+0x296/0x330
[  797.030628][ T8355]  ? add_chain_block+0x940/0x940
[  797.036509][ T8355]  ? lockdep_lock+0xf1/0x1f0
[  797.041230][ T8355]  ? mark_lock+0x94/0x320
[  797.045648][ T8355]  __lock_acquire+0x2c42/0x7d10
[  797.050800][ T8355]  ? verify_lock_unused+0x140/0x140
[  797.056005][ T8355]  ? verify_lock_unused+0x140/0x140
[  797.061231][ T8355]  ? __mutex_trylock_common+0x155/0x260
[  797.066859][ T8355]  ? __mutex_trylock_common+0x155/0x260
[  797.072530][ T8355]  lock_acquire+0x19e/0x400
[  797.077356][ T8355]  ? sco_conn_del+0x142/0x360
[  797.082069][ T8355]  ? sco_conn_del+0x12f/0x360
[  797.086926][ T8355]  ? read_lock_is_recursive+0x10/0x10
[  797.092845][ T8355]  ? __lock_acquire+0x7d10/0x7d10
[  797.098103][ T8355]  ? do_raw_spin_lock+0x128/0x2f0
[  797.103312][ T8355]  lock_sock_nested+0x44/0x100
[  797.108177][ T8355]  ? sco_conn_del+0x142/0x360
[  797.113260][ T8355]  sco_conn_del+0x142/0x360
[  797.117956][ T8355]  ? sco_connect_cfm+0xa60/0xa60
[  797.123094][ T8355]  hci_conn_hash_flush+0x107/0x220
[  797.128515][ T8355]  hci_dev_do_close+0x991/0x1030
[  797.133651][ T8355]  ? blocking_notifier_chain_unregister+0x115/0x210
[  797.140339][ T8355]  hci_unregister_dev+0x2d7/0x580
[  797.145475][ T8355]  vhci_release+0x73/0xc0
[  797.149812][ T8355]  ? vhci_open+0x290/0x290
[  797.154624][ T8355]  __fput+0x234/0x930
[  797.158703][ T8355]  task_work_run+0x125/0x1a0
[  797.163324][ T8355]  do_exit+0x626/0x20c0
[  797.167512][ T8355]  ? put_task_struct+0x80/0x80
[  797.172361][ T8355]  ? lock_chain_count+0x20/0x20
[  797.177494][ T8355]  do_group_exit+0x12e/0x300
[  797.182290][ T8355]  __x64_sys_exit_group+0x3b/0x40
[  797.187625][ T8355]  do_syscall_64+0x4c/0xa0
[  797.192074][ T8355]  ? clear_bhb_loop+0x30/0x80
[  797.196847][ T8355]  ? clear_bhb_loop+0x30/0x80
[  797.201889][ T8355]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  797.208284][ T8355] RIP: 0033:0x7fca2f68cdd9
[  797.212923][ T8355] Code: Unable to access opcode bytes at RIP 0x7fca2f68cdaf.
[  797.220744][ T8355] RSP: 002b:00007ffea59cdfb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  797.229374][ T8355] RAX: ffffffffffffffda RBX: 00007fca2f722145 RCX: 00007fca2f68cdd9
[  797.237644][ T8355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  797.245790][ T8355] RBP: 0000000000000002 R08: 0000000000000000 R09: 00007fca2f722120
[  797.254219][ T8355] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea59cf270
[  797.262368][ T8355] R13: 00007fca2f722120 R14: 00000000000c216d R15: 00007ffea59d0340
[  797.270615][ T8355]  </TASK>
[  797.374195][ T5826] usb 1-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  797.385133][ T5826] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.394291][ T5826] usb 1-1: Product: syz
[  797.398961][ T5826] usb 1-1: Manufacturer: syz
[  797.405987][ T5826] usb 1-1: SerialNumber: syz
[  797.417871][ T5826] usb 1-1: config 0 descriptor??
[  797.467304][ T5826] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  797.493922][T11184] gspca_sq905: sq905_command: usb_control_msg failed 2 (-71)
[  797.501629][T11184] sq905: probe of 3-1:0.0 failed with error -71
[  797.511707][T11184] usb 3-1: USB disconnect, device number 19
[  800.127311][T10497] usb 1-1: USB disconnect, device number 26