last executing test programs:

6m18.604556796s ago: executing program 32 (id=43):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0xfffff, [{0xfffffffd, 0x1}]}]}}, 0x0, 0x2e, 0x0, 0x1}, 0x28)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="2d01000074020440fd07010099480102030109021b0001000000000904"], 0x0)

6m18.477546736s ago: executing program 1 (id=47):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000064bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071101b00000000001d400200000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

6m18.470755235s ago: executing program 1 (id=48):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000003000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6m18.334654173s ago: executing program 1 (id=50):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xa8}}, 0x0)

6m18.238480734s ago: executing program 1 (id=52):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0), 0x1, 0x553, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
truncate(&(0x7f0000000040)='./file2\x00', 0x8000c00)

6m17.913861618s ago: executing program 1 (id=55):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0xa9}}, 0x18)
write$FUSE_INIT(r2, &(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x21, 0x1000, 0x14210000, 0x81, 0x1005, 0x0, 0xc, 0x0, 0x0, 0x80}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x1814800, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

6m17.196108516s ago: executing program 1 (id=56):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x48100, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0xf3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000680)=0x7e)

6m16.864050929s ago: executing program 33 (id=56):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x48100, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0xf3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000680)=0x7e)

6m14.588159799s ago: executing program 2 (id=64):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000063c0)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0xb0, 0x0, 0xfffffffffffffff9, [{{0x6, 0x0, 0x5, 0xb, 0x90, 0x14a, {0x5, 0xfffffffffffffffd, 0xc, 0x4, 0x3, 0x4, 0x7, 0x3, 0x0, 0xa000, 0x100, r2, r3, 0x400, 0x7}}, {0x0, 0x8, 0x1, 0x1, '\x00'}}]}, 0x0, 0x0, 0x0})
getdents64(r4, &(0x7f0000000100)=""/134, 0x86)
syz_fuse_handle_req(r0, &(0x7f00000083c0)="428a6ce66c433e7d6473d37a71716ae84216bc67277f3e9626c032a88a7acfd09ce24f4255f37078d380c6723d7aacdc3e0220c069b0e3a64d5f03936770166422985d1b36eaea3166a4f1403dceba822af78c5c09a45e2174bb51f6e9f11deea936b040d91598d4aa373bf4c5765a17e6c33ddad61487bdd32e3e58af5741f560b4b08b02d3254eef9fe9b2f0bdbddffe42ca87595f21dd7ff6c3d5754346b6414d2d7dbb41f5de3181ef343faa894a332cfc895ad40b048dc597478a761ef691d4bad54af2c711334532ad94c6017b49990e1f01bedefed1eea35deff92249b09a7a5d762d4fef1fd20bd95c3fa810d6d99cc5b8c2dd70a8a62ddd217e069cb29c9e7ef5bec625b3a303188d8cad4f423eb71a4aee6bf69c9cf73f0884a277a9d2d39449053d13952eea2b4de2e61715f0b878bb42d48642399e4e5ff2ea4daf9bf21c73ce7d767db0171cb6d436bd0c3ea93920700e0cf64731f7cafb172b0866fbbfaacc940639d6741bb7e4c7ce69dd1a815387838b081b1d9a04bf6192bc0e8d4e16a8da6ff83df1bead9f6218e4684b78026a0b49a2a89d3f05549b12e8b07734ab867c41a9401abc9c3fc6cab66e57eaa9513fd491384a2c65715abadf29aa1036a4b78e47ecb95d76884b23fe89a251626e1c5d827dc1d96f83d6e524a93561fc1d43ceb28b9dc5b476cd0c6ee51f4f37b7792f9b5d862d69184830ab80a5fb6a53729cbef25d612640b688b72c9d77c83538ae181d2065250858adc72786027103a8e1a2d098a33f1a130db154925a8aef6c4752d6262932dc3cd957a9a91ba1021c726b8b16b0027ebf48e9f2f19bc82ac3f6743d584a5f3d3679487925157d5fee7280cac2a26934e35942c4ce233fe962bbc76b7efe9587b564b0b91f6f75c4ff570ccf8e5b15b09ca095ddcff7fef94e28cefbd1592fc30484b142838263ed9b72ee93e9db0dc0d7c60a750d80d90aa7f0fdfa3603aeb92e6f0166ae30ff4225e90ccd2d0fa3bf89407e1c038124bd628bbd864469b5b97eacd7af14a42487bd0bfd6b2fb1962d63d427ef318fc01dfac3c476611209fb2c0e599c62da902c96abb18b91c6d7f2637c5da80900d07557ff62563ae8d84537485d7102e86990476cf34acbb42b2683a247d64788c0500179d0452e879c6263c4a82bb10987dade8c195eaf8368daed13b2f46e62de7e72c5189868372f081b72e48871e6598e5076997755e6d70c8c78b8ff937003e9558b0e7809ca260bac8d2c165818287cfdf7eab197cbe17b9ecb556931dbb2494b4290ab1eed4d00fd4c3c88f942c57b70ccd9e618872d658111c25a7ca4f271fa92ba1f8bb3d625ebdf2c0635b74c6d10e1c67116eee87687974d1be802b883ce2e05296831cf0552454f0b6a1a29ff2d5ac9af44f10817d063142327170f30d15fb49baa3506313f4c859e23dd153d5fa303df32fd52d0c6e27db0860c2cd00128e3fcb7f63832ac42a507b83fa587049fec1cb4b171236835d1ffc2645686edc9e9b5233a38020ba84c7d3744a5041eb4056d0be3fe6a6ed2a9c87ae8c1010a7ae9a08b189cb10b989358f0d9b5501b31b876fa8e78e591d29e82ff391c913c6894b9dc7aee2fba54a03f020473abcaf75ca71b48e43a195de1be70e30895c34fce11dbcaa81d55f674fe84d2ddcfbcb6cda65c206c0d48e73e2d23c16d8871e409313177c564dfc98ae86ff903e1e37a5c7cc1f5e8ba7f2ea4fb2974a1af29d84d4470ab769eda38506d8a5dc6b7dadafd94847ee26ca5e8221e0269147828fb569a0873b50d9b82a698a58b04aaa3c0f39e76b8f5def74ac1921ffce7bd2d5c9e3ae3e1b78040c7492be0854e52ba0df6100c5bb6c1732a5fa989ddfd0713c12531856969f0cf40e4e6a3e7ec1491eb351967b9679cd733977d0cf8629fc7e32a668015de2a79c76e0ba30b1557acbc067a66630aff2d68409d59c04e0d507e88f35fd2d3afb3606e08a172d2012ae8c7c25475249a3d8a2fb7aa48fec18893c8f8bde721ddae7d9444a5963007ebe36063515094d54f36de8b29877f2d6faf147d50beff0b5b5f17088452dd97c91d5872e3596cf2f26546e8009448ab45fd1351f09ea7138ae510512715692fa181483da711fa6a861c81d27ee0b8e2701c61c8e4844401e26e2136d9371e5edd223c98fcfe3d5ddf7e514ddde1be2450f64a6c6af79ff4ceb529cc573f178de2322d98091d81c0375e42dc600907c236cac3b3dd2a61dc706a228e803a54e4640cfdb318be734686e04e6deba7e85cd2bb5a2135c143cbc25d64d2e5a50df677f518cfdb178090b8be719e96b742d370f9ddfe4852ac3c9a3ca4d0f63ce5ffed0605c1efb72de7e5d79aa70aac1b1e7e622c6cc7732a2a08496d2d22191aa78a037c89f9c7620a7d3a9530f5b02fc460dbbc16b46d814d4c49c55771ba591daf6fe9300e8c2694c438da06383ea67ed6cb22cc1ead51c89a0eae2b221af22969b5e01be6b4ee752465b0b96e7c0bde2e2654260c63c7c711e23ceedfc7c8f60f94ddce5056684e3213e6e79ab800a9464d1c407ae07999d9a1733a075d10621f796aec1b93cfec393e609f6a317768fa6d90f450e3f77f54bbdc254806f22ae03933d72b0526b77679ddd89b1bbcfa7c0a97025dbc7f66e4fc99444ce2f1a9eff1b741de631ee206a53e1b53256c5722587b6722962576a0c519285f09e1a17df9d7da065b14d26d1fa50ec0c67dcae691eef2d581a262004c900243e1dfb39b8a5a8e0c8f565491895e4c589be089b32d0e92e0a6846885e39da03023197061b99c0b2304eb0a41ab1c99079fa99dbe1ad9b3930cbddaf433407b790a40d1669d8e764243488f53c9c5597320dc7abd32ae9e0207919cf2b9a955509f84f6c18e8aa676a13917fef06d65755ef538a624112d8c4f62c4ad4a1c6a39774fcac69fc0ff99e6d36bff208974ce4f08556032cb5b8ac3a75ad24a8f87b5d36119ea43aa37054b4e7d9bd68d5b0500e863464101185c7006082698afb70fba7a9a1db9a294019b195ee5364a77250a0742a0395d22397d57ec972f71955a6ab34f894ff08484a3565cd5e3a1793267cb186b40adb4056837843c90ad254814aae1d6e44406b148c829434fba7caa2c3db16ef5ac904f505a18b1f55c43f16591577ecbfdeaa960363c26f782335772f78a693fb8e45ed0418646e57b12d5ec9f96a4c4dbc96bc0f3a2b18eda4a279428bf34920a55e96c6d50d8c0f7e7728ec8667e39bba86664120fd688ea9f067f64e4d27ea53e14f8ee8560c347df20cf7ca4a7905420bab3e327fc875154a9e0f52596e86bdeadebaf6e79ad4bab8ec079720a414eb20f7938ccbf8204fe04c1b18f3f3e69b79bcd135f60d7c46c22cef7f8f72410516fc4be391c0c7f4a6f1063c0e739f91c757a34f3ff587051d4356c26bb0b2579b6096a912bf8cfdbc7d1d2adbc194441677c22ab17b108ea7f2491ab519f18d8ba2b20aefe1a694941050f27ec6ee6a2c230afac26dc93065f9cd52ca326378bf36e3260bdf011af695ebdb3b0fa321f80ced7d7024020e23d381474844019bf3f72a2afa6ebf43cd853b7852792b7b14a0e23f4ef42911e2c0748c44a8f2117e440c0ffda360d4f8252187b938dcc9b4eeacd97f374281ac31fefc69e6e8ac84300022f307c5c4e7fc96d3bbf8044e72c778ed85a3d02ca5fe9b15cc3245fae21f57a02383f06bfcc6a3b37a4b9df50baa1162b8669d7549e88b8731ec9e5e058d4e41150ce3d3acb17069d1c08519ca1d1896b843877b9c2beda2a5fa839930349e6331488cd3fa1dc8acd598767b03c5e633cdbbb7f84ae29ebbdf16751498cb6fabe81a50d0eea6887d8ed52b77448c1344647aed17903bb9f2ce08e03e73ddc8f94e27053b81066de7666004870094a5bc9902f866b191cad4603a17eb7c3d62bacbaa4ba524908517fb431f51f2777f7de4053113c5083358e696b9969f912376643aabe3b4a6ab9b6baf71f71673f5872f4367afeb514aa9647907776fc8527f48f75a87f8dbaaa59055753e89985864915ab8f323b1e6012009b49afa8201a3f6634882a5f88a9e6eece7a491a8f4652c32f27784d94d1ba715f6146b5ccb0ecb37109ddd4026d8af2c308f9d8475945d497ad5e0a47bcad2e70290c5085f886f3d58d2099b8e47012cb86e67eb3b760e15f345c001b4f950ea739762a752a22bfe0b9844660b92afb5a1fec179f155a95461230dce2607ffcfda4263907fa5053c6f84089677b8766daab786271d08eed53c228ee7d8c9a818c7aff7973dc86c1600a4e3decca6a6047e2e633e682425ec28e3a77dbb3a21fcd0aaf4b4826f5f9a99d52415faa21fc500d5c99a9bf5e43d7b11dd820975cddf18212df99a0166306e5e45d72c75a917ab0f844d35c2934af58e5b8a12e2e9a1f16925a3b342c3509e86885f3a487a5b74c94bdcb150a81f853b431a74cf47510e55f89da8e2089d07faacb650f64473dfbaf308264a361db8cccfdc4c80bf97c8c4bf9db7789c231e62c2878837c2e72585584de5d52c3f59fed0a4a14a8957279a8dcf8b6efa0e81f00c73b52f34eedf8f31840a0b18c9634570cfed3d7f4e13b78c0fcb16628d380de48e2807d884e9a46f7c2737e89cb7fbbff6491db2f9f6dafc248a5e417ba926304784be621e83db65dddb0b84141e5b97728a9bcd1b1916f9c2da403e86bd178a2ffb3a1f5d64253707f8f6da3ca22a00de18c8bb000384a38293da2ce968fc184b696fd5d26618b5d3b633145e971ff010ab9cbfb0f3173cf6f8016cdef01a2ed0921e3608f3e3e0a511a7480464638ecba810df33e2146a7f53258b440339d1eeb5e06eb94814d9fe24d835704cf34be75fc56f4bfb3f8355776f319095b1987a81dce624c6425d080258d355263224b888a8317782101769e1ec4874c20ff75b430037710bc9437234a791fc7606d9498f6c353af33adc0c92c53229574095a7988c59bfcda13bf1a4185fdd6318b250590aeedb15aeaccf049665316eb1873e4d5a4a7b686ec6279a987444c17927e530e598d5b5f672b88ff6f98fbc52b193053a516f19da80fb2873a49fb9cad5b037eaf9e9afd7c5a6bd0e3349c0aac078968f2655b789abc08b82af590bf7e3f1051188ad725dbff39c124915037afeccc741912def5645951b2ded95b29797da1ac40b16a3f89863047131e1d99879896db7d5e019bbbef6753752f665e0cbdb6473bf86da661e63ff8b0893de82ca786d08dd0a4b7f8cb9181aba271ef13bbb6d6b7ed79debf6105ac5a971dbae815ef10303b630cdfcd8ba9a0bcda0052a6c2a8a6135c6f466fc543d44a9e722bd2a3fc3d004e5f6430246c8e2fae6272cd238581412748d4ef37a404b7e4035a03a981be204606dec92a430c5cf303f663878c6b16215e63e41869496f634cdeced1475c47864e78a7cc398c06cd53d229ec08488651695ea5c018b00dcad9e48fdb8006fd38e1f53fcdea59aeb3570a1098659892d20b3be362edd0e587f4c3f78af67301c78e83b8aff103667709afd8968846caa34d9291fd549b4aaad4cc783042a117f3bdb009169eebde40bea76925218c7e964cd3e42c09220cbf27e2c253b3a4615af8039c4a713e9afb3dea376152cc9d011886674ca84f9aa413dc1ddc9936472bb7e9107c792da1dd56a7a396fd036f5caab4d4ffe35ee1f0771f3d04c9933a94aa0f28bc489bd81ad331a1cffaf1fcb44694bca71886978ac7ea1aeaf1e8cda64d195414c4da561a074ee28e2c983742477d7de8eeca587cf279aa948a037bd3b596862f928910d0d0e077c4949a0c7b340e41d41f5b217bd6ae4cb2b2a34561652978e64616863f56ffe91f896eb85823ade588333e6f9acccaeee63d0d4f19bf6eb58ce9311cfc1a731705e484ce612eba0bb81f89fe2ca223df2c3b9f37684c5d4419379e96e65830cff6e0e03c146f171cd9f9d287e8edc631d21887e7f63109dc9c57feb3cb3e67f3146c3d7c8735f73d5d6f038ed2ab29b6ab7a64aa936671d71a2a82abc41d907ec91d4aa187b53e1a5790974b3a65ef3e7f145b040a17991b287513c43ffc35d58440c200e1f5914f216dd2d8c1477bb7715dcb96b4ac12263e52bbf7869e82a0f1a2de61ac65af1e016f5cf811031c3ef2be67fc442114082688aba559ce993c523a9d60eb19245bca03dc2783fba384740295e86cdf6433ae624f0a84eea3d1d133f3cb8d3655601debfdfb89995aa86bdeaab4bf37ecd728958f32739030527b51532fad7ca3861ed5599568dbe9445f622b0a1cd9d5864544265752fecc10e874c2f1a0c6f11d5dc945696fcae70b50fdde191d0aafe50632a786dff3fd5f976aaa5af332156bc96c3c86a88f35f2ea876d050a0aeea72e61d57a988183bf3ff14508f825f86f2cb6742c809096c1c16a343e5e38be54b8426ed809e1ce15600b92f251ddfbc6244b82d3ec22bf888929a11cf9e591dbc06007cd15ab7edc093dfbcdae3a145ece8ded5f0b63bb5f3928ea0a1996762b982e10394fb8a6b33bf62dc4a6f8f614ec856a9b1d790b9d06e675320afa41e1a465dcf6fbb49d737f66ff492f019b0c4b34f9dad26e088ec3b9019a19a78a6a25f7421702d87ce9d50415ecfb3cb4d5c6f3ed0c24ed3bc5dc7fcc26e54403d319a7e629664953aed9f96fa63f2b1aa9a6a066a12d004b7ec28bb92457ca3fd863745085bf6eb40794beb5363ccaf0371844a24252aae1e49ca4bac41961e7a155fb8938a01ba73ad66f55ce33c415a6c6b860021dbc61b0fbde29ad55556a11a7ca4c5a85b0608ca2a2a649ae7654974e8aca57c5d013a02de7f389245aba981d23fe4e115415d3f5c7a52951f122ef4ac3efd9783f6229576ee88e3320112e885038b17d9ce1847c84c972bf57b0cdbc30794b9f3ef626c897fb38db40141f8a0049a998524f90dec8e657289c49634e773e9d3e776b0fd14afcb3f54127d95f062c8078540efa31a11aaeffc8c68cd981ef531a1f166ea73c00590e1044db5e719947dabe2a8dff7ae0b8400a9fcdd6f5cf69250acec7b06ee2db86a45fc90bf5abeb90d1d11cb2b657475bac2a5cc4606fda1f19171fe63f72746d29a218cca87616d283fc5d35f0d36840bde80577ae91f1148960079d027a72a8084b5aebed10b201eacc4924bed0ca734772c8dbec33bc256cbbb08a80bbc4545d5b5ac9f610aa4ac32faa0bd741e6bc39c5840559a9a6de4646ff5b62ccaf3340985151203e885bfcffa11b9c77e0b42b903de4fd7db842135ea3efb1c227aa7eac69102b09832c6d5456315b894c15d706386a0cd336cb57dbd8b97fe4e03cba770ac356445449bc53754dcc18abee099ff5674c6637e433b448221bac334475f45ebaeabb3e0cc1d35164d501a75205253060c80db6c0e65b307375adeab281eb4433b3eccb1dc27d4e2db0b712dc21b0aafd05d07d59995f94d6b45070eee5174f54067871b29b02ec23fc2c6eb122fe690cbab49b040d48d9dc0217b9ac439001ad5ed7f73b673739010ca8b99ec3b2f1fb528e3db34c698fd5dee32794b31fd63c2b72f32bda74506e40b6f88e4495739f6c3863542ca7cb4ec69b5b48a3da1b808e9249c285811d6eb031ff7449e75f0ab1235c44bdadfb7f4549cc361f3d370831580269a2a0004596fb719dfe15faf4db82cf533f0e813e25e5ada6d06f235c695be58ae02bd0a05ea836d15faac2ceb330bd93abe5abe4355a4bcc00382845a0fee4d4c5b831cceb8d6c8bf543b18f34355a7d03e89be95f0ddce76625af30aa71a5090f7639f85accd686fce53abc71512a4289d14e992a64ad5303fb0fb1298648d268939136f1625039b472f0d144599290c909aa2924563a7ff5fd5cdaa5018e592e9b4853bcba57c34c1167f77dc7fc010a2fe8a8e3e82e5dfd8cbde7a73d1f0f84691b452c263ed4bf0fe336ab05910d42f95b8fe1b52421315d611b16820ae75089ddbc222edc1830a952c91180a6d3228d1e1fe823d908bfa4d24c1a6424461007d1b94f0fbc13a9e718243ced7e6f24522a80005a4fcff858dff00585cd9283ea1a597f0ca1e76c54747d050f392cd0e086326d0ddc766ab1fbe30c3b8cba924c01475b160e775c3d1d26c35840f83269a7e28f1338ea375e53dc98b862c8d15a19f772ac23b3ee9f90bb04e03dfde4e82fa3dd3a0890fe06a99101c59ae696ff1e1bb1d652b6f3f9635c18616a7c86b1b6ace325a6c62d132cda8d826654641b6e802acba840a4265e24e85cc274b55e0fbd01a76dd9af91441ae349e5bf7f585c9860f5c4500da889c3b72497b86f193fcf969d1424eb0f64e9ae1db82c102e1d57bb4f6646209a691cd0b286182f2a66dfd3dbda20a83156b0a108bb0e0a5c8e2bc7a2c19cbab09f25db581771af9fdcb09d77a46f337f2443962f1858e374c16b37f8e993646cf84b2869d9f93a4e38e0f4db5444c287d4030f4ed1bfaded4f37646d81255ec9bbad06687f49678dcb4690284c2db493464e7fc5c2e39832ae3ede01b136ff32532f5e670ba2d753983fdd2052f42311fbf917e96a1e29b4898d62130c683bc0d45cc2be5945cc41e35475fda252ee1c3f035afc352f34b77ea13a4fb09c09dea26110e700693cff04ce8e06b30f66535608968e65d2ebef57698ad72e69beea4db56b0e8c6f91cdf187fd0d49c84c1d5ab34900f6004b00503131e7d6c996dce0a84341ae8236bb5741adf6cf5b447d750f1e5f0cb5b3787e22992a9f26310f28d4789d09c53df3057113f6ffbf2978984762fa679cdacbe509d6dc4b637f17b6cf49283d5a523e04a2205b1a1af1c6880fce33502a83170a5b0ed1f384ed1451e683b622f44ccc0d385b3d7540ca3116d6112aaf905039471b564d3cf615ccb8823cfd34e635c3b2af982ed0a98fdf2358b42cfa8e8cf2ac184b7e08bf48988f000850163bffafe7f69b3f8a761936a3e1974e79ec92ce893f6a8474fe900b42025c9bf56799dc9a0db57239e8fa5dbb3b1972b0d2c456f7777ab2baa1aef60f5be9d48b4aba1aa934a493682c70687b4e7b05f5226eafe9a25d4fc33cc2af7a7315b37c7db101ad3456d8ad04ddc3b76d2baa96129da53c810d55377382a2a25d6ce0d4c113c3367fc906034eb775290c1d5e5c881d9a8c6567d8470d68b33b506bfab2d6b61a9a7ca6eb003772e30165ed01544d896f96c0f286a23ab55ae258c1554b8054e9f6de37e9f29bb644c4f2ee3ec42d51daf7d4da1cda30f16a56f12e299b5e302deae593fbbd6f75390f4eb25555185bf62eeaa882c23416872a4cc18d2534ddc4d2a1f3a0c3ca461d9b9e4fda10c3294ee74c631c65e840d5e4a94a1798e07a5e151968b7b22892d65ac2c81e7e8d9a471a790f66a9391b4e8c19a2251488255c96d498cda6ddb3aaef264454f2b4ff43a70c48b1fba3ed45c43d0dd44bc26452045e9fffa2b25901b3d5704ae3b0352fa3e8830774b6e38025c7552c13d312a273cb88c1649dc6d8ab38ebd1b2bfb16b2cc056f870c138052b951baacdee560e218972b1a0932bc266855062fafed6064bcc637db59713538c45a69c838b09e1b143b7c1e2e6b72a6a00b7cd0afff8d20b9008d61023aadf193d8ff8040220564c0bcbd9dc03a98ab1b8eb96c576291636c0c1de5e3d872c095876efafa7575f994f45c29cb3fa9e96f98012b7a84ce820e172e625b1de98031e5471cf5c9036864289d95d2f1956abf5d4f9a7e81ac2796c67a4aec8f54a5896bffd05b4514df6b2a7df1038183ea740459db4a07ad275e153a08cef7542abf7775a8ff164e73a424bd22815da91265c8c86c1dd90ed926fe313fe32be9c040f7065b27c8cd03d585bbdef6f149ebb3e3906fed7290a19ee7d42621393d634940c771c6dd95a9fd153bf25e029b453a69b10cd3c9d3fb17fd936ee6243a5357b38ccdfacff843aa2a51081925acac1b7ef3dae20304562be99ee3464885988d6e08b8f1ec22e51d5960b25c799d4ec379bec80219cacbcb4e312e744b6e5da1cb39e6d7b90c492ddacc215d1218891f65acb3d3917ed208bd6e8fd520eddf7584ecc920c9243c657cb6482dbf6a38af25d199f2137880b605f640a4f996f48da1f7058d81604a70c672414230105990aeb151560ab80379e346a1326c0438b68ce6bd291654d736881176ad30d11e1fad2871eb83f4b339e5fb0bb68eabe3b707324673b3ba607fa27953c9109185ecc2eeff24cc3a7494cbf04f70bbda0b85e644d8e2434bfdeb2bb242016bd82fc78e8ff2b1bb18167e7834f621225eef2607be6d2318ea29e507f7be94764f67aa5c61c7d15dba36cbea919c665137f9216e30310c1c3a410eb7ffd8bfb3d339273a8934b4089efeea8ce06cd5dcdc46907e169dad730be362e6583a512071d6a2b7ead9c4482dc91f55a62592925adcd3892dd57461ac830d74cb8ceb47c78ddaf2558cb8bde9dd3ce2edb882cbb0fe019ea611bbf778493d63a3b68b3d94a283470e4e682ee4cc569ebc6629b4f0a5e10fa9bbd6dc044cf7d61d11d0ec5563c0b7b86141e7a852fe64fa7c8496b112f366ca2e4afefc68ebd78bddfd5bf95b40f691b0d81fdb5126e9ed55e32db62af1dca33a3449aba59f12bd03c0f4a64e1fefb18ed08f6a9a1325248139659687a73d378f09002ebc4b2baab643ca44b4a7ee63dc4631f211181647daea7e36806eb0a79980ae519fbc77c9988db03cebecc1ce2db3acbdc928e2de2111fd171c89feac400249b28c14267f3e6f711206b0517aea57817e13d0f6553e6e9b73d99a3f85e5a9cc8bd7e3605dbf5b4f4e665bc7541fe888c7d86cac5811d560e044ebe3bb4768eb9307369da53a32201a7467c066b83b86c333876e821801f98b466dcd2dd6077468029722b01988324e101b8dc37d5d45be0cfa5655e232bebbdae8bd70e92a66140ddfa4bd182beecf5038d4f0bc31b37fa26ed21820c78450770d380c2f42386a5c27a93b2f85f37756d9b32df934ec4d1598e5b3ff6fc53d5cdaf6acdaa53566a122349bd1c21a73b634dfaf23130db368a236376144efbdfbcbea34e78000a261b3817a10eb7c0413534dafdc55cb12f65bbcb73a4467bbc2c2319ab070ffaaa8e4eb24ef9cfa2cdeab19e16e0b1a502104492ca060ce50381e7ebeae0341ab532bc8a4e9a4bdf31e25fbf7674353f347c274fcc40083486fd48c08602c12c9c6806c7517c5b8aa178f65286f5007ea8d94170a7b070e66bae28e5e143b477a2629efa8e33883c03e0e58a6f21e253d87683d4852abd31f1199496337eef9c8bb81c5e3313a0a4c96cd4e4a3997144340f0bd5d3fe3ecdcd0feeee6bcb3ba0cbd160298936e6c26e3be0b86644e2704b0ead40f64e486a95856736f04d5493944eba60794ebc538fe149367eec24d8855061ca11078832d771d0efdfa221f66af302e1424bd3e4afef26dab0cf76b51d95b90d75d4ea196f5eff677e4260170b21918b0882eeab5dba283b07b4feb99bdce197c6e453371c41be2a8fa6e29d6ab5cbeff600", 0x2000, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

6m14.358492312s ago: executing program 2 (id=65):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000002d40)={0x0, {{0x2, 0x4e23, @multicast2}}, 0x8451e1f70c6b95ce}, 0x90)

6m14.117755012s ago: executing program 2 (id=66):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
connect$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x6f8d, 0x1}, 0xe)

6m14.038276751s ago: executing program 2 (id=67):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bpf(0x0, &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x80000, 0x0)

6m13.978139813s ago: executing program 2 (id=68):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010bd28710000000000000109022400010000000009040100010300000009210200000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000440)={0x2c, &(0x7f00000002c0)=ANY=[@ANYBLOB="000a05"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

6m13.707600124s ago: executing program 2 (id=69):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f0000000140)={0xffffffff, "13f20afd86c17f9dfa507069d57c6684154bc7ec29052b9ec48e705a4f251dd9", 0x0, 0x204, 0x0, 0x3, 0x0, 0x0, 0x9})

6m13.553559616s ago: executing program 34 (id=69):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f0000000140)={0xffffffff, "13f20afd86c17f9dfa507069d57c6684154bc7ec29052b9ec48e705a4f251dd9", 0x0, 0x204, 0x0, 0x3, 0x0, 0x0, 0x9})

5m36.154823237s ago: executing program 4 (id=362):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000e2aa7939dbd7080000000000630a00ff000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport}, 0x48)

5m36.039950305s ago: executing program 4 (id=363):
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
munmap(&(0x7f00007dd000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r4, 0x40045010, &(0x7f0000000000))
mmap$dsp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9, 0x11, r4, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000140))
ioctl$SNDCTL_DSP_GETIPTR(r4, 0x800c5011, &(0x7f0000000040))

5m35.091519604s ago: executing program 4 (id=378):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=@ipv6_newrule={0x34, 0x20, 0x2d2c6d60ea1da725, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0xcd, 0xff, 0x0, 0x0, 0x1, 0x10002}, [@FIB_RULE_POLICY=@FRA_PRIORITY={0x8}, @FIB_RULE_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e20, 0x4e23}}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)

5m35.033093984s ago: executing program 4 (id=379):
mkdir(&(0x7f0000005740)='./file0\x00', 0x3b)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])

5m34.902047699s ago: executing program 4 (id=381):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x60, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x4000000}, @NFTA_COUNTER_BYTES={0xc}]}]}], {0x14, 0x10}}, 0xa8}}, 0x0)

5m32.855520018s ago: executing program 4 (id=394):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000000c40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000d80)="93bffce623851797a8dc7901f0048678cd35ef837c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679cca123bb5cea1dcd151d7bb5754603b6b0e364c8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6000000000000000000000489000000000000000000e072049ea280ade357f667efa3f2602752f463d7687717beb1a2de90084f9afabef15b0597996ced9da8afad5169efd16cdaaa362605c9904de5638cbc0372d8db0d7d93f2e30b635d23b0115aefb543795e2ce2ed6c1b337edc6d22718385c29871d838636ffe2c9c05540c4bde51108970bed01f6ed4f1a94d254c5caa1f7767c0a2b4e0f294d7f634b7f48211f1b8b8d626b6a6dc25a44dc6bfffbc7f015a1066e8097b028e902a990beddf8506a3b777f78e3de028f30b97c1c1fe71eb2b5fcd", 0x149}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)="b1", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000800)="f6b328c40d4cc969a0513b8ffd72381d4ef4a89954104d4a81db2fa3c0f906a33482e2821787ac54c0c62da54d1c77255c322358d0e272be2ccacf8f689f0115afd7305a1ce39e8b54734910fd9257fc4d3d2f910d5b9965f73440df67940c76ddc3df03db0d78c28fc030a88d5060290aa8ec", 0x73}, {&(0x7f00000008c0)="20c048210440d8394cdcb9ee88a6b7584a3e07b1b1d67f42b2dda515bffbb8de861e60d4ee6dad628fdf1055f9", 0x2d}, {&(0x7f0000000940)="ee41e16fcc123e48fa04ef6edfc0fe23b7a87e1e837f1d1104d11ab1934265fd5cfbca479a17e7420ec938e84ad449c00288b126e26d6d80fb16", 0x3a}], 0x3}}], 0x3, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x501, 0x10008095, 0x0, 0x0)

5m32.668932354s ago: executing program 35 (id=394):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000000c40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000d80)="93bffce623851797a8dc7901f0048678cd35ef837c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679cca123bb5cea1dcd151d7bb5754603b6b0e364c8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6000000000000000000000489000000000000000000e072049ea280ade357f667efa3f2602752f463d7687717beb1a2de90084f9afabef15b0597996ced9da8afad5169efd16cdaaa362605c9904de5638cbc0372d8db0d7d93f2e30b635d23b0115aefb543795e2ce2ed6c1b337edc6d22718385c29871d838636ffe2c9c05540c4bde51108970bed01f6ed4f1a94d254c5caa1f7767c0a2b4e0f294d7f634b7f48211f1b8b8d626b6a6dc25a44dc6bfffbc7f015a1066e8097b028e902a990beddf8506a3b777f78e3de028f30b97c1c1fe71eb2b5fcd", 0x149}], 0x1}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)="b1", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000800)="f6b328c40d4cc969a0513b8ffd72381d4ef4a89954104d4a81db2fa3c0f906a33482e2821787ac54c0c62da54d1c77255c322358d0e272be2ccacf8f689f0115afd7305a1ce39e8b54734910fd9257fc4d3d2f910d5b9965f73440df67940c76ddc3df03db0d78c28fc030a88d5060290aa8ec", 0x73}, {&(0x7f00000008c0)="20c048210440d8394cdcb9ee88a6b7584a3e07b1b1d67f42b2dda515bffbb8de861e60d4ee6dad628fdf1055f9", 0x2d}, {&(0x7f0000000940)="ee41e16fcc123e48fa04ef6edfc0fe23b7a87e1e837f1d1104d11ab1934265fd5cfbca479a17e7420ec938e84ad449c00288b126e26d6d80fb16", 0x3a}], 0x3}}], 0x3, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x501, 0x10008095, 0x0, 0x0)

4m50.7416044s ago: executing program 3 (id=765):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
syz_clone(0x4600c91, 0x0, 0xfffffffffffffef6, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8a441, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r0 = io_uring_setup(0x2c4c, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x18, 0x0, 0x1)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
openat$autofs(0xffffffffffffff9c, 0x0, 0x541200, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
openat$binfmt_register(0xffffff9c, 0x0, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffccc0000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a3100000000a00003809c0000800400018094000b80100001800c000100636f756e7465720070000180090001006c617374000000006000028008000140000100010c00024000000000000000010c00024000000000000010000800014000000001080001400000012a0c000240fffffffffffffffa08000140000001000c000240000000000000000b0c000240000000000000040110"], 0x130}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

4m49.25971404s ago: executing program 3 (id=772):
r0 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close(r0)

4m49.108761358s ago: executing program 3 (id=773):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000200), 0x480, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r1, 0x0, &(0x7f00000002c0)='L', 0x1, 0xfffffffffffffff9})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000780)={0x28, 0x7, r1, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x5})
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f0000000280)={0x28, 0x3d848ba7c4ef1e7a, r1, r1, 0x2000000000000007, 0xffffffffffff9d3d, 0x203})

4m48.992948803s ago: executing program 3 (id=774):
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000280)='./file0\x00', 0x450, &(0x7f00000000c0)=ANY=[@ANYBLOB='nonumtail,\x00\x00\x00'], 0x1, 0x22d, &(0x7f0000000840)="$eJzs2r+LHGUYB/Bnzmjihcue+IsExBct1GbIbm2RQy4gLiiaFaIgmXizuuy4e+wsBytirtLWP8FaLO0ESWlzjX+Bhd01V6YQR5KN511YiyDeHubzaeZh3vnC8847vLzF7L/+zWfDfp33i2msZFmsXInduJPFeqzEX3bjtVeu//zCe9c/eGuj2918N6WrG9fanZTShRd/+vCL71+6PT3//g8Xfjwbe+sf7R90ftt7bu/i/h/XPh3UaVCn0XiainRzPJ4WN6sybQ3qYZ7SO1VZ1GUajOpycmy8X423t2epGG2trW5PyrpOxWiWhuUsTcdpOpml4pNiMEp5nqe11eDf6H13p2nioDm8cf52rP0arcieStnTV7Jnb2TP72YXD5qmtdQ++a/M1//xG9E0zZPfWv9HzZFN/VxE9fVOb6c3v87HN/oxiCrKuByt+D3ufib3zeurb3Y3L6d71uOr6tb9/K2d3mPH8+1oxfrifHueT8fzZ2P1aL4TrXhmcb6zMH8uXn35SD6PVvzycYyjiq24mz18BZtftlN64+3uA/lL954DAPi/ydOhhee3PP+n8Xn+Ic6HD5yvzsSlM8udOxH17PNhUVXlRKE4wSLLTkUbSy6eOB1tLCyWvTNxEv5e9GV3AgAAAAAAAAAAwMM4id8Jlz1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgdPszAAD//z8Wy5g=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1edc01, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000004100)={0x2020}, 0x2020)

4m48.820265876s ago: executing program 3 (id=776):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000, &(0x7f0000000780)='\x00\xff\xff\x00\x02@qGP\xc5\x94\xa6\x8fB\xc3\x93\xe5\xc1a\x05!\x9a\x8b\xeb\xcew\xd8\x1e\xda\xc1\x9f\xe9\xc4c\xdd\xf6^\xcb\xec\x9b\x82\xcf\x14\xde\xa5\xef\x162bP\x95/\xefMs\xe0%}\xe4\xf1=\x05\xf6l\xb7\xc1\xe9c\xc3\x7f\tg\xf56\xeasl\xbd\x02\xc1\x8a\xa9\x83\xaf\xfa\x95W+N$\x06R\x92\xe5Z\x97\xfb\xb6e}fW\x8bm\x04\'{\xaf\xe2zd\x91+-\xb1\xd8\ftK|\xb8\xd2\xb6\x7f\xf4\x84\v\x1e\x00R\xfc\xbcg\x81\xbb\xc4\xcd\xe9\xe5.\x9b\x7f\xeb\x04\xe6,N\x00\x9a\x9d\xf8\xd1\x8aR4;\x7f\x8a\x86\xb7\xd7o\x90\xfd\xa9dJ\xd5.\x18F2\x00\x00\x00\xf2y\x99\xfd\xca\xff*\xd3;\x84F\x8f !N\x1c\xfaI\xa5\x85:\xc1\x9ed\x13\xaf\xd0/\x00\x9b\x0e\xb6\xca\xa5X\xb9]<\n\x04\x00\x00\x00\x00\x00\x00\x00\xc2\xf6\x1bw\n6^\xfa\xea\r\xf1\xc1\xd0\xd821\x9e\v4Q\xc6{\xa0\xf7\xcd\x82 6zL\xeeqG\t~\xafQ(\xc3\xd8\x05\xcb\xbfB\xb0\xe1b\x0f\xa8f\xe6\xb1\xe8\x9aB\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xcd\xefx\x0f\xf5\x85M\x14\xbb\xab1)\x8e%\xb7\x89\x17/')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000d4c000/0x2000)=nil, 0x2000, &(0x7f0000000040)='%pK    \x00')
mremap(&(0x7f0000d4d000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)

4m48.528781313s ago: executing program 3 (id=777):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)

4m48.23773445s ago: executing program 36 (id=777):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)

4m0.069622868s ago: executing program 5 (id=1259):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
write$tun(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="ebba2cffa7650851"], 0x9)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

3m59.989470481s ago: executing program 5 (id=1260):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000001900010000000000000000001c140000fe000001000000000800", @ANYRES64=r0], 0x24}}, 0x4000000)

3m59.989101931s ago: executing program 5 (id=1261):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4800, 0x100000}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003900)=ANY=[@ANYBLOB="20000000160001f0ffff0800000000000a00c0"], 0x20}}, 0x0)

3m59.909230248s ago: executing program 5 (id=1262):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file2\x00', 0xa00010, &(0x7f00000001c0), 0x21, 0x4bf, &(0x7f00000009c0)="$eJzs3U9vVF0ZAPDn3nbon7fv26Is1KggomgIM+0AlbDCjcYQEiNx5QJqOzRNZzpNZ4q0sijfwUQSV7rwA7gwcWHCyr073bnBhQkq0VATF2PmzhQKnSlF2s6b3t8vObn33DOd5zyd3HPaM+2cAHLrXERsRcSpiLgXEZPd60m3xM1OaT/u5YtH89svHs0n0Wrd+UeStbevxa6vafuo+5yjEfGD70b8ONkbt7GxuTxXrVbWuvVSs7ZaamxsXl6qzS1WFisr5fLszOz09SvXyoeW69nab55/Z+nWD3//uy89++PWN3/a7tZEt213Hoepk3rhVZy24Yi4dRTBBmCom8+pQXeE/0saEZ+JiPPZ/T8ZQ9mrCQCcZK3WZLQmd9cBgJMuzdbAkrQYUeicp2mx2FnDOxPjabXeaF66X19fWeislU1FIb2/VK1Md9cKp6KQtOsz2fnrevmt+pWIOB0RPxsZy+rF+Xp1YZA/+ABAjn30ev7P3gv490hn/gcATrjRQXcAADh25n8AyB/zPwDkj/kfAPLH/A8A+WP+B4D8Mf8DQK58//btdmltdz//euHBxvpy/cHlhUpjuVhbny/O19dWi4v1+mL2mT21dz1ftV5fnbka6w9LzUqjWWpsbN6t1ddXmnezz/W+WykcS1YAwH5On3365yQitm6MZSV27eVgroaTLR10B4CBGRp0B4CBsdsX5Jff8YEeW/S+ofMnQmN7G54cTX+Ao3fx89b/Ia+s/0N+Wf+H/LL+D/nVaiX2/AeAnLHGDxzs/f8evP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjk1kJUmL3b3AJyJNi8WIjyNiKgrJ/aVqZToiPomIP40URtr1mUF3GgD4QOnfku7+XxcnL0y83Xoq+c9IdoyIn/zizs8fzjWbazPt6//sXP/WWMST7vXyIPoPAHk09F6P3pmnd+bxHS9fPJrfKYffx/6ef7uzuWg77na3dFqGYzg7jkYhIsb/lXTrHcl7Z97b1uOI+Fyv/JNsbWSqu/Pp2/HbsT8+1vjpG/HTrK1zbH8vPnsIfYG8edoef272uv/SOJcde9//o9kI9eF2xr/tPeNf+mr8G+oz/p07SICxX0dc/cP3+sZ/HPGF4V7xk1fxkz7xLxwwx7988cvn+7W1fhlxMXrH3x2r1Kytlhobm5eXanOLlcXKSrk8OzM7ff3KtXIpW6Mu7axU7/X3G5c+2S//8T7xR9+R/9cOmP+v/nvvR1/ZJ/43vtr79T+zT/z2nPj1A8afG/9t3+272/EX+uT/rtf/0gHjP/vr5sIBHwoAHIPGxubyXLVaWRv0yU6HPi39ceIk1yeDHZeAo/f6ph90TwAAAAAAAAAAAAAAgH6O49+JBp0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ9f/AgAA//9gOtV4")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000200)=0x4, 0x12)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000004c0)={0x0, 0x465f}, 0x8)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000840), 0x0, 0x0)
write$cgroup_int(r1, &(0x7f0000000380), 0x101bf)
creat(&(0x7f0000000140)='./bus\x00', 0xa6)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000001c0)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0], &(0x7f0000000040), 0x1, r3})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000380)={0x200, 0x1, &(0x7f0000000440)=[r3], &(0x7f00000000c0)=[0x2], 0x0, &(0x7f0000000040)=[0x0]})
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000480)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000800)={0x0, 0x24}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e4c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000300)={0x0, r1, 0x0, 0x2, 0x0, 0x9})

3m59.440639984s ago: executing program 5 (id=1266):
r0 = socket(0x11, 0x800000003, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002080)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x6, 0x8}}, @qdisc_kind_options=@q_mq={0x7}]}, 0x34}}, 0x0)

3m59.131679614s ago: executing program 5 (id=1270):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000002400010325bd7000fcffffff05"], 0x1c}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
recvmsg(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x40000040)

3m58.96218805s ago: executing program 37 (id=1270):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000002400010325bd7000fcffffff05"], 0x1c}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
recvmsg(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x40000040)

2m28.478282504s ago: executing program 7 (id=2349):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000)={r1, r0}, 0xc)

2m28.353835736s ago: executing program 7 (id=2351):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0)
write$vga_arbiter(r0, &(0x7f0000000100)=@other={'decodes', ' ', 'io+mem'}, 0xf)

2m28.266815922s ago: executing program 7 (id=2352):
syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[], 0x1, 0x171, &(0x7f0000000480)="$eJzs2rFKw0AYB/DParEUn8Cp0Ax1aJMmWgV3QXDyAcTQ3tXQxEgiSDsFX0BxiI/g6qqbj9DZzU1dXB0kkvRq2zsXCxLB/29o/vTLfXcJ4aarB77X5GGdaC262n8uBL5XaVmbbd7kNo3sElElDcMkuW6Q4vCrPkyihnJD9V5ca9147447LjPVHgAAAAAAAAAAAAAAAAAAAAAA/0T1RYTyUezfcMdlzalq2B/0bNdlQTj+RyNxRod47G9zR2PWTL/aO5GWnd9x4p3ztJ8xU9fSTqUk80byfPqpd6KH/UHd8ewu67Jj07RaxrphbJh61kuXO2qXYk1EpfRnQXo+7XZynujRUM8TUXl0WVp14ouzrHtRfv4CBZMX8YMQzTUKIcdAEdEfWIYIT69E35dK4gNlQVic/lYXR/dsHWSlnBb/keT/6n47yPsHdZat6kO6fzTavttR9k8pjEfPM3lBjO3ZK+kUyo4GkJPPAAAA///+VynD")
execve(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)

2m27.975561758s ago: executing program 7 (id=2355):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
recvfrom$inet6(r0, &(0x7f0000000000)=""/42, 0x2a, 0x0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x1)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

2m27.853325711s ago: executing program 7 (id=2357):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, &(0x7f0000000400))

2m27.793590745s ago: executing program 7 (id=2358):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000191c0)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="0000000002"], 0x48)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08d1ca4eb6b8b4889cdd4e786eb807e04eb88b935d785f3d3201c58033c88e160d2745a91b08363bcc34006d0009788455ec9ad10b24"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

2m12.760542265s ago: executing program 38 (id=2358):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000191c0)=ANY=[@ANYBLOB="010000000b000000050010000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="0000000002"], 0x48)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08d1ca4eb6b8b4889cdd4e786eb807e04eb88b935d785f3d3201c58033c88e160d2745a91b08363bcc34006d0009788455ec9ad10b24"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

1m40.330538345s ago: executing program 6 (id=2920):
r0 = fsopen(&(0x7f00000022c0)='hugetlbfs\x00', 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='7', 0x0)

1m40.187757213s ago: executing program 6 (id=2922):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
ioctl$SIOCAX25GETUID(r0, 0x8916, 0x0)

1m40.187366301s ago: executing program 6 (id=2923):
pipe2(&(0x7f0000000140)={<r0=>0xffffffffffffffff}, 0x0)
pipe2$watch_queue(&(0x7f0000000d40)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
splice(r0, 0x0, r1, &(0x7f00000002c0), 0x2, 0x2)

1m39.874979331s ago: executing program 6 (id=2924):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a3200"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0xfffffffffffffffd)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000340)=ANY=[@ANYBLOB="726f6469722c756e695f786c6174653d312c726f6469722c756e695f786c6174653d302c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c6e6f636173652c73686f72746e616d653d6c6f7765722c747a3d5554432c756e695f786c6174653d312c73686f77657865632c6e6f6e756d7461696c00002c007d88658bba9f86c7bbf19329c9a2a1c1511e3af2126ad5803a0f4e3d8521dd3f1b515a0673be6fb14db7c6534edf0e5e1d29e4f05d5c82fd3e0372c644e7ba7ccec22efc923b0beac1490e"], 0x0, 0x29f, &(0x7f0000000580)="$eJzs3UFrE1sYxvGnSdukKW2yKBfuhct9uW50M7TxEwRpQQwotRF1IUztREPGpGRiJCK2O7d+juLSlYL6Bbpx517cFEFw04UYaZKxaRswra1Tzf8HYU7OOe/MmZyZ8M5AJlvXn94rFwOn6NYVS5pi0rq2pcxOqWuku4y1y+Pqta5zk5/f/Xv1xs1LuXx+ftFsIbd0Pmtm0/+9evDo2f9v6pPXnk+/TGgzc2vrU/b95l+bf299XQrXXpVcW65W6+6y79lKKSg7Zld8zw08K1UCr1a3nvaiX11dbZpbWZlKrda8IDC30rSy17R61eq1prl33FLFHMexqZSGTfzQEYWNxUU3dyKDQRQm+lXWajk33rexsPErBgUAAE6XqPL/u6XASoFVqnvy+4P5f0yHyP+loc7/D4/8fxjs5P+p7vm7F/k/AAAAAAAAAAAAAAAAAAAAAAC/g+1WK91qtdLhMnwlJCUlhe+jHidOBvM/3Hp+uJeU/CeNQqPQWXbac0WV5MvT7Jj0pX08dHXKCxfz87PWltFrf60bv9YoxJUI40OZ/vFznXjrjV/TmFK9288qrZn+8dk+8Y3CuM6eaSW6W/bkKK23t1WVr5X2cb0b/3jO7MLl/L74iXY/AAAAAAD+BI59d+D6vd3uWPjYkH3tncrd+wNK/+D+wL7r61H9MxrdfgMAAAAAMEyC5sOy6/tebQgK4f8fHMsKo//okoN2HpXUrXlxWuZikEJM0lHD4z83yx8l7amZiXy6j6Pw4X7nDBikc5TfSgAAAABOQpj0j0Q9EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhtigDw8L+x/l2WM9m4tHs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA6fAtAAD//2kbF4o=")
r1 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000480)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r1, &(0x7f0000002c00)={0x2020}, 0x2020)
socket$nl_route(0x10, 0x3, 0x0)

1m39.788631611s ago: executing program 6 (id=2925):
r0 = syz_io_uring_setup(0x4578, &(0x7f0000000040)={0x0, 0xa135, 0x2, 0x1, 0x139}, &(0x7f00000000c0), &(0x7f0000000100))
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_AFF(r0, 0x11, &(0x7f0000002000)='\n', 0x1)

1m39.429590305s ago: executing program 6 (id=2928):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0x6}, 0x8)

1m39.293019079s ago: executing program 39 (id=2928):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0x6}, 0x8)

1.548263392s ago: executing program 0 (id=4196):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100))
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="180800000900000000000000000000001801000020786c0500000000002020207b1af8ff00000000c3a100000000000007010000f8ff1400b702000008000000b70300002f000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)

1.464737386s ago: executing program 0 (id=4197):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x25, 0x0, &(0x7f0000000240)=0x8f00)

1.413803856s ago: executing program 0 (id=4200):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x6}, @hci_rp_read_local_pairing_opts={{0x1}, {0x1, 0x7, 0x2}}}}, 0x9)

1.413378618s ago: executing program 0 (id=4202):
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)

1.167363511s ago: executing program 8 (id=4206):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048800}, 0x0)
r1 = socket(0x848000000015, 0x805, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000000000000000000000700000082"], 0x18}}], 0x1, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r2, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

941.89403ms ago: executing program 8 (id=4207):
syz_usb_connect(0x1, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12012000f1048108cd060202d4920000000109021b1901000000d40904150001da40df0009056132"], 0x0)

299.259641ms ago: executing program 0 (id=4212):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x67, 0xfffd, 0x0, 0x4, 0x0, @multicast1, @local}}}})

298.898341ms ago: executing program 9 (id=4213):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285628, &(0x7f0000000080)={0x3, @win={{0x2}, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0, 0x40}})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000180)={0x3, 0x1, 0x1, 0x0, 0xd7})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x6}, 0x3, 0x400000, 0x0, 0x6, 0x0, 0x9}})

298.695215ms ago: executing program 8 (id=4214):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)=0xfefffffe)
ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000000c0)=0x66000)

235.854031ms ago: executing program 9 (id=4215):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="39000000140081ae10003c000500018311001f9de60cbda816dc9f2c90c366b81f7129b6dbfc7c055572449fe2e1c79f660fcf066505acb612", 0x39}], 0x1}, 0x0)

235.439128ms ago: executing program 0 (id=4216):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000000c0)={0x81}, 0x1)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000080)={0x8}, 0x1)
sendto$inet6(r0, &(0x7f0000000040)='l', 0x1, 0x8014, &(0x7f0000000100)={0xa, 0x4e23, 0x77, @loopback, 0x10000}, 0x1c)

235.310704ms ago: executing program 8 (id=4217):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000140)={'syztnl1\x00', 0x0, 0x2d, 0x3, 0xfd, 0xfff, 0x11, @empty, @empty, 0x20, 0x7, 0x40, 0x6}})

139.384196ms ago: executing program 8 (id=4218):
syz_mount_image$exfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x3000cd0, &(0x7f0000000440)=ANY=[], 0x1, 0x150f, &(0x7f0000000e80)="$eJzs3Au0TlX3MPA511qbQy5Pkvuea26e5LJIklCSXJIkCck9IUmSJEkccktCEnI9Se4h93TScb9fck86eSVJEhIS1jeO9Hl737fRe/t/+v5n/sbY46x59p7zmfvM8Zxn7z3GOd92GVqtYfXK9ZgZ/h361wX+8iURABIAYAAAZAeAAADK5CiTI21/Jo2J/9aLiP8h9adf7Q7E1STzT99k/umbzD99k/mnbzL/9E3mn77J/NM3mb8Q6drMvNfKln43ef7//zn1nyTL53+6gL+3Q+b/v43+l46W+advMv/0Teafvsn8058rt2DBVe1DXH3y/k/fZP5CpGv/9WfK689e7Wfasv0LmxBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEII8f/AWX+FAYBf11e7LyGEEEIIIYQQQvz3+PevdgdCCCGEEEIIIYT4n4egQIOBADJARkiATJAZroEskBWyQXaIwbWQA66DnHA95ILckAfyQj7IDwUgBAILDBEUhEIQhxugMNwIRaAoFIPi4KAElISboBTcDKXhFigDt0JZuA3KQflLr5nmTqgEd0FluBuqQFWoBtXhHqgB90JNuA9qwf1QGx6AOvAg1IWHoB7UhwbwMDSER6ARNIYm0BSaQXNo8Qf5Sdn/Uf6L0B1egh7QExKhF/SGl6EP9IV+0B8GwCswEF6FQfAaDIYhMBReh2HwBgyHN2EEjIRR8BaMhjEwFsbBeJgASfA2TIR3YBK8+0hWmAJTYRpMhxkwE96DWTAb5sD7MBfmwXxIyrQQFsFi+ACWwIeQDB/BUvgYUmAZLIcVsBJWwWpYA2thHayHDbARNsFm2AJb4RPYBtthB+yEXbAb9sCnsBc+g33wOaTiF/9i/pnf5kNXBARUqNCgwQyYARMwATNjZsyCWTAbZsMYxjAH5sCcmBNzYS7Mg3kwEfNhASyAhISMjAWxIMYxjoWxMBbBIlgMi6FDhyWxJJbCC9770lgGy2BZLIvlsDyWx9vxdqyIFbESVsLKWBmrYBWshtXwHrwH78WaWBNrYS2sjbWxDtbBulgX62E9bIANsCE2xEbYCJtgE2yGzbAFtsCW2BJbYStsg22wLbbFdtgO22N77IAdsCN2xE7YCTtjZ+yCXbArvoAv4Iv4Ir6EL2FPrKJ6YW/sjX2wD/bD/tgfX8GB+Cq+iq/hYByCQ/F1fB3fwOF4GkfgSByFo7CiGoNjcRyymoBJmIQZYSJOwkk4GafgFJyG03EGzsSZOAtn42x8H+fiPJyHC3ABLsLFuBiX4IeYjMm4FM9gCi7D5bgCV+IqXIlrcC2uwfW4AdfjJtyEW3ALfoKf4HbcjjtxJ+7G3fgpfoqf4Wc4GFMxFffjfjyAB/AgHsRDeAgP42E8gkfwKB7FY3gMj+MJPIkn8BSewtN4Bs8CwDk8h+fxPF7Ei2lvfpXGKKMyqAwqQSWozCqzyqKyqGwqm4qpmMqhcqicKqfKpXKpPCqPyqfyqQKqgCJFilWkCqqCKq7iqrAqrIqoIqqYKqaccqqkKqlKqVKqtCqtyqhbVVl1myqnyqvW7nZ1u6qo2rhK6i5VWVVWVVRVVU1VV9VVDVVD1VQ1VS1VS9VWtVUd9aCqq3phP6yv0ibTUA3BRmooNlFNVTPVXL2Bj6qWaji2Uq1VG/W4GokjsJ1q6dqrp1QHNRY7qmfUOHxWdVYTsIt6XnVVL6hu6kXVXbVyPVRPNRl7qd5qGvZRfVU/1V/NwqoqbWLV1GvqxYxD1FD1ulqEb6jh6k01Qo1Uo9RbarQao8aqcWq8mqCS1NtqonpHTVLvqslqipqqpqnpaoaaqd5Ts9RsNUe9r+aqeRrUArVQLVKL1QdqifpQJauP1FL1sUpRy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pcpaov1H71F3VAfakOqq/UIfW1Oqy+UUfUt+qo+k4dU9+r4+qEOql+UKfUj+q0OqPOqp/UOfWzOq8uqIvKK9Coldba6EBn0Bl1gs6kM+trdBadVWfT2XVMX6tz6Ot0Tn29zqVz6zwmr86n8+sCOtSkrWYd6YK6kI7rG3RhfaMuoovqYrq4drqELqlv0qX0zbq0vkWX0bfqsvo2XU6X1xU86Dt0RX2nrqTv0pX13bqKrqqr6er6Hl1D36tr6vt0LX2/rq0f0HX0g7qufkjX0/V1A/2wbqgf0Y10Y91EN9XNdHPdQj+qW+rHdCvdWrfRj+u2+gndTj+p2+undAf9tO6on9Gd9LO6s35Od9HP6676Bd1NX9AXtdc9dE+dqHvp3vpl3Uf31f10fz1Av6IH6lf1IP2aHqyH6KH6dT1Mv6GH6zf1CD1Sj9Jv6dF6jB6rx+nxeoJO0m/rifodPUm/qyfrKXqqnqan6xm63+VKc/6J/Hf+Qf6gS6++RW/Vn+hterveoXfqXXq33qP36L16r96n9+lUnar36/36gD6gD+qD+pA+pA/rw/qIPqKP6qP6mD6mj+sT+if9gz6lf9Sn9Rl9Rv+kz+lz+vzlnwEYNMpoY0xgMpiMJsFkMpnNNSaLyWqymewmZq41Ocx1Jqe53uQyuU0ek9fkM/lNARMaMtawiUxBU8jEzQ2msLnRFDFFTTFT3DhTwpQ0N/3H+X/UXwvTwrQ0LU0r08q0MW1MW9PWtDPtTHvT3nQwHUxH09F0Mp1MZ9PZdDFdTFfT1XQz3Ux30930MD1Mokk0vc3Lpo/pa/qZ/maAecUMNAPNIDPIDDaDzVAz1Awzw8xwM9yMMCPMKDPKjDajzVgz1ow3402Sz24mmolmkplkJpvJZuqA7Ga6mW5mmplmlpll5pg5Zq6Za+ab+WahWWgWm8VmiVlikk2yWWqWmhSzzCwzK8wKs8qsMmvMGrPOrDMbzAazyWwyKWar2Wq2mW1mh9lhdpldZo/ZY/aavWaf2WdSTarZb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6Om5PmpDllTpnT5rQ5a86ac+acOW/Om4vmYtplX6ACFZjABBmCDEFCkBBkDjIHWYIsQbYgWxALYkGOIEeQM7g+yBXkDvIEeYN8Qf6gQBAGFNiAgygoGBQK4sENQeHgxqBIUDQoFhQPXFAiKBncFJQKbg5KB7cEZYJbg7LBbUG5oHxQIbg9uCOoGNwZVAruCioHdwdVgqpBtaB6cE9QI7g3qBncF9QK7g9qBw8EdYIHg7rBQ0G9oH7QIHg4aBg8EjQKGgdNgqZBs6B50OK/Wt/707kfcz3CnmFi2CvsHb4c9gn7hv3C/uGA8JVwYPhqOCh8LRwcDgmHhq+Hw8I3wuHhm+GIcGQ4KnwrHB2OCceG48Lx4YQwKXw7nBi+E04K3w0nh1PCqcG0cHo4I5wZvhfOCmeHc8L3w7nhvHB+uCBcGC4K8ZdLYkgOPwqXhh+HKeGycHm4IlwZrgpXh2vCteG6cH24IdwYbioz8JdDw23h9nBHuDPcFe4O94SfhnvDz8J94edhavhFuD/8S3gg/DI8GH4VHgq/Dg+H34RHwm/Do+F34bHw+/B4eCI8Gf4Qngp/DE+HZ8Kz4U/hufDn8Hx4IbwY+rSL+7SPdzJkKANloARKoMyUmbJQFspG2ShGMcpBOSgn5aRclIvyUB7KR/moQMYClIaJqSAVpDjFqTAVpiJUhIpRMXLkqCSVpFJUikpTaSpDZagslaVyVI4qUAW6g+6gO+lOuovuorvpbqpKVak6VacaVINqUk2qRbWoNtWmOlSH6lJdqkf1qAE1oIbUkBpRI2pCTagZNaMW1IJaUktqRa2oDbWhttSW2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgREqk3tSb+lAf6kf9aAANoIE0kAbRIBpMg2koDaVhNIyG03AaQSNpFL1Fo2kMjaVxNJ4mUBIl0USaSJNoEk2myTSVptJ0mk4zaSbNolk0h+bQXJpL82k+LaSFtJgW0xJaQsmUTEtpKaVQCi2n5bSSVtJqWk1raS2tp/W0kTbSZtpMW2krbaNttIN20C7aRXtoD+2lvbSP9lEqpdJ+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Gc6TxfoInlKsJlsZnuNzWKz2mw2u/3bOI/Na/PZ/LaADW0um/s3MVlri9iitpgtbp0tYUvam/4uLmfL2wr2dnuHrWjvtJVsOZsJ/jquYe+1Ne19tpa931a39/wmrm0fsHXsI7aubWzr2aa2gW1uG9pHbCPb2DaxTW0z29y2tU/YdvZJ294+ldDBPv3XsU2Ll9gP7Vq7zq63G+xe+5k9a3+yR+y39pz92fawPe0A+4odaF+1g+xrdrAd8tsYwI6yb9nRdowda8fZ8XbC38VT7TQ73c6wM+17dpad/XfxYvuBnWuT7Xy7wC60iy7FaT0l24/sUvuxTbHL7HK7wq60q+xqu+b/9rrCbrKb7Ra7x35qt9ntdofdaXfZ3ZfitPPYZz+3qfYLe9h+Yw/YL+1Be9Qesl9fitPO76j9zh6z39vj9kQvsD/YU/ZHe9qeuXT+aef+g71gL1pvgZEVazYccAbOyAmciTPzNZyFs3I2zs4xvpZz8HWck6/nXJyb83Bezsf5uQCHTGyZOeKCXIjjfAMX5hu5CBflYlycHZfgknwTl+KbuTTfwmX4Vi7Lt3E5Ls8V+Ha+gyvynVyJ7+LKfDdX4apcjavzPVyD7+WafB/X4vu5Nj/AdfhBrssPcT2uzw34YW7Ij3AjbsxNuCk34+bcgh/llvwYt+LW3IYf57b8BLfjJ7k9P8Ud+GnuyM9wJ36WO/Nz3IWf5678AnfjF7k7v8Q9uCcnci/uzS9zH+7L/bg/D+BXeCC/yoP4NR7MQ3gov87D+A0ezm/yCB7Jo/gtHs1jeCyP4/E8gZP4bZ7I7/Akfpcn8xSeytN4Os/gmfwez+LZPIff57k8j+fzAl7Ii3gxf8BL+ENO5o94KX/MKbyMl/MKXsmreDWv4bW8jtfzBt7Im3gzb+Gt/Alv4+28g3fyLt7Ne/hT3suf8T7+nFP5C97Pf+ED/CUf5K/4EH/Nh/kbPsLf8lH+jo/x93ycT/BJ/oFP8Y98ms/wWf6Jz/HPfJ4v8EX2DBFGKtKRiYIoQ5QxSogyRZmja6IsUdYoW5Q9ikXXRjmi66Kc0fVRrih3lCfKG+WL8kcFojCiyEYcRVHBqFAUj26ICkc3RkWiolGxqHjkohJRyeimqFR0c1Q6uiUqE90alY1ui8pF5aMK0e3RHVHF6M6oUnRXVDm6O6oSVY2qRdWje6Ia0b1Rzei+qFZ0f1Q6eiCqEz0Y1Y0eiupF9aMG0cNRw+iRqFHUOGoSNY2aRc2jFtGjUcvosahV1DpqEz0etY2eiNpFT0bto6eiDtHTV/YXDX75NP2b/YlRr0hffkJ2n14YXxRfHP8gviT+YTw5/lF8afzjeEp8WXx5fEV8ZXxVfHV8TXxtfF18fXxDfGN8U3xzfEvc++oZwWHajTAYF7gMLqNLcJlcZneNy+Kyumwuu4u5a10Od53L6a53uVxul8fldflcflfAhY6cdewiV9AVcnF3gyvsbnRFXFFXzBV3zpVwJV1z18K1cC3dY66Va+3auMfd4+4J94R7MuFy466je8Z1cs+6zu4595x73nV1L7hu7kXX3b3kerieLtElut6ut+vj+rh+rp8b4Aa4gW6gG+QGucFusBvqhrphbpgb7oa7EW6EG+VGudFutBvrxrrxbrxLckluopvoJrlJbrKb7Ka6qW66m+5muplulpvl5rg5bq6b6+a7+W6hW+gWu8VuiVvikl2yW+qWuhSX4pa75W6lW+lWu9VurVvr1rv1bqPb6Da7zW6r2+q2uW1uh9vhdrldbo/b4/a6vW6f2+dSXarb7/a7A+6AO+i+cofc1+6w+8Ydcd+6o+47d8x97467E+6k8/qU+9GddmfcWfeTO+d+dufdBXfReZcUezs2MfZObFLs3djk2JTY1Ni02PTYjNjM2HuxWbHZsTmx92NzY/Ni82MLYgtji2KLYx/ElsQ+jCXHPootjX0cS4ktiy2PrYitjK2KeZ9/W+QL+kI+7m/whf2Nvogv6ov54t75Er6kv8mX8jf70v4WX8bf6sv623w5X95X8I19E9/UN/PNfQv/qG/pH/OtfGvfxj/u2/onfDv/pG/vn/Id/NO+o3/Gd/LP+s7+Od/FPz/v8pR9d/+S7+F7+kTfy/f2L/s+vq/v5/v7Af4VP9C/6gf51/xgP8QP9a/7Yf4NP9y/6Uf4kX6Uf8uP9mP8WD/Oj/cTfJJ/20/07/hJ/l0/2U/xU/00P93P8DP9e36Wn+3n+Pf9XD/Pz/cL/EK/yC/2H/gl/kOf7D/yS/3HPsUv88v9Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vf+K3+e1+h9/pd/ndfo//1O/1n/l9/nOf6r/w+/1f/AH/pT/ov/KH/Nf+sP/GH/Hf+qP+O3/Mf++P+xP+pP/Bn/I/+tP+jD/rf/Ln/M/+vL/gL8rfrAkhhBBC/FP0H+zv9Q++py5vaXoDQNbteQ/9bc2NuX5Z91V7O8QA4KmeXepf3jJA/cTExMvHpmgICi0AgNiV/AxwJV4GbeAJaA+todQ/7K+vqnDpuu+v6tev/zf147cCZAbI9GtO2u3Rr/GV+jf/Tv3GH/Dv1l8GKRohvgCgSKErOWmFf42v1C/9O/V3t/39+pf6z/RlEkCrv8rJAlfiK/VLwmPwNLT/zZFCCCGEEEIIIcQv+qpzXf/g/vPS/Xk+89u8X+M/uj//A5X+0/6FEEIIIYQQQgjxx559oduTj7Zv37rT/+ZFxj9HG3+CBQLAn6ANWfz5F1f7N5MQQgghhBDiv+3KRf/V7kQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhEi//v3/EKb+6YOv9jkKIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQV9v/CQAA///tMlSc")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x0)

139.036664ms ago: executing program 9 (id=4219):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff82)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
mremap(&(0x7f0000186000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00000ad000/0x3000)=nil)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x201000, 0x1000}, 0x20)

85.906375ms ago: executing program 8 (id=4220):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000940)={0x44, &(0x7f0000000200)=ANY=[@ANYBLOB="40184a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

85.684039ms ago: executing program 9 (id=4221):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "268435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xf3d8}}}}}}}, 0x0)
syz_emit_ethernet(0x14e, &(0x7f0000000b40)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ab0001", 0x118, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x46, 0x0, 0xa388, 0x0, 0x0, {[@mptcp=@remove_addr={0x1e, 0x103, 0x8, 0x0, "e75b65f6e4b24df17b28971e4e997136092e10b28eb8fb8b198267ed0e48fa9b282c488e09f5d6f2e35bf0985ff4c269ff754c0135990a6f103e3a1a8abbb798a04a1724d4a28773a1a94ec7c86a988219f1f51248f0007be34ff907ae8e757182704f146987ba0914696064952e8a72cd3d0cf88f9fc2507861c7c131bb88fb5feaab27ea9f19ec1c7bcde77471e7c1355fb365c9893b22a53559297d968ba62f22c715e7176e62849a3ede465770faabed8d2467486effb5b9b21ca23358612b8e9980bc43882ad56b409715e6ac038eca7de627534541aed848c073fcca2b17b628653a173acb2aa8a26a4d973e9283796a354ad349d630206e255f4d9b8b"}]}}}}}}}}, 0x0)

190.663µs ago: executing program 9 (id=4222):
futex_waitv(&(0x7f0000001b00)=[{0xffb, 0x0, 0xa}], 0x1, 0x0, 0x0, 0x1)

0s ago: executing program 9 (id=4223):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000300)='./file2\x00', 0x1008000, &(0x7f00000001c0)=ANY=[], 0x1, 0x5fa, &(0x7f0000000640)="$eJzs3U9vHGcdB/DvrJ31OqDUcZM2oEpYRaoQFsnalkjKBSgF+VChShw4W8RJrGzSynaR2wMExKHi1JdQhPwGEMci5UB74ACnno16ROLum6uZnV2vnXUa/0nWbj4fafZ5nnlmnvnNb2bHM7uyNsBza3E24w9TZHH2rY2yvbW50NnaXLjXqyeZSNJIWkmKcvbfk3yRPEh3yrd6HQPlIz7/pHX7s48+/bDbKsdqFePl8hPVOgeu92T6sUx1Y63Kkxpv/ljjFQNT13SSmePFBydjp+e/VbO5r/uY70sA4DQrkrFh86eS8/UNe/kc0L0r7t5jn2kPRh0AAAAAPAMvbGc7G7kw6jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLKl//7+op0avPpOi9/v/zXpe6vqZ9nDUAQAAAAAAAADACfjOdrazkQu99k5Rfef/atW4VL1+I+9lLctZzdVsZCnrWc9q5pJMDQzU3FhaX1+de4I154euOf9s9hcAAAAAAAAAvqb+mMXd7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA0KJKxblFNl3r1qTTGk7SSNMvlHiT/6dXPsoejDgAAAAAOqXGEdV7YznY2cqHX3imqZ/6Xquf+Vt7L/axnJevpZDk3q88Cuk/9ja3Nhc7W5sK9cnp03J/+/1BhNOvwx6rWsC1fqZaYzK2sVHOu5jd5J53cTKO/41d68QyP6w9lTMWPa08Y2c26LPaVo/DNPa2pKiPn+hlp17GV2bj4+Ewc8ujs39JcGv1Pfi49hZyfr8tyf94ccc732p+J+YGz76XHZyKZ/vWfr9/p3L9759ba7OnZpSPan4mFgUy8/Fxlol1l4nK/vZhf5FeZzUzezmpW8tssZT3LmcmbVW2pPp/L16nHZ+one1pvf1Ukzfq4dK+ih4vp1WrdC1nJL/NOblZHtJ3ruZ75/DCvp73nCF8eGvfvd+ru7Z2dnTQO967/7vfqyrkkP6/LZ2rsoI4yrxcH8jp4zZ3KRC7umbObpemTvzaOf7uulGfPG6fu2nhx31+JXiZefHwm/lKdOGud+3dX7yy9+4Tbe60uywz8rJ+J8XruzoFH8+krz5fpfix7z46y78WhfXNV36V+X+ORvsv9vq96pzbre7hHR5qv+l4e2tdd78pA37D7LQBOvfPfP9+c/N/kvyc/nvzT5J3Jt1pvTNyYeKWZc/8896Px9thrjVeKv+Xj/G73+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi6tfc/uLvU6SyvHrnS+yWi446joqJyeiqjvjIBT9u19XvvXlt7/4MfrNxbur18e/n+6+0bN+bm5q63r91a6SzXr6OOEgA4Sbs3/aOOBAAAAAAAAAAAAAAAOMiz+HfiUe8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw9bY4m/GHKTLXvtou21ubC51y6tV3l2wlKcrKP5J8kTxId8rUwHDFQdv5/JPW7c8++vTD3bFa1fL/mj/2LtTb7MfS2BfTEezZt/mB8f565Ai7Uc4kma5LGLkvAwAA///hSwYd")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000300)='./bus\x00')

kernel console output (not intermixed with test programs):

9) scanned by syz.9.2574 (12912)
[  322.472971][T12912] BTRFS error: invalid seeding and uuid-changed device detected
[  322.690252][T12913] loop6: detected capacity change from 0 to 32768
[  322.730678][T12920] xt_socket: unknown flags 0xd0
[  322.733436][T12913] bcachefs (/dev/loop6): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  322.733436][T12913] clean (size 2912):
[  322.733436][T12913] flags:          0
[  322.733436][T12913] journal_seq:    10
[  322.733436][T12913] usage: type=inodes v=8
[  322.733436][T12913] usage: type=key_version v=0
[  322.733436][T12913] usage: type=reserved v=0
[  322.733436][T12913] usage: type=reserved v=0
[  322.733436][T12913] usage: type=reserved v=0
[  322.733436][T12913] usage: type=reserved v=0
[  322.733436][T12913] data_usage: btree: 1/1 [0]=2816
[  322.733436][T12913] data_usage: journal: 1/1 [0]=0
[  322.733436][T12913] data_usage: user: 1/1 [0]=16
[  322.733436][T12913] dev_usage: dev=0  
[  322.733436][T12913]   free: buckets=83 sectors=0 fragmented=0
[  322.733436][T12913]   sb: buckets=25 sectors=6152 fragmented=248
[  322.733436][T12913]   journal: buckets=8 sectors=2048 fragmented=0
[  322.733436][T12913]   btree: buckets=11 sectors=2816 fragmented=0
[  322.733436][T12913]   user: buckets=1 sectors=16 fragmented=240
[  322.733436][T12913]   cached: buckets=0 sectors=0 fragmented=0
[  322.733436][T12913]   parity: buckets=0 sectors=0 fragmented=0
[  322.733436][T12913]   stripe: buckets=0 sectors=0 fragmented=0
[  322.733436][T12913]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  322.733436][T12913]   need_discard: buckets=0 sectors=0 fragmented=0
[  322.733436][T12913] log: 
[  322.733436][T12913] clock: write=1280
[  322.733436][T12913] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ve
[  322.733635][T12913] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  323.086907][T12932] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2583'.
[  323.099661][T12909] delete_channel: no stack
[  323.102420][T12932] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2583'.
[  323.106423][T12932] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2583'.
[  323.354835][T12940] No control pipe specified
[  323.441971][T12936] loop6: detected capacity change from 0 to 32768
[  323.471071][T12936] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2584 (12936)
[  323.524508][T12936] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  323.529529][T12936] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  323.600930][T12936] BTRFS info (device loop6): rebuilding free space tree
[  323.646633][T12936] BTRFS info (device loop6): enabling ssd optimizations
[  323.649541][T12936] BTRFS info (device loop6): using spread ssd allocation scheme
[  323.652659][T12936] BTRFS info (device loop6): enabling free space tree
[  323.673995][T12936] BTRFS info (device loop6): force clearing of disk cache
[  323.731899][ T5852] Bluetooth: hci3: command tx timeout
[  323.760624][ T7205] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  324.278901][T12974] loop6: detected capacity change from 0 to 1024
[  324.303091][T12974] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.348808][ T7205] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.584157][ T5913] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  324.754252][ T5913] usb 10-1: Using ep0 maxpacket: 32
[  324.763696][ T5913] usb 10-1: config 0 has an invalid interface number: 184 but max is 0
[  324.769462][ T5913] usb 10-1: config 0 has no interface number 0
[  324.771892][ T5913] usb 10-1: config 0 interface 184 has no altsetting 0
[  324.787156][ T5913] usb 10-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  324.796676][ T5913] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.799243][ T5913] usb 10-1: Product: syz
[  324.800754][ T5913] usb 10-1: Manufacturer: syz
[  324.802635][ T5913] usb 10-1: SerialNumber: syz
[  324.809941][ T5913] usb 10-1: config 0 descriptor??
[  324.818351][ T5913] smsc75xx v1.0.0
[  325.240087][T13014] loop6: detected capacity change from 0 to 4096
[  325.256158][T13014] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  325.276844][T13014] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.339071][ T7205] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.566106][T13022] netlink: 'syz.6.2615': attribute type 1 has an invalid length.
[  325.569149][T13022] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2615'.
[  325.793942][ T5852] Bluetooth: hci3: command tx timeout
[  325.924011][ T5913] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  325.928710][ T5913] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  326.494589][T13048] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  326.569619][ T5913] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  326.574105][ T5913] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  326.578082][ T5913] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  326.582198][ T5913] smsc75xx 10-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  326.590827][ T5913] smsc75xx 10-1:0.184: probe with driver smsc75xx failed with error -71
[  326.596013][ T5913] usb 10-1: USB disconnect, device number 2
[  326.762881][T13057] loop6: detected capacity change from 0 to 2048
[  326.787607][T13057] UDF-fs: error (device loop6): udf_load_logicalvol: error loading logical volume descriptor: Partition table too long (2048 > 72)
[  326.805389][T13057] UDF-fs: Scanning with blocksize 512 failed
[  326.822955][T13057] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  326.835567][T13057] UDF-fs: Scanning with blocksize 1024 failed
[  326.840812][T13057] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  326.846346][T13057] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  326.848967][T13057] UDF-fs: Scanning with blocksize 2048 failed
[  326.852809][T13057] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  326.857880][T13057] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  326.861849][T13057] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  326.869495][T13057] UDF-fs: Scanning with blocksize 4096 failed
[  326.873360][T13057] UDF-fs: warning (device loop6): udf_fill_super: No partition found (1)
[  327.267352][ T5913] kernel read not supported for file /admmidi2 (pid: 5913 comm: kworker/0:5)
[  327.369653][T13067] loop6: detected capacity change from 0 to 1024
[  327.422471][ T1088] hfsplus: b-tree write err: -5, ino 4
[  328.158068][T13088] loop9: detected capacity change from 0 to 16
[  328.171516][T13088] erofs (device loop9): mounted with root inode @ nid 36.
[  328.198288][T13092] loop6: detected capacity change from 0 to 1024
[  328.230612][T13092] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  328.269018][T13092] EXT4-fs error (device loop6): __ext4_remount:6740: comm syz.6.2645: Abort forced by user
[  328.290216][T13092] EXT4-fs (loop6): Remounting filesystem read-only
[  328.292334][T13092] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  328.324953][ T7205] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.382047][T13102] ip_vti0: Master is either lo or non-ether device
[  328.619161][T13117] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2656'.
[  328.639384][T13117] bond0: entered promiscuous mode
[  328.641275][T13117] bond_slave_0: entered promiscuous mode
[  328.643543][T13117] bond_slave_1: entered promiscuous mode
[  329.337643][   T33] audit: type=1804 audit(1758774952.590:563): pid=13130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.2662" name="/newroot/27/file1" dev="fuse" ino=1 res=1 errno=0
[  329.353165][   T33] audit: type=1800 audit(1758774952.600:564): pid=13130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2662" name="/" dev="fuse" ino=1 res=0 errno=0
[  329.368156][   T33] audit: type=1800 audit(1758774952.600:565): pid=13129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2662" name="/" dev="fuse" ino=1 res=0 errno=0
[  329.641451][T13134] loop9: detected capacity change from 0 to 64
[  330.424023][ T6411] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  330.553572][T13166] netlink: 'syz.8.2678': attribute type 10 has an invalid length.
[  330.564473][T13166] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  330.577119][ T6411] usb 7-1: config 0 has an invalid interface number: 197 but max is 0
[  330.580595][ T6411] usb 7-1: config 0 has no interface number 0
[  330.583062][ T6411] usb 7-1: config 0 interface 197 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8
[  330.600682][ T6411] usb 7-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64
[  330.619127][ T6411] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42
[  330.637735][ T6411] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.641203][ T6411] usb 7-1: Product: syz
[  330.651055][ T6411] usb 7-1: Manufacturer: syz
[  330.653747][ T6411] usb 7-1: SerialNumber: syz
[  330.664737][ T6411] usb 7-1: config 0 descriptor??
[  330.671444][T13153] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  330.676962][T13172] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2681'.
[  330.891184][ T6411] usb 7-1: USB disconnect, device number 29
[  330.970499][T13188] geneve2: entered promiscuous mode
[  331.241027][T13193] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  332.131787][T13210] netlink: 'syz.6.2695': attribute type 6 has an invalid length.
[  332.139979][T13210] netlink: 168 bytes leftover after parsing attributes in process `syz.6.2695'.
[  334.048860][T13240] loop6: detected capacity change from 0 to 4096
[  334.054280][T13240] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  334.074881][T13240] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  334.078535][T13240] ntfs3(loop6): Failed to initialize $Extend/$Reparse.
[  334.101753][T13240] ntfs3: Volume is dirty and "force" flag is not set!
[  334.866812][T13274] tmpfs: Bad value for 'grpquota_inode_hardlimit'
[  335.122752][T13278] 9pnet: p9_errstr2errno: server reported unknown error 0000
[  335.307820][T13276] loop9: detected capacity change from 0 to 32768
[  335.320873][T13276] bcachefs: bch2_fs_parse_param() Error parsing option gc_reserve_bytes: option_value
[  335.450583][T13290] loop9: detected capacity change from 0 to 512
[  335.495878][T13290] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.514976][T13290] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  335.535016][T13290] EXT4-fs error (device loop9): ext4_xattr_block_find:1869: inode #15: comm syz.9.2731: corrupted xattr block 33: invalid header
[  335.579216][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.644086][ T5962] usb 7-1: new full-speed USB device number 30 using dummy_hcd
[  335.800816][ T5962] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  335.805176][ T5962] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  335.809433][ T5962] usb 7-1: config 1 interface 1 has no altsetting 1
[  335.815574][ T5962] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  335.819047][ T5962] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.822160][ T5962] usb 7-1: Product: syz
[  335.824413][ T5962] usb 7-1: Manufacturer: syz
[  335.826292][ T5962] usb 7-1: SerialNumber: syz
[  336.042210][ T5962] usb 7-1: selecting invalid altsetting 1
[  336.045504][ T5962] cdc_ncm 7-1:1.0: bind() failure
[  336.051904][ T5962] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  336.055724][ T5962] cdc_ncm 7-1:1.1: bind() failure
[  336.061736][ T5962] usb 7-1: USB disconnect, device number 30
[  336.630462][T13315] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2740'.
[  336.634316][T13315] netlink: 'syz.9.2740': attribute type 11 has an invalid length.
[  336.645682][   T12] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  336.653410][   T12] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  336.653435][T13315] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2740'.
[  336.659955][T13315] netlink: 'syz.9.2740': attribute type 11 has an invalid length.
[  336.660127][   T12] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  336.673961][   T12] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  336.781990][T13321] netlink: 'syz.8.2744': attribute type 1 has an invalid length.
[  336.790234][T13321] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2744'.
[  336.869394][T13325] loop9: detected capacity change from 0 to 1024
[  336.874394][ T5913] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  336.906907][T13325] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  336.913355][T13325] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.933082][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.937785][T13332] overlayfs: failed to clone upperpath
[  337.032605][T13336] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  337.047038][ T5913] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  337.056157][ T5913] usb 7-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00
[  337.064239][ T5913] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.082516][ T5913] usb 7-1: config 0 descriptor??
[  337.356126][T13352] netlink: 'syz.8.2758': attribute type 16 has an invalid length.
[  337.366836][T13352] netlink: 'syz.8.2758': attribute type 3 has an invalid length.
[  337.369929][T13352] netlink: 132 bytes leftover after parsing attributes in process `syz.8.2758'.
[  337.513002][ T5913] logitech-djreceiver 0003:046D:C532.000B: item fetching failed at offset 3/7
[  337.527522][ T5913] logitech-djreceiver 0003:046D:C532.000B: logi_dj_probe: parse failed
[  337.531029][ T5913] logitech-djreceiver 0003:046D:C532.000B: probe with driver logitech-djreceiver failed with error -22
[  337.707590][ T5913] usb 7-1: USB disconnect, device number 31
[  338.819164][T13387] loop6: detected capacity change from 0 to 512
[  338.840542][T13387] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.871601][T13387] ext4 filesystem being mounted at /804/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  338.916342][ T7205] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.108699][T13401] fuse: root generation should be zero
[  339.301626][ T8392] block nbd0: Receive control failed (result -32)
[  339.305129][   T10] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  339.476619][   T10] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  339.482755][   T10] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  339.489041][   T10] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  339.492773][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.503267][T13410] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  339.520329][   T10] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  339.871917][   T10] kernel write not supported for file /dsp (pid: 10 comm: kworker/0:1)
[  339.889045][ T5962] usb 7-1: USB disconnect, device number 32
[  340.219007][T13444] netlink: 'syz.8.2800': attribute type 32 has an invalid length.
[  340.818093][T13470] loop6: detected capacity change from 0 to 4096
[  341.255203][T13487] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2821'.
[  341.258115][T13487] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2821'.
[  341.314290][T13491] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  341.406828][T13497] loop6: detected capacity change from 0 to 512
[  341.428528][T13497] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.432727][T13497] ext4 filesystem being mounted at /827/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  341.557260][T13502] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2827'.
[  342.385828][ T7205] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.532249][T13514] loop6: detected capacity change from 0 to 1024
[  342.588946][T13514] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.606365][T13522] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  342.641410][ T7205] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.658782][T13524] bond_slave_0: entered promiscuous mode
[  342.661330][T13524] bond_slave_1: entered promiscuous mode
[  342.663201][T13524] macvlan2: entered allmulticast mode
[  342.679317][T13524] bond0: entered allmulticast mode
[  342.681409][T13524] bond_slave_0: entered allmulticast mode
[  342.683197][T13524] bond_slave_1: entered allmulticast mode
[  342.693225][T13524] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  342.700321][T13524] bridge0: port 3(macvlan2) entered blocking state
[  342.708856][T13524] bridge0: port 3(macvlan2) entered disabled state
[  342.716295][T13524] macvlan2: entered promiscuous mode
[  342.718209][T13524] bond0: entered promiscuous mode
[  342.727310][T13524] bridge0: port 3(macvlan2) entered blocking state
[  342.730274][T13524] bridge0: port 3(macvlan2) entered forwarding state
[  342.742631][T13528] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2837'.
[  342.747155][T13528] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2837'.
[  342.819757][T13532] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  342.869209][T13539] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2841'.
[  342.921841][T13544] vivid-000: disconnect
[  342.948058][T13543] vivid-000: reconnect
[  342.982800][T13546] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  343.391946][T13572] loop6: detected capacity change from 0 to 4096
[  343.403151][T13572] NILFS (loop6): mounting unchecked fs
[  343.410133][T13572] NILFS (loop6): invalid segment: Checksum error in segment payload
[  343.413239][T13572] NILFS (loop6): trying rollback from an earlier position
[  343.425313][T13572] NILFS (loop6): recovery cancelled because norecovery option was specified for a read/write mount
[  343.588172][T13576] loop6: detected capacity change from 0 to 4096
[  343.608510][T13576] ntfs3(loop6): ino=1a, mi_enum_attr
[  343.610553][T13576] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  343.630132][T13576] ntfs3(loop6): ino=22, "hugetlb.2MB.usage_in_bytes" mmap(write) compressed not supported
[  343.763032][T13580] netlink: 'syz.6.2861': attribute type 4 has an invalid length.
[  343.768639][T13580] netlink: 17 bytes leftover after parsing attributes in process `syz.6.2861'.
[  343.967745][T13589] loop9: detected capacity change from 0 to 512
[  344.059412][T13589] EXT4-fs (loop9): Invalid default hash set in the superblock
[  345.403319][T13595] loop6: detected capacity change from 0 to 32768
[  345.430509][T13595] (syz.6.2867,13595,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x62b9e51c, computed 0xfaa9014d. Applying ECC.
[  345.446803][T13595] (syz.6.2867,13595,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x62b9e51c, computed 0x266ec356
[  345.459903][T13595] (syz.6.2867,13595,1):ocfs2_validate_dir_block:452 ERROR: Checksum failed for dinode 352
[  345.469861][T13595] (syz.6.2867,13595,0):ocfs2_read_virt_blocks:1037 ERROR: status = -5
[  345.478513][T13595] (syz.6.2867,13595,0):ocfs2_read_dir_block:511 ERROR: status = -5
[  345.513946][T13595] (syz.6.2867,13595,1):ocfs2_find_entry_el:728 ERROR: reading directory 66, offset 0
[  345.521685][T13595] (syz.6.2867,13595,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  345.527955][T13595] (syz.6.2867,13595,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs?
[  345.528056][T13595] (syz.6.2867,13595,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  345.536878][T13595] (syz.6.2867,13595,1):ocfs2_initialize_super:2198 ERROR: status = -22
[  345.539590][T13595] (syz.6.2867,13595,1):ocfs2_fill_super:1177 ERROR: status = -22
[  346.953839][   T33] audit: type=1326 audit(1758774970.200:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13628 comm="syz.8.2883" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  346.985048][   T33] audit: type=1326 audit(1758774970.220:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13628 comm="syz.8.2883" exe="/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  347.013575][   T33] audit: type=1326 audit(1758774970.220:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13628 comm="syz.8.2883" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  347.053252][   T33] audit: type=1326 audit(1758774970.220:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13628 comm="syz.8.2883" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  347.085156][   T33] audit: type=1326 audit(1758774970.220:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13628 comm="syz.8.2883" exe="/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  347.098384][   T33] audit: type=1326 audit(1758774970.220:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13628 comm="syz.8.2883" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  347.120349][   T33] audit: type=1326 audit(1758774970.220:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13628 comm="syz.8.2883" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  347.144895][T13639] program syz.6.2887 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  347.235505][T13645] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  347.471568][T13656] loop9: detected capacity change from 0 to 2048
[  347.499580][T13656] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  347.538203][T13656] UDF-fs: warning (device loop9): udf_rmdir: empty directory has nlink != 2 (0)
[  347.546778][T13656] UDF-fs: warning (device loop9): udf_rmdir: parent dir link count too low (2)
[  348.103551][T13668] loop9: detected capacity change from 0 to 2048
[  348.131937][T13668] UDF-fs: error (device loop9): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  348.158428][T13668] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  348.344758][T13672] loop9: detected capacity change from 0 to 1024
[  348.347301][T13672] EXT4-fs: Ignoring removed orlov option
[  348.348978][T13672] EXT4-fs: Ignoring removed nomblk_io_submit option
[  348.370674][T13672] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.436833][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.646720][T13693] loop6: detected capacity change from 0 to 512
[  348.650490][T13693] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  348.665770][T13693] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.2910: bad orphan inode 131083
[  348.673600][T13693] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.843116][T13698] loop9: detected capacity change from 0 to 512
[  348.875488][T13698] EXT4-fs error (device loop9): ext4_iget_extra_inode:5104: inode #12: comm syz.9.2912: corrupted in-inode xattr: bad e_name length
[  348.904409][T13698] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.2912: couldn't read orphan inode 12 (err -117)
[  348.911868][ T7205] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.911949][T13698] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.967209][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.190055][T13709] NILFS (loop9): device size too small
[  349.788491][T13725] loop6: detected capacity change from 0 to 128
[  350.514749][ T5857] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  350.521015][ T5857] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  350.525147][ T5857] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  350.529483][ T5857] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  350.532776][ T5857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  350.573483][T13737] lo speed is unknown, defaulting to 1000
[  350.643365][T13736] loop9: detected capacity change from 0 to 32768
[  350.658957][T13736] jfs_mount: dbMount failed w/rc = -22
[  350.661343][T13736] Mount JFS Failure: -22
[  350.663051][T13736] jfs_mount failed w/return code = -22
[  350.839960][T13737] chnl_net:caif_netlink_parms(): no params data found
[  351.029333][T13737] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.032255][T13737] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.035271][T13737] bridge_slave_0: entered allmulticast mode
[  351.039035][T13737] bridge_slave_0: entered promiscuous mode
[  351.043970][T13737] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.047808][T13737] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.050698][T13737] bridge_slave_1: entered allmulticast mode
[  351.055116][T13737] bridge_slave_1: entered promiscuous mode
[  351.113387][T13737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  351.127742][T13737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  351.224975][T13737] team0: Port device team_slave_0 added
[  351.232713][T13737] team0: Port device team_slave_1 added
[  351.301024][T13737] batman_adv: batadv0: Adding interface: batadv_slave_0
[  351.304121][T13737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.313480][T13737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  351.325243][T13737] batman_adv: batadv0: Adding interface: batadv_slave_1
[  351.327813][T13737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.545452][T13737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.683251][T13737] hsr_slave_0: entered promiscuous mode
[  351.686409][T13737] hsr_slave_1: entered promiscuous mode
[  351.689145][T13737] debugfs: 'hsr0' already exists in 'hsr'
[  351.691425][T13737] Cannot create hsr debugfs directory
[  351.813098][T13781] loop9: detected capacity change from 0 to 512
[  351.840991][T13781] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.853062][T13781] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  351.890354][T13781] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.2947: corrupted inode contents
[  351.911563][T13781] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #2: comm syz.9.2947: mark_inode_dirty error
[  351.919299][T13781] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.2947: corrupted inode contents
[  351.925408][T13781] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #2: comm syz.9.2947: mark_inode_dirty error
[  351.945553][T13781] EXT4-fs warning (device loop9): ext4_empty_dir:3089: inode #18: comm syz.9.2947: directory missing '.'
[  352.126574][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.435591][T13797] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  352.598089][ T5852] Bluetooth: hci1: command tx timeout
[  352.848187][T13737] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  352.858067][T13801] loop9: detected capacity change from 0 to 32768
[  352.874079][T13737] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  352.880445][T13737] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  352.893207][T13801] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  352.896351][T13737] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  352.983306][T13737] 8021q: adding VLAN 0 to HW filter on device bond0
[  353.004009][T12775] ocfs2: Unmounting device (7,9) on (node local)
[  353.005493][T13737] 8021q: adding VLAN 0 to HW filter on device team0
[  353.014252][ T6714] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.017385][ T6714] bridge0: port 1(bridge_slave_0) entered forwarding state
[  353.049527][ T6714] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.052347][ T6714] bridge0: port 2(bridge_slave_1) entered forwarding state
[  353.435740][T13840] netlink: 104 bytes leftover after parsing attributes in process `syz.9.2956'.
[  353.451735][T13737] 8021q: adding VLAN 0 to HW filter on device batadv0
[  353.548459][T13737] veth0_vlan: entered promiscuous mode
[  353.564746][T13737] veth1_vlan: entered promiscuous mode
[  353.591109][T13846] loop9: detected capacity change from 0 to 4096
[  353.634893][   T33] audit: type=1326 audit(1758774976.870:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13848 comm="syz.8.2959" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  353.642532][   T33] audit: type=1326 audit(1758774976.870:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13848 comm="syz.8.2959" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  353.653482][T13737] veth0_macvtap: entered promiscuous mode
[  353.656485][T13846] NILFS (loop9): invalid segment: Checksum error in segment payload
[  353.659633][T13846] NILFS (loop9): trying rollback from an earlier position
[  353.689386][T13737] veth1_macvtap: entered promiscuous mode
[  353.692587][T13846] NILFS (loop9): recovery complete
[  353.700976][   T33] audit: type=1326 audit(1758774976.880:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13848 comm="syz.8.2959" exe="/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  353.720861][T13851] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  353.739409][   T33] audit: type=1326 audit(1758774976.880:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13848 comm="syz.8.2959" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  353.750001][T13737] batman_adv: batadv0: Interface activated: batadv_slave_0
[  353.781855][T13737] batman_adv: batadv0: Interface activated: batadv_slave_1
[  353.813591][ T6142] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  353.821191][ T6142] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.851373][ T6142] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.910091][ T6142] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.917443][   T33] audit: type=1326 audit(1758774976.880:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13848 comm="syz.8.2959" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  353.926178][   T33] audit: type=1800 audit(1758774977.120:578): pid=13856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2958" name="bus" dev="loop9" ino=12 res=0 errno=0
[  353.965870][   T33] audit: type=1800 audit(1758774977.210:579): pid=13846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2958" name="bus" dev="loop9" ino=12 res=0 errno=0
[  354.442771][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.451600][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.567850][ T6714] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  354.600969][ T6714] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  354.684106][ T5852] Bluetooth: hci1: command tx timeout
[  355.211192][T13894] netlink: 11 bytes leftover after parsing attributes in process `syz.0.2968'.
[  356.756410][ T5852] Bluetooth: hci1: command tx timeout
[  357.173410][T13958] GUP no longer grows the stack in syz.0.2986 (13958): 200000003000-20000000a000 (200000001000)
[  357.178841][T13958] CPU: 0 UID: 0 PID: 13958 Comm: syz.0.2986 Not tainted syzkaller #0 PREEMPT(full) 
[  357.178863][T13958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  357.178873][T13958] Call Trace:
[  357.178892][T13958]  <TASK>
[  357.178899][T13958]  dump_stack_lvl+0x189/0x250
[  357.178926][T13958]  ? __pfx_dump_stack_lvl+0x10/0x10
[  357.178943][T13958]  ? __pfx__printk+0x10/0x10
[  357.178960][T13958]  ? find_vma+0xe7/0x160
[  357.178992][T13958]  __get_user_pages+0x24d0/0x2ce0
[  357.179010][T13958]  ? __bpf_trace_mmap_lock_acquire_returned+0x13b/0x190
[  357.179051][T13958]  ? rcu_is_watching+0x15/0xb0
[  357.179071][T13958]  __gup_longterm_locked+0xde9/0x1660
[  357.179100][T13958]  ? sanity_check_pinned_pages+0x123a/0x1300
[  357.179125][T13958]  gup_fast_fallback+0x1e6a/0x2010
[  357.179170][T13958]  ? __pfx_gup_fast_fallback+0x10/0x10
[  357.179199][T13958]  ? pin_user_pages_fast+0x4d/0xb0
[  357.179219][T13958]  iov_iter_extract_pages+0x35a/0x5e0
[  357.179246][T13958]  extract_iter_to_sg+0xe46/0x24e0
[  357.179296][T13958]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  357.179329][T13958]  ? __asan_memset+0x22/0x50
[  357.179352][T13958]  af_alg_get_rsgl+0x436/0x810
[  357.179388][T13958]  aead_recvmsg+0x4a6/0x1440
[  357.179407][T13958]  ? aa_sk_perm+0x81e/0x950
[  357.179439][T13958]  ? __pfx_aead_recvmsg+0x10/0x10
[  357.179479][T13958]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  357.179499][T13958]  ? __pfx_aead_recvmsg+0x10/0x10
[  357.179513][T13958]  sock_recvmsg_nosec+0x186/0x1c0
[  357.179540][T13958]  ____sys_recvmsg+0x3aa/0x460
[  357.179567][T13958]  ? __pfx_____sys_recvmsg+0x10/0x10
[  357.179598][T13958]  ? import_iovec+0x74/0xa0
[  357.179620][T13958]  ___sys_recvmsg+0x1b5/0x510
[  357.179642][T13958]  ? __pfx____sys_recvmsg+0x10/0x10
[  357.179685][T13958]  ? __might_fault+0xb0/0x130
[  357.179708][T13958]  do_recvmmsg+0x307/0x770
[  357.179733][T13958]  ? __pfx_do_recvmmsg+0x10/0x10
[  357.179749][T13958]  ? __ia32_sys_rt_sigreturn+0x6a2/0x7b0
[  357.179782][T13958]  ? __pfx_do_futex+0x10/0x10
[  357.179814][T13958]  __x64_sys_recvmmsg+0x190/0x240
[  357.179835][T13958]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  357.179849][T13958]  ? rcu_is_watching+0x15/0xb0
[  357.179863][T13958]  ? do_syscall_64+0xbe/0x3b0
[  357.179887][T13958]  do_syscall_64+0xfa/0x3b0
[  357.179899][T13958]  ? lockdep_hardirqs_on+0x9c/0x150
[  357.179911][T13958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.179924][T13958]  ? exc_page_fault+0x9f/0xf0
[  357.179939][T13958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.179953][T13958] RIP: 0033:0x7f5cf6f8ec29
[  357.179968][T13958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.179980][T13958] RSP: 002b:00007f5cf7e48038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  357.179996][T13958] RAX: ffffffffffffffda RBX: 00007f5cf71d5fa0 RCX: 00007f5cf6f8ec29
[  357.180007][T13958] RDX: 0000000000000002 RSI: 0000200000000180 RDI: 0000000000000007
[  357.180015][T13958] RBP: 00007f5cf7011e41 R08: 0000000000000000 R09: 0000000000000000
[  357.180023][T13958] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000000
[  357.180031][T13958] R13: 00007f5cf71d6038 R14: 00007f5cf71d5fa0 R15: 00007ffd438e7908
[  357.180056][T13958]  </TASK>
[  358.834824][ T5852] Bluetooth: hci1: command tx timeout
[  358.973427][T14009] sctp: [Deprecated]: syz.0.3007 (pid 14009) Use of struct sctp_assoc_value in delayed_ack socket option.
[  358.973427][T14009] Use struct sctp_sack_info instead
[  359.088546][T14013] overlayfs: failed to clone lowerpath
[  359.123433][T14015] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  359.315668][T14030] loop0: detected capacity change from 0 to 2048
[  359.337603][T14030] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  359.362192][   T33] audit: type=1800 audit(1758774982.606:580): pid=14030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3018" name="file1" dev="loop0" ino=1367 res=0 errno=0
[  359.807985][T14046] program syz.9.3021 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  360.014924][ T1058] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[  360.017662][ T1058] ata1.00: irq_stat 0x40000001
[  360.019550][ T1058] ata1.00: failed command: ZAC MANAGEMENT OUT
[  360.021759][ T1058] ata1.00: cmd 9f/02:00:00:00:00/00:00:00:00:00/40 tag 25
[  360.021759][ T1058]          res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error)
[  360.030863][ T1058] ata1.00: status: { DRDY ERR }
[  360.032424][ T1058] ata1.00: error: { ABRT }
[  360.036427][ T1058] ata1.00: device reported invalid CHS sector 0
[  360.050077][T14051] netlink: 'syz.8.3026': attribute type 5 has an invalid length.
[  360.228132][T14045] loop0: detected capacity change from 0 to 32768
[  360.233944][T14045] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3024 (14045)
[  360.276205][T14045] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  360.284559][T14045] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  360.291101][T14045] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  360.353119][T14045] BTRFS info (device loop0): rebuilding free space tree
[  360.372097][T14045] BTRFS info (device loop0): disabling free space tree
[  360.378219][T14045] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  360.381767][T14045] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  360.397205][T14045] BTRFS info (device loop0): checking UUID tree
[  360.410075][T14045] BTRFS info (device loop0): enabling ssd optimizations
[  360.412727][T14045] BTRFS info (device loop0): turning off barriers
[  360.424392][T14045] BTRFS info (device loop0): disabling tree log
[  360.434091][T14045] BTRFS info (device loop0): enabling disk space caching
[  360.444847][T14045] BTRFS info (device loop0): force clearing of disk cache
[  360.447668][T14045] BTRFS info (device loop0): doing ref verification
[  360.450217][T14045] BTRFS info (device loop0): use zstd compression, level 3
[  360.453602][T14045] BTRFS info (device loop0): max_inline set to 0
[  360.552434][T13737] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  360.720472][T14087] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3035'.
[  360.734393][    C1] ata1: illegal qc_active transition (00000000->04000000)
[  360.925909][T14091] loop0: detected capacity change from 0 to 32768
[  360.930012][T14091] (syz.0.3036,14091,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  360.935751][T14091] (syz.0.3036,14091,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  360.950771][T14090] bridge0: port 1(bridge_slave_0) entered disabled state
[  360.956116][T14090] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.987833][T14091] JBD2: Ignoring recovery information on journal
[  361.005340][T14090] bridge0: port 3(macvlan2) entered disabled state
[  361.006850][T14096] netlink: 'syz.9.3037': attribute type 16 has an invalid length.
[  361.015821][T14091] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  361.023475][T14091] (syz.0.3036,14091,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC.
[  361.029971][T14096] netlink: 'syz.9.3037': attribute type 17 has an invalid length.
[  361.056651][T14096] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.059319][T14096] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.063022][T14096] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.065617][T14096] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.077772][ T1058] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[  361.114268][T14091] (syz.0.3036,14091,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC.
[  361.120009][T14091] (syz.0.3036,14091,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c
[  361.125090][T14091] (syz.0.3036,14091,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  361.129181][T14091] (syz.0.3036,14091,0):ocfs2_quota_read:201 ERROR: status = -5
[  361.132702][T14091] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[  361.137742][T14091] (syz.0.3036,14091,0):ocfs2_acquire_dquot:890 ERROR: status = -5
[  361.148544][ T1058] ata1.00: configured for UDMA/100
[  361.234830][T13737] ocfs2: Unmounting device (7,0) on (node local)
[  361.302341][T14096] bridge0: port 3(macvlan2) entered blocking state
[  361.305293][T14096] bridge0: port 3(macvlan2) entered forwarding state
[  361.549563][T14113] loop0: detected capacity change from 0 to 2048
[  361.586514][T14113] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.653593][T13737] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.299538][T14158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3058'.
[  363.225787][T14215] loop9: detected capacity change from 0 to 40427
[  363.531564][T14222] loop9: detected capacity change from 0 to 1024
[  363.545561][T14222] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  363.549084][   T33] audit: type=1804 audit(1758774986.796:581): pid=14224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.3071" name="file0" dev="tmpfs" ino=3421 res=1 errno=0
[  363.780287][   T33] audit: type=1326 audit(1758774987.026:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="syz.9.3072" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1baf98ec29 code=0x0
[  364.061652][T14237] loop0: detected capacity change from 0 to 32768
[  364.065199][T14237] btrfs: Deprecated parameter 'usebackuproot'
[  364.067173][T14237] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  364.076894][T14237] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3076 (14237)
[  364.087741][T14237] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  364.091875][T14237] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  364.129533][   T64] BTRFS warning (device loop0): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0
[  364.137416][T14237] BTRFS warning (device loop0): couldn't read tree root
[  364.140229][T14237] BTRFS warning (device loop0): try to load backup roots slot 1
[  364.142846][   T27] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0
[  364.153377][T14237] BTRFS warning (device loop0): couldn't read tree root
[  364.156096][T14237] BTRFS warning (device loop0): try to load backup roots slot 2
[  364.159593][T11521] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  364.173554][T14237] BTRFS warning (device loop0): couldn't read tree root
[  364.187020][T14237] BTRFS warning (device loop0): try to load backup roots slot 3
[  364.201654][T14237] BTRFS info (device loop0): rebuilding free space tree
[  364.234355][T14237] BTRFS info (device loop0): checking UUID tree
[  364.237658][T14237] BTRFS info (device loop0): enabling ssd optimizations
[  364.240520][T14237] BTRFS info (device loop0): disabling tree log
[  364.247621][T14237] BTRFS info (device loop0): enabling free space tree
[  364.251550][T14237] BTRFS info (device loop0): force clearing of disk cache
[  364.256024][T14237] BTRFS info (device loop0): doing ref verification
[  364.259180][T14237] BTRFS info (device loop0): trying to use backup root at mount time
[  364.262051][T14237] BTRFS info (device loop0): force lzo compression, level 1
[  364.387096][T13737] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  364.904021][ T6411] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  364.933109][T14274] loop9: detected capacity change from 0 to 32768
[  364.936445][T14274] bcachefs (/dev/loop9): error validating superblock: Invalid superblock section quota: wrong size (got 40 should be 80)
[  364.936445][T14274] quota (size 40):
[  364.936445][T14274] user: flags 9 space timelimit 7 warnlimit 0 inodes timelimit 24 warnlimit 0
[  364.936445][T14274] group: flags 1 space timelimit 80 warnlimit 10 inodes timelimit 0 warnlimit 0
[  364.936445][T14274] project: flags 38 space timelimit 0 warnlimit 0 inodes timelimit 0 warnlimit 0
[  364.936445][T14274] 
[  364.951878][T14274] bcachefs: bch2_fs_get_tree() error: invalid_sb_quota
[  365.073644][T14286] netlink: 'syz.9.3091': attribute type 1 has an invalid length.
[  365.077221][T14286] netlink: 244 bytes leftover after parsing attributes in process `syz.9.3091'.
[  365.095500][ T6411] usb 1-1: Using ep0 maxpacket: 32
[  365.107517][ T6411] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  365.111273][ T6411] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  365.126839][ T6411] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  365.144815][ T6411] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.163294][ T6411] usb 1-1: config 0 descriptor??
[  365.174904][T14288] loop9: detected capacity change from 0 to 1024
[  365.216912][T14288] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  365.283088][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.447343][T14300] loop9: detected capacity change from 0 to 256
[  365.466759][T14300] FAT-fs (loop9): Directory bread(block 64) failed
[  365.469488][T14300] FAT-fs (loop9): Directory bread(block 65) failed
[  365.479534][T14300] FAT-fs (loop9): Directory bread(block 66) failed
[  365.496193][T14300] FAT-fs (loop9): Directory bread(block 67) failed
[  365.498991][T14300] FAT-fs (loop9): Directory bread(block 68) failed
[  365.501598][T14300] FAT-fs (loop9): Directory bread(block 69) failed
[  365.504648][T14300] FAT-fs (loop9): Directory bread(block 70) failed
[  365.507389][T14300] FAT-fs (loop9): Directory bread(block 71) failed
[  365.510749][T14300] FAT-fs (loop9): Directory bread(block 72) failed
[  365.513310][T14300] FAT-fs (loop9): Directory bread(block 73) failed
[  365.598136][ T6411] hid-led 0003:27B8:01ED.000C: item fetching failed at offset 0/2
[  365.601850][ T6411] hid-led 0003:27B8:01ED.000C: probe with driver hid-led failed with error -22
[  365.798582][ T5962] usb 1-1: USB disconnect, device number 2
[  365.957090][T14315] bridge1: entered promiscuous mode
[  366.161384][T14323] MPI: mpi too large (130952 bits)
[  367.573018][T14380] loop0: detected capacity change from 0 to 512
[  367.585513][T14380] EXT4-fs: Ignoring removed nomblk_io_submit option
[  367.609163][T14382] tmpfs: User quota block hardlimit too large.
[  367.618137][T14380] EXT4-fs: Mount option(s) incompatible with ext2
[  367.757556][T14390] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3137'.
[  368.301437][T14411] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3147'.
[  368.647105][ T6411] usb 1-1: new low-speed USB device number 3 using dummy_hcd
[  368.805933][ T6411] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 65535, setting to 8
[  368.811909][ T6411] usb 1-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  368.821086][ T6411] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.829063][T14404] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  369.052277][ T6411] usb 1-1: string descriptor 0 read error: -71
[  369.062377][ T6411] hub 1-1:32.0: USB hub found
[  369.071046][ T6411] hub 1-1:32.0: config failed, can't read hub descriptor (err -22)
[  369.186223][ T6411] usb 1-1: USB disconnect, device number 3
[  369.369250][T14446] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3164'.
[  370.721241][T14494] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3185'.
[  370.725902][T14494] netlink: 64 bytes leftover after parsing attributes in process `syz.8.3185'.
[  370.731310][T14494] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3185'.
[  371.394964][T14507] loop0: detected capacity change from 0 to 128
[  371.746730][T14516] loop9: detected capacity change from 0 to 4096
[  371.932222][T14518] RDS: rds_bind could not find a transport for fe88::a, load rds_tcp or rds_rdma?
[  372.246414][T14522] netdevsim netdevsim9 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  372.262784][T14522] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.490362][T14522] netdevsim netdevsim9 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  372.505733][T14522] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.667416][T14522] netdevsim netdevsim9 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  372.672704][T14522] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.785854][T14522] netdevsim netdevsim9 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  372.790074][T14522] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.982174][   T13] netdevsim netdevsim9 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  372.985646][   T13] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.012866][   T13] netdevsim netdevsim9 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  373.017351][   T13] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.024049][   T13] netdevsim netdevsim9 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  373.026940][   T13] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.048576][   T13] netdevsim netdevsim9 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  373.058867][   T13] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.069153][T14559] netlink: 'syz.0.3215': attribute type 4 has an invalid length.
[  373.207551][T14565] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3218'.
[  373.211134][T14565] openvswitch: netlink: nsh attribute has 1 unknown bytes.
[  373.213541][T14565] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  373.397771][T14575] dummy0: entered promiscuous mode
[  373.406268][T14575] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  373.419900][T14575] hsr1: entered allmulticast mode
[  373.421972][T14575] dummy0: entered allmulticast mode
[  373.426952][T14575] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  373.959102][ T5852] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  373.962941][ T5852] Bluetooth: hci1: Injecting HCI hardware error event
[  373.970255][ T5852] Bluetooth: hci1: hardware error 0x00
[  374.494382][ T6411] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  374.646070][ T6411] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  374.649612][ T6411] usb 10-1: config 0 has no interface number 0
[  374.654464][ T6411] usb 10-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e
[  374.658053][ T6411] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.669023][ T6411] usb 10-1: config 0 descriptor??
[  374.682969][ T6411] usb 10-1: bad CDC descriptors
[  374.864109][ T5913] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  374.884948][ T6411] usb 10-1: USB disconnect, device number 3
[  375.020863][ T5913] usb 1-1: unable to get BOS descriptor or descriptor too short
[  375.028380][ T5913] usb 1-1: config 4 has an invalid interface number: 180 but max is 0
[  375.031729][ T5913] usb 1-1: config 4 has no interface number 0
[  375.035719][ T5913] usb 1-1: config 4 interface 180 has no altsetting 0
[  375.041028][ T5913] usb 1-1: New USB device found, idVendor=2c7c, idProduct=0125, bcdDevice=eb.29
[  375.047513][ T5913] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.050058][ T5913] usb 1-1: Product: syz
[  375.051366][ T5913] usb 1-1: Manufacturer: syz
[  375.052744][ T5913] usb 1-1: SerialNumber: syz
[  375.284304][ T5913] qmi_wwan 1-1:4.180: probe with driver qmi_wwan failed with error -22
[  375.309433][ T5913] usb 1-1: USB disconnect, device number 4
[  375.511556][T14625] loop9: detected capacity change from 0 to 1024
[  375.649755][T14633] netlink: 'syz.8.3251': attribute type 4 has an invalid length.
[  375.667820][T14633] netlink: 'syz.8.3251': attribute type 4 has an invalid length.
[  376.124083][ T5852] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  376.148940][T14642] loop9: detected capacity change from 0 to 32768
[  376.167241][T14642] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3256 (14642)
[  376.170303][T14645] loop0: detected capacity change from 0 to 32768
[  376.246796][T14642] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  376.250867][T14642] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  376.349661][T14642] BTRFS info (device loop9): allowing degraded mounts
[  376.352394][T14642] BTRFS info (device loop9): enabling ssd optimizations
[  376.365414][T14642] BTRFS info (device loop9): enabling free space tree
[  376.368162][T14642] BTRFS info (device loop9): force zlib compression, level 3
[  376.555474][T12775] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  377.720207][ T5898] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  377.904225][ T5898] usb 10-1: Using ep0 maxpacket: 16
[  377.926563][ T5898] usb 10-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 8.00
[  377.928128][T14704] loop0: detected capacity change from 0 to 64
[  377.931869][ T5898] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.942863][ T5898] usb 10-1: config 0 descriptor??
[  377.975847][ T5898] ftdi_sio 10-1:0.0: FTDI USB Serial Device converter detected
[  377.980335][ T5898] usb 10-1: Detected FT4232H
[  378.189625][ T5898] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  378.194495][ T5898] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  378.198738][ T5898] usb 10-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  378.246134][ T5898] usb 10-1: USB disconnect, device number 4
[  378.278378][T14709] Trying to free block not in datazone
[  378.367210][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  378.561462][ T5898] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  378.591207][ T5898] ftdi_sio 10-1:0.0: device disconnected
[  378.632966][ T5878] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  378.638590][ T5878] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.873155][ T5878] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  378.878632][ T5878] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.041791][ T5878] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  379.053879][ T5878] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.181662][ T5878] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  379.189618][T14736] netlink: 'syz.9.3290': attribute type 1 has an invalid length.
[  379.192756][ T5878] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.641768][ T5878] bond2: left allmulticast mode
[  379.653539][ T5878] bond2: left promiscuous mode
[  379.663667][ T5878] bridge0: port 3(bond2) entered disabled state
[  379.678047][ T5878] bridge_slave_1: left allmulticast mode
[  379.682210][ T5878] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.686151][ T5878] bridge_slave_0: left allmulticast mode
[  379.686167][ T5878] bridge_slave_0: left promiscuous mode
[  379.686292][ T5878] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.782560][T14766] xt_HMARK: proto mask must be zero with L3 mode
[  380.646867][ T5878] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  380.650683][ T5878] bond_slave_0: left promiscuous mode
[  380.653084][ T5878] bond_slave_0: left allmulticast mode
[  380.657652][ T5878] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  380.661678][ T5878] bond_slave_1: left promiscuous mode
[  380.664412][ T5878] bond_slave_1: left allmulticast mode
[  380.667995][ T5878] bond0 (unregistering): Released all slaves
[  380.857155][ T5878] bond1 (unregistering): Released all slaves
[  381.042522][ T5878] bond2 (unregistering): Released all slaves
[  381.053572][ T5878] bond3 (unregistering): Released all slaves
[  381.063417][T14774] veth0: entered promiscuous mode
[  381.068267][T14774] veth0: left promiscuous mode
[  381.198611][ T5878] : left promiscuous mode
[  381.340909][ T5878] tipc: Left network mode
[  381.404948][ T5898] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[  381.421926][T14802] netlink: 'syz.8.3322': attribute type 1 has an invalid length.
[  381.554074][T14808] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3325'.
[  381.572796][ T5898] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  381.582388][ T5898] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  381.594121][ T5898] usb 10-1: New USB device found, idVendor=0e8f, idProduct=0003, bcdDevice= 0.00
[  381.602809][ T5898] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.607708][T14812] loop0: detected capacity change from 0 to 64
[  381.627923][ T5898] usb 10-1: config 0 descriptor??
[  381.637775][ T5852] Bluetooth: hci2: unexpected subevent 0x0e length: 30 > 15
[  381.640662][ T5852] Bluetooth: hci2: Unable to find connection for dst 00:00:00:00:00:00 sid 0x00
[  381.647158][T14812] Trying to free block not in datazone
[  381.649402][T14812] Trying to free block not in datazone
[  381.651585][T14812] Trying to free block not in datazone
[  381.654531][T14812] Trying to free block not in datazone
[  381.678772][T14812] minix_free_block (loop0:6): bit already cleared
[  381.682198][T14812] Trying to free block not in datazone
[  381.700404][T14812] Trying to free block not in datazone
[  381.850554][T14818] dvmrp1: entered allmulticast mode
[  381.857337][T14818] dvmrp1: left allmulticast mode
[  381.864356][ T5898] usbhid 10-1:0.0: can't add hid device: -71
[  381.867072][ T5898] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  381.872942][ T5898] usb 10-1: USB disconnect, device number 5
[  382.018436][T14822] loop0: detected capacity change from 0 to 256
[  382.022785][T14822] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  382.033209][T14822] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  382.042057][T14822] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  382.049084][T14822] UDF-fs: Scanning with blocksize 512 failed
[  382.053495][T14822] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  382.059785][T14822] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  382.203092][T14829] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3335'.
[  382.211300][T14829] netlink: 'syz.8.3335': attribute type 30 has an invalid length.
[  382.236986][ T6142] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  382.241129][   T13] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  382.251447][   T13] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  382.255691][   T13] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  384.223969][ T6200] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  384.320323][T14883] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3360'.
[  384.389042][ T6200] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  384.397554][ T6200] usb 10-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  384.408140][ T6200] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  384.415257][ T6200] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.422030][ T6200] usb 10-1: Product: syz
[  384.426046][ T6200] usb 10-1: Manufacturer: syz
[  384.430406][ T6200] usb 10-1: SerialNumber: syz
[  384.444881][ T6200] cdc_mbim 10-1:1.0: skipping garbage
[  384.667159][T14877] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  384.744379][T14895] C: Caught tx_queue_len zero misconfig
[  384.758504][T14895] netlink: 'syz.8.3365': attribute type 1 has an invalid length.
[  384.923255][T14903] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3369'.
[  384.928315][T14903] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3369'.
[  384.932029][T14903] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3369'.
[  385.054535][T14910] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3372'.
[  385.058203][T14910] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3372'.
[  385.288091][T14877] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  385.293952][ T6200] cdc_mbim 10-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  385.296913][ T6200] cdc_mbim 10-1:1.0: setting rx_max = 2048
[  385.500201][ T6200] cdc_mbim 10-1:1.0: setting tx_max = 184
[  385.516373][ T6200] cdc_mbim 10-1:1.0: cdc-wdm0: USB WDM device
[  385.529545][ T6200] wwan wwan0: port wwan0mbim0 attached
[  385.547168][ T6200] cdc_mbim 10-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.9-1, CDC MBIM, 4e:9c:05:2a:39:93
[  385.702021][ T6200] usb 10-1: USB disconnect, device number 6
[  385.704945][ T6200] cdc_mbim 10-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.9-1, CDC MBIM
[  385.766948][ T6200] wwan wwan0: port wwan0mbim0 disconnected
[  386.528459][T14963] loop9: detected capacity change from 0 to 64
[  386.537043][T14963] BFS-fs: bfs_fill_super(): loop9 is unclean, continuing
[  386.541981][T14963] BFS-fs: bfs_fill_super(): Inode 0x00000003 corrupted on loop9
[  386.747684][T14967] loop9: detected capacity change from 0 to 2048
[  386.782354][T14967] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  388.307912][T14982] loop0: detected capacity change from 0 to 4096
[  388.317296][T14982] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0022]
[  388.322962][T14982] System zones: 0-5
[  388.332300][T14982] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.364279][T14982] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3403: bg 0: block 304: padding at end of block bitmap is not set
[  388.457115][T14982] fs-verity (loop0, inode 15): ext4_end_enable_verity() failed with err -117
[  388.489583][T13737] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.660980][T14999] netlink: 100 bytes leftover after parsing attributes in process `syz.9.3410'.
[  388.882069][T15011] loop9: detected capacity change from 0 to 128
[  388.884283][T15013] tc_dump_action: action bad kind
[  389.299496][T15025] sp0: Synchronizing with TNC
[  389.664515][T15034] loop0: detected capacity change from 0 to 40427
[  389.685715][T15034] F2FS-fs (loop0): invalid crc value
[  389.782078][T15034] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  389.792115][T15034] F2FS-fs (loop0): Start checkpoint disabled!
[  389.800014][T15034] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  389.908385][T15047] syz.0.3426: attempt to access beyond end of device
[  389.908385][T15047] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  389.926528][   T33] audit: type=1800 audit(1758775013.136:583): pid=15047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3426" name="bus" dev="loop0" ino=10 res=0 errno=0
[  389.936134][T15047] syz.0.3426: attempt to access beyond end of device
[  389.936134][T15047] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  389.941379][T15047] syz.0.3426: attempt to access beyond end of device
[  389.941379][T15047] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  389.974246][T15047] syz.0.3426: attempt to access beyond end of device
[  389.974246][T15047] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  389.979236][T15047] syz.0.3426: attempt to access beyond end of device
[  389.979236][T15047] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  390.043322][T15047] syz.0.3426: attempt to access beyond end of device
[  390.043322][T15047] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  390.078190][T15047] syz.0.3426: attempt to access beyond end of device
[  390.078190][T15047] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  390.083931][ T2298] usb 10-1: new full-speed USB device number 7 using dummy_hcd
[  390.088080][T15047] syz.0.3426: attempt to access beyond end of device
[  390.088080][T15047] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  390.103687][T15047] syz.0.3426: attempt to access beyond end of device
[  390.103687][T15047] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  390.114023][T15047] syz.0.3426: attempt to access beyond end of device
[  390.114023][T15047] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  390.701585][ T2298] usb 10-1: not running at top speed; connect to a high speed hub
[  390.706625][ T2298] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  390.710024][ T2298] usb 10-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  390.712942][ T2298] usb 10-1: config 1 has no interface number 1
[  390.716854][ T2298] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  390.721634][ T2298] usb 10-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  390.729838][ T2298] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  390.729967][T14488] CPU: 1 UID: 0 PID: 14488 Comm: kworker/u10:9 Not tainted syzkaller #0 PREEMPT(full) 
[  390.729982][T14488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  390.729988][T14488] Workqueue: writeback wb_workfn (flush-7:0)
[  390.730003][T14488] Call Trace:
[  390.730007][T14488]  <TASK>
[  390.730012][T14488]  dump_stack_lvl+0x189/0x250
[  390.730026][T14488]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.730036][T14488]  ? __pfx_queue_work_on+0x10/0x10
[  390.730044][T14488]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  390.730058][T14488]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  390.730076][T14488]  f2fs_handle_critical_error+0x37c/0x540
[  390.730093][T14488]  f2fs_write_end_io+0x886/0xb60
[  390.730111][T14488]  __submit_merged_bio+0x27a/0x6a0
[  390.730125][T14488]  __submit_merged_write_cond+0x255/0x530
[  390.730140][T14488]  f2fs_write_data_pages+0x261d/0x3000
[  390.730165][T14488]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  390.730179][T14488]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  390.730206][T14488]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  390.730224][T14488]  ? trace_f2fs_writepages+0x7f/0x200
[  390.730272][T14488]  ? f2fs_write_node_pages+0x478/0x6e0
[  390.730286][T14488]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  390.730305][T14488]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  390.730313][T14488]  do_writepages+0x32e/0x550
[  390.730327][T14488]  ? reacquire_held_locks+0x127/0x1d0
[  390.730335][T14488]  ? writeback_sb_inodes+0x384/0x1010
[  390.730350][T14488]  __writeback_single_inode+0x145/0xff0
[  390.730360][T14488]  ? do_raw_spin_unlock+0x4d/0x240
[  390.730372][T14488]  writeback_sb_inodes+0x6c7/0x1010
[  390.730386][T14488]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  390.730406][T14488]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  390.730438][T14488]  ? rcu_is_watching+0x15/0xb0
[  390.730452][T14488]  wb_writeback+0x43b/0xaf0
[  390.730466][T14488]  ? queue_io+0x361/0x590
[  390.730478][T14488]  ? __pfx_wb_writeback+0x10/0x10
[  390.730492][T14488]  ? _raw_spin_unlock_irq+0x23/0x50
[  390.730506][T14488]  wb_workfn+0x409/0xef0
[  390.730522][T14488]  ? __pfx_wb_workfn+0x10/0x10
[  390.730533][T14488]  ? __lock_acquire+0xab9/0xd20
[  390.730550][T14488]  ? process_scheduled_works+0x9ef/0x17b0
[  390.730562][T14488]  ? process_scheduled_works+0x9ef/0x17b0
[  390.730569][T14488]  ? process_scheduled_works+0x9ef/0x17b0
[  390.730577][T14488]  process_scheduled_works+0xae1/0x17b0
[  390.730600][T14488]  ? __pfx_process_scheduled_works+0x10/0x10
[  390.730616][T14488]  worker_thread+0x8a0/0xda0
[  390.730626][T14488]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  390.730642][T14488]  ? __kthread_parkme+0x7b/0x200
[  390.730656][T14488]  kthread+0x711/0x8a0
[  390.730667][T14488]  ? __pfx_worker_thread+0x10/0x10
[  390.730675][T14488]  ? __pfx_kthread+0x10/0x10
[  390.730691][T14488]  ? _raw_spin_unlock_irq+0x23/0x50
[  390.730702][T14488]  ? lockdep_hardirqs_on+0x9c/0x150
[  390.730710][T14488]  ? __pfx_kthread+0x10/0x10
[  390.730720][T14488]  ret_from_fork+0x439/0x7d0
[  390.730730][T14488]  ? __pfx_ret_from_fork+0x10/0x10
[  390.730741][T14488]  ? __switch_to_asm+0x39/0x70
[  390.730751][T14488]  ? __switch_to_asm+0x33/0x70
[  390.730759][T14488]  ? __pfx_kthread+0x10/0x10
[  390.730769][T14488]  ret_from_fork_asm+0x1a/0x30
[  390.730788][T14488]  </TASK>
[  390.731713][T14488] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  390.733420][ T2298] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.733437][ T2298] usb 10-1: Product: syz
[  390.733444][ T2298] usb 10-1: Manufacturer: syz
[  390.733451][ T2298] usb 10-1: SerialNumber: syz
[  390.860181][T14488] CPU: 1 UID: 0 PID: 14488 Comm: kworker/u10:9 Not tainted syzkaller #0 PREEMPT(full) 
[  390.860203][T14488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  390.860212][T14488] Workqueue: writeback wb_workfn (flush-7:0)
[  390.860265][T14488] Call Trace:
[  390.860271][T14488]  <TASK>
[  390.860279][T14488]  dump_stack_lvl+0x189/0x250
[  390.860297][T14488]  ? __pfx_dump_stack_lvl+0x10/0x10
[  390.860309][T14488]  ? __pfx_queue_work_on+0x10/0x10
[  390.860322][T14488]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  390.860343][T14488]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  390.860380][T14488]  f2fs_handle_critical_error+0x37c/0x540
[  390.860401][T14488]  f2fs_write_end_io+0x886/0xb60
[  390.860433][T14488]  __submit_merged_bio+0x27a/0x6a0
[  390.860458][T14488]  __submit_merged_write_cond+0x255/0x530
[  390.860476][T14488]  f2fs_write_data_pages+0x261d/0x3000
[  390.860521][T14488]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  390.860545][T14488]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  390.860585][T14488]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  390.860612][T14488]  ? trace_f2fs_writepages+0x7f/0x200
[  390.860628][T14488]  ? f2fs_write_node_pages+0x478/0x6e0
[  390.860649][T14488]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  390.860676][T14488]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  390.860688][T14488]  do_writepages+0x32e/0x550
[  390.860708][T14488]  ? reacquire_held_locks+0x127/0x1d0
[  390.860720][T14488]  ? writeback_sb_inodes+0x384/0x1010
[  390.860745][T14488]  __writeback_single_inode+0x145/0xff0
[  390.860762][T14488]  ? do_raw_spin_unlock+0x4d/0x240
[  390.860783][T14488]  writeback_sb_inodes+0x6c7/0x1010
[  390.860807][T14488]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  390.860843][T14488]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  390.860900][T14488]  ? rcu_is_watching+0x15/0xb0
[  390.860924][T14488]  wb_writeback+0x43b/0xaf0
[  390.860949][T14488]  ? queue_io+0x361/0x590
[  390.860969][T14488]  ? __pfx_wb_writeback+0x10/0x10
[  390.860994][T14488]  ? _raw_spin_unlock_irq+0x23/0x50
[  390.861018][T14488]  wb_workfn+0x409/0xef0
[  390.861048][T14488]  ? __pfx_wb_workfn+0x10/0x10
[  390.861065][T14488]  ? __lock_acquire+0xab9/0xd20
[  390.861095][T14488]  ? process_scheduled_works+0x9ef/0x17b0
[  390.861116][T14488]  ? process_scheduled_works+0x9ef/0x17b0
[  390.861128][T14488]  ? process_scheduled_works+0x9ef/0x17b0
[  390.861143][T14488]  process_scheduled_works+0xae1/0x17b0
[  390.861186][T14488]  ? __pfx_process_scheduled_works+0x10/0x10
[  390.861216][T14488]  worker_thread+0x8a0/0xda0
[  390.861261][T14488]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  390.861289][T14488]  ? __kthread_parkme+0x7b/0x200
[  390.861314][T14488]  kthread+0x711/0x8a0
[  390.861335][T14488]  ? __pfx_worker_thread+0x10/0x10
[  390.861348][T14488]  ? __pfx_kthread+0x10/0x10
[  390.861372][T14488]  ? _raw_spin_unlock_irq+0x23/0x50
[  390.861392][T14488]  ? lockdep_hardirqs_on+0x9c/0x150
[  390.861404][T14488]  ? __pfx_kthread+0x10/0x10
[  390.861421][T14488]  ret_from_fork+0x439/0x7d0
[  390.861438][T14488]  ? __pfx_ret_from_fork+0x10/0x10
[  390.861459][T14488]  ? __switch_to_asm+0x39/0x70
[  390.861474][T14488]  ? __switch_to_asm+0x33/0x70
[  390.861489][T14488]  ? __pfx_kthread+0x10/0x10
[  390.861507][T14488]  ret_from_fork_asm+0x1a/0x30
[  390.861539][T14488]  </TASK>
[  390.861546][T14488] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  390.964054][ T2298] usb 10-1: 2:1 : no or invalid class specific endpoint descriptor
[  391.064324][ T2298] usb 10-1: USB disconnect, device number 7
[  391.148401][ T7968] udevd[7968]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  391.191578][T15063] dummy0: Caught tx_queue_len zero misconfig
[  391.859658][T15088] netlink: 'syz.0.3449': attribute type 1 has an invalid length.
[  391.862990][T15088] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  391.954198][ T5898] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  392.107862][ T5898] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  392.137796][ T5898] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  392.140638][ T5898] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.143414][ T5898] usb 10-1: Product: syz
[  392.145617][ T5898] usb 10-1: Manufacturer: syz
[  392.147452][ T5898] usb 10-1: SerialNumber: syz
[  392.153423][ T5898] usb 10-1: config 0 descriptor??
[  392.158107][ T5898] yurex 10-1:0.0: Could not find endpoints
[  392.174738][T15093] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3451'.
[  392.367011][   T47] usb 10-1: USB disconnect, device number 8
[  393.069348][T15128] loop0: detected capacity change from 0 to 32768
[  393.076621][T15128] 
[  393.076621][T15128]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  393.076621][T15128] 
[  393.091700][T15128] ERROR: (device loop0): diWrite: ixpxd invalid
[  393.091700][T15128] 
[  393.120949][T15128] ERROR: (device loop0): txCommit: 
[  393.120949][T15128] 
[  393.160406][T13737] 
[  393.160406][T13737]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  393.160406][T13737] 
[  393.169440][T13737] 
[  393.169440][T13737]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  393.169440][T13737] 
[  393.304692][T15154] lo speed is unknown, defaulting to 1000
[  393.564491][T15156] loop0: detected capacity change from 0 to 32768
[  393.572209][T15156] XFS: attr2 mount option is deprecated.
[  393.602688][T15156] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  393.637962][T15156] XFS (loop0): Ending clean mount
[  393.654001][ T2298] usb 10-1: new full-speed USB device number 9 using dummy_hcd
[  393.657493][T15156] XFS (loop0): Quotacheck needed: Please wait.
[  393.746260][T15156] XFS (loop0): Quotacheck: Done.
[  393.786588][T13737] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  393.850766][ T2298] usb 10-1: unable to get BOS descriptor or descriptor too short
[  393.855894][ T2298] usb 10-1: not running at top speed; connect to a high speed hub
[  393.880222][ T2298] usb 10-1: config 0 has too many interfaces: 227, using maximum allowed: 32
[  393.883332][ T2298] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  393.910186][ T2298] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 227
[  393.949212][ T2298] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  393.952522][ T2298] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.964485][ T2298] usb 10-1: Product: syz
[  393.966245][ T2298] usb 10-1: Manufacturer: syz
[  393.968115][ T2298] usb 10-1: SerialNumber: syz
[  393.978736][ T2298] usb 10-1: config 0 descriptor??
[  394.130111][T15195] syz_tun: entered allmulticast mode
[  394.139210][T15194] syz_tun: left allmulticast mode
[  394.239026][ T2298] usb 10-1: USB disconnect, device number 9
[  394.283489][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  394.964793][T15223] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3506'.
[  395.851436][T14603] Bluetooth: hci2: command 0x0406 tx timeout
[  395.914686][T15255] loop9: detected capacity change from 0 to 256
[  395.944945][T15255] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  395.957374][T15255] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  395.966397][T15257] team_slave_0: entered promiscuous mode
[  395.969480][T15257] team_slave_1: entered promiscuous mode
[  395.971669][T15255] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  397.114412][T15267] kthread_run failed with err -4
[  397.767251][T15310] loop0: detected capacity change from 0 to 2048
[  397.810501][T15311] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  397.865218][T15317] trusted_key: encrypted_key: master key parameter 'C' is invalid
[  398.070394][   T33] audit: type=1326 audit(1758775021.116:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.081229][   T33] audit: type=1326 audit(1758775021.116:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.105705][   T33] audit: type=1326 audit(1758775021.116:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.124718][   T33] audit: type=1326 audit(1758775021.116:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.143133][   T33] audit: type=1326 audit(1758775021.135:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.186564][   T33] audit: type=1326 audit(1758775021.135:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.193381][   T33] audit: type=1326 audit(1758775021.135:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.208729][   T33] audit: type=1326 audit(1758775021.135:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.216372][   T33] audit: type=1326 audit(1758775021.135:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.235644][   T33] audit: type=1326 audit(1758775021.135:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.8.3553" exe="/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff418b8ec29 code=0x7ffc0000
[  398.267539][ T6200] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  398.431618][ T6200] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  398.436084][ T6200] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  398.440811][ T6200] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  398.445044][ T6200] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  398.451670][ T6200] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  398.455643][ T6200] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  398.458997][ T6200] usb 10-1: Manufacturer: syz
[  398.598460][ T6200] usb 10-1: config 0 descriptor??
[  399.218596][ T6200] appleir 0003:05AC:8243.000D: unknown main item tag 0x0
[  399.238717][ T6200] appleir 0003:05AC:8243.000D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.9-1/input0
[  399.542675][ T5885] usb 10-1: USB disconnect, device number 10
[  399.545991][T15361] netlink: 'syz.0.3566': attribute type 9 has an invalid length.
[  399.548667][T15361] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3566'.
[  400.087041][T15384] netlink: 'syz.8.3576': attribute type 39 has an invalid length.
[  400.184721][T15388] loop9: detected capacity change from 0 to 1024
[  400.188598][T15388] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  400.283015][T15390] loop9: detected capacity change from 0 to 1024
[  400.328429][T15390] hfsplus: xattr searching failed
[  400.589368][T15396] loop9: detected capacity change from 0 to 32768
[  401.018595][T15415] loop9: detected capacity change from 0 to 128
[  401.033232][T15415] befs: (loop9): No write support. Marking filesystem read-only
[  401.055118][T15415] befs: (loop9): invalid magic header
[  402.132446][T15430] netlink: 'syz.9.3596': attribute type 10 has an invalid length.
[  402.171711][T15430] team0: Port device dummy0 added
[  402.187623][T15430] netlink: 'syz.9.3596': attribute type 10 has an invalid length.
[  402.222542][T15430] team0: Port device dummy0 removed
[  402.233369][T15430] dummy0: entered promiscuous mode
[  402.237720][T15430] dummy0: entered allmulticast mode
[  402.248069][T15430] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  402.756010][T15440] UBIFS error (pid: 15440): cannot open "c:::", error -22
[  403.452004][T15448] loop9: detected capacity change from 0 to 8
[  403.668040][T15455] loop0: detected capacity change from 0 to 4096
[  403.684872][T15455] ntfs3(loop0): ino=1a, mi_enum_attr
[  403.686839][T15455] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  403.896251][ T6200] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  404.063516][ T6200] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  404.066989][ T6200] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.077523][ T6200] usb 10-1: config 0 descriptor??
[  404.085193][ T6200] cp210x 10-1:0.0: cp210x converter detected
[  404.655986][ T6200] usb 10-1: cp210x converter now attached to ttyUSB0
[  404.751481][ T6200] usb 10-1: USB disconnect, device number 11
[  404.758741][ T6200] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  404.770396][ T6200] cp210x 10-1:0.0: device disconnected
[  405.539140][T15529] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode active-backup(1)
[  405.701695][T15536] netlink: 104 bytes leftover after parsing attributes in process `syz.9.3642'.
[  406.335269][T15551] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3649'.
[  406.577150][T15565] netlink: 'syz.8.3656': attribute type 4 has an invalid length.
[  406.955467][T15581] loop0: detected capacity change from 0 to 256
[  406.973487][T15581] vfat: Unknown parameter 'shorwin95'
[  407.162680][T15585] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3665'.
[  407.168024][T15583] overlayfs: failed to clone upperpath
[  407.669386][T15617] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3681'.
[  407.737779][T15621] netlink: 'syz.8.3684': attribute type 5 has an invalid length.
[  407.849208][T15626] loop9: detected capacity change from 0 to 1024
[  408.340845][ T5913] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  408.509297][ T5913] usb 1-1: Using ep0 maxpacket: 16
[  408.515543][ T5913] usb 1-1: config 0 has an invalid interface number: 195 but max is 0
[  408.521852][ T5913] usb 1-1: config 0 has no interface number 0
[  408.528726][ T5913] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09
[  408.540110][ T5913] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.543850][ T5913] usb 1-1: Product: syz
[  408.545927][ T5913] usb 1-1: Manufacturer: syz
[  408.547871][ T5913] usb 1-1: SerialNumber: syz
[  408.563609][ T5913] usb 1-1: config 0 descriptor??
[  408.574020][ T5913] go7007 1-1:0.195: probe with driver go7007 failed with error -12
[  408.790210][ T5913] usb 1-1: USB disconnect, device number 6
[  409.102779][T15703] loop9: detected capacity change from 0 to 512
[  409.110189][T15703] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  409.135657][T15703] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #16: comm syz.9.3722: invalid indirect mapped block 4294967295 (level 0)
[  409.144366][T15703] EXT4-fs (loop9): Remounting filesystem read-only
[  409.147174][T15703] EXT4-fs (loop9): 1 orphan inode deleted
[  409.149353][T15703] EXT4-fs (loop9): 1 truncate cleaned up
[  409.153766][T15703] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.178808][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.283134][T15709] openvswitch: netlink: Flow key attribute not present in set flow.
[  409.328418][T15711] loop9: detected capacity change from 0 to 16
[  409.480203][T15711] erofs (device loop9): mounted with root inode @ nid 36.
[  410.075705][T15740] bridge0: port 4(erspan0) entered blocking state
[  410.152727][T15740] bridge0: port 4(erspan0) entered disabled state
[  410.215567][T15740] erspan0: entered allmulticast mode
[  410.289192][T15740] erspan0: entered promiscuous mode
[  410.304659][T15740] bridge0: port 4(erspan0) entered blocking state
[  410.309107][T15740] bridge0: port 4(erspan0) entered forwarding state
[  410.321193][T15742] erspan0: left allmulticast mode
[  410.322953][T15742] erspan0: left promiscuous mode
[  410.327656][T15742] bridge0: port 4(erspan0) entered disabled state
[  410.452824][T15738] loop0: detected capacity change from 0 to 32768
[  410.466509][T15738] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  410.528556][T15738] XFS (loop0): Ending clean mount
[  410.592467][T15746] loop9: detected capacity change from 0 to 32768
[  410.603943][T15738] XFS (loop0): Quotacheck needed: Please wait.
[  410.664802][T15746] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  410.675371][T15738] XFS (loop0): Quotacheck: Done.
[  410.710222][T15746] XFS (loop9): Ending clean mount
[  410.725033][T15746] XFS (loop9): Quotacheck needed: Please wait.
[  410.752110][T13737] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  410.776975][T15746] XFS (loop9): Quotacheck: Done.
[  410.898398][T12775] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  411.368190][T15794] nft_compat: unsupported protocol 5
[  411.406220][ T5913] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  411.695351][ T5913] usb 1-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  411.702345][ T5913] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  411.706195][ T5913] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.709324][ T5913] usb 1-1: Product: syz
[  411.710987][ T5913] usb 1-1: Manufacturer: syz
[  411.712801][ T5913] usb 1-1: SerialNumber: syz
[  412.033776][ T5913] comedi comedi5: Wrong number of endpoints
[  412.036490][ T5913] ni6501 1-1:5.0: driver 'ni6501' failed to auto-configure device.
[  412.045256][ T5913] usb 1-1: USB disconnect, device number 7
[  412.784624][T15833] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  412.788162][T15833] IPv6: NLM_F_CREATE should be set when creating new route
[  413.190336][T15841] loop9: detected capacity change from 0 to 32768
[  413.340666][T15841] ERROR: (device loop9): dbFindCtl: Corrupt dmapctl page
[  413.340666][T15841] 
[  413.345497][T15841] ERROR: (device loop9): remounting filesystem as read-only
[  413.348357][T15841] jfs_mkdir: dtInsert returned -EIO
[  413.359135][T15841] ERROR: (device loop9): jfs_mkdir: 
[  413.359135][T15841] 
[  413.987350][T15869] loop9: detected capacity change from 0 to 1024
[  414.032344][T15869] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  414.039253][T15869] ext4 filesystem being mounted at /357/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  414.066134][T15869] EXT4-fs error (device loop9): ext4_map_blocks:814: inode #15: comm syz.9.3791: lblock 0 mapped to illegal pblock 0 (length 1)
[  414.077063][T15869] EXT4-fs (loop9): Remounting filesystem read-only
[  414.084774][T15853] loop0: detected capacity change from 0 to 32768
[  414.129292][T15853] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  414.134731][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  414.180500][T15853] XFS (loop0): Ending clean mount
[  414.191106][T15853] XFS (loop0): Quotacheck needed: Please wait.
[  414.255174][T15853] XFS (loop0): Quotacheck: Done.
[  414.310386][T13737] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  414.626137][T15902] netlink: 'syz.8.3803': attribute type 1 has an invalid length.
[  414.629228][T15902] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3803'.
[  414.668416][T15894] loop9: detected capacity change from 0 to 32768
[  414.671365][T15904] netlink: 'syz.0.3798': attribute type 11 has an invalid length.
[  414.675411][T15894] btrfs: Deprecated parameter 'usebackuproot'
[  414.681097][T15894] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  414.685037][T15894] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3799 (15894)
[  414.709827][T15894] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  414.714971][T15894] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  414.778625][T13906] BTRFS warning (device loop9): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x32f839c6 level 0
[  414.789539][T15894] BTRFS warning (device loop9): couldn't read tree root
[  414.801306][T15894] BTRFS warning (device loop9): try to load backup roots slot 1
[  414.819028][T11521] BTRFS warning (device loop9): checksum verify failed on logical 5316608 mirror 1 wanted 0x5387c9d6 found 0xc5289bf1 level 0
[  414.825299][T15894] BTRFS error (device loop9): failed to load root extent
[  414.831583][T15894] BTRFS warning (device loop9): try to load backup roots slot 2
[  414.835270][T13906] BTRFS error (device loop9): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  414.843654][T15894] BTRFS warning (device loop9): couldn't read tree root
[  414.846339][T15894] BTRFS warning (device loop9): try to load backup roots slot 3
[  414.878250][T15894] BTRFS info (device loop9): rebuilding free space tree
[  414.922515][T15894] BTRFS info (device loop9): checking UUID tree
[  414.931231][T15894] BTRFS info (device loop9): allowing degraded mounts
[  414.943025][T15894] BTRFS info (device loop9): enabling ssd optimizations
[  414.946412][T15894] BTRFS info (device loop9): enabling free space tree
[  414.953871][T15894] BTRFS info (device loop9): force clearing of disk cache
[  414.962509][T15894] BTRFS info (device loop9): trying to use backup root at mount time
[  414.985483][T15894] BTRFS info (device loop9): use zlib compression, level 3
[  415.085499][T12775] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  415.319894][T15945] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3815'.
[  415.326540][T15945] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  415.328654][T15945] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  415.494388][T15949] overlayfs: failed to resolve './file1': -2
[  415.639863][ T2298] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  415.819613][ T2298] usb 10-1: config 0 has no interfaces?
[  415.822244][ T2298] usb 10-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  415.825925][ T2298] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.833527][ T2298] usb 10-1: config 0 descriptor??
[  415.911130][T15968] tmpfs: Bad value for 'mpol'
[  416.370676][ T5898] usb 10-1: USB disconnect, device number 12
[  416.533837][T15991] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3831'.
[  416.617880][T15993] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  416.998390][ T5885] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  417.192596][ T5885] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.199620][ T5885] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.204117][ T5885] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  417.218229][ T5885] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.227266][ T5885] usb 1-1: config 0 descriptor??
[  417.693518][T16023] cgroup: No subsys list or none specified
[  418.130262][ T5885] hid-led 0003:27B8:01ED.000E: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.0-1/input0
[  418.157305][ T5885] hid-led 0003:27B8:01ED.000E: ThingM blink(1) v1 initialized
[  418.677540][ T6200] usb 1-1: USB disconnect, device number 8
[  418.723322][T16036] loop9: detected capacity change from 0 to 1024
[  418.750187][T16036] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  418.766669][   T33] kauditd_printk_skb: 45 callbacks suppressed
[  418.766683][   T33] audit: type=1800 audit(1758775040.479:639): pid=16036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3851" name="bus" dev="loop9" ino=18 res=0 errno=0
[  418.808536][T16036] EXT4-fs error (device loop9): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  418.857890][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.127803][T16055] cifs: Unknown parameter 'no'aN[Gzob,er;%j
[  419.127803][T16055] z,@qJ#"h/.W1ȱnNC"C׈E)8+1<;8+`#'
[  420.727191][T16089] loop0: detected capacity change from 0 to 1024
[  421.197840][T16089] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.791226][T16097] fuse: Unknown parameter 'euid'
[  422.587212][T16103] netlink: 196 bytes leftover after parsing attributes in process `syz.8.3875'.
[  422.810670][T13737] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.934034][T16111] netlink: 'syz.0.3878': attribute type 4 has an invalid length.
[  424.468450][T16125] loop9: detected capacity change from 0 to 128
[  424.484303][T16125] FAT-fs (loop9): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  424.685929][T16136] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3887'.
[  424.788848][T16140] netlink: 212388 bytes leftover after parsing attributes in process `syz.0.3890'.
[  424.796243][T16140] openvswitch: netlink: Message has 5 unknown bytes.
[  424.932483][T16144] loop0: detected capacity change from 0 to 4096
[  425.827895][ T2298] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  425.988253][ T2298] usb 1-1: Using ep0 maxpacket: 16
[  426.001278][ T2298] usb 1-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=41.ba
[  426.009583][ T2298] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.012924][ T2298] usb 1-1: Product: syz
[  426.014928][ T2298] usb 1-1: Manufacturer: syz
[  426.024927][ T2298] usb 1-1: SerialNumber: syz
[  426.042514][ T2298] usb 1-1: config 0 descriptor??
[  426.162659][T16179] CIFS mount error: No usable UNC path provided in device string!
[  426.162659][T16179] 
[  426.166866][T16179] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  426.277816][ T2298] snd-usb-hiface 1-1:0.0: probe with driver snd-usb-hiface failed with error -22
[  426.287763][ T6200] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  426.458571][ T6200] usb 10-1: Using ep0 maxpacket: 8
[  426.462137][ T6200] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  426.464825][ T6200] usb 10-1: config 179 has no interface number 0
[  426.466946][ T6200] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  426.474488][ T6200] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  426.478106][ T6200] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  426.482313][ T6200] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  426.486586][ T6200] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  426.498377][ T5898] usb 1-1: USB disconnect, device number 9
[  426.501546][ T6200] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  426.504707][ T6200] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.511403][T16173] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  426.969561][ T2298] usb 10-1: USB disconnect, device number 13
[  426.969636][    C1] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  426.975098][    C1] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  428.050124][T16225] loop0: detected capacity change from 0 to 4096
[  428.065860][T16225] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  428.091141][T16225] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  428.099878][T16227] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3931'.
[  428.231978][T16229] smc: net device bond0 applied user defined pnetid SYZ2
[  428.481149][T16237] sch_tbf: burst 8128 is lower than device ip6_vti0 mtu (39785) !
[  428.968078][T16253] 9pnet: Could not find request transport: fd0x0000000000000003
[  430.373516][T16275] loop0: detected capacity change from 0 to 40427
[  430.383297][T16275] F2FS-fs (loop0): Image doesn't support compression
[  430.385807][T16275] F2FS-fs (loop0): build fault injection type: 0x35f7
[  430.396362][T16275] F2FS-fs (loop0): invalid crc value
[  430.496930][T16275] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  430.504202][T16275] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  430.987984][T16300] loop0: detected capacity change from 0 to 256
[  431.022730][T16300] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[  431.042404][T16300] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  431.173232][ T6200] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  431.243347][T16306] loop0: detected capacity change from 0 to 1024
[  431.336160][ T6200] usb 10-1: config 27 interface 0 altsetting 0 has an endpoint descriptor with address 0x98, changing to 0x88
[  431.340804][ T6200] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  431.346970][ T6200] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11
[  431.351444][ T6200] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024
[  431.363768][ T6200] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  431.372315][ T6200] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.386419][T16295] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  431.401307][ T6200] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  431.546663][T16311] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  431.552808][T16311] block device autoloading is deprecated and will be removed.
[  431.610682][ T2298] usb 10-1: USB disconnect, device number 14
[  431.614717][T16310] md2: using deprecated bitmap file support
[  431.617381][T16310] md2: error: bitmap file is already in use
[  432.015200][T16330] netlink: 'syz.0.3975': attribute type 2 has an invalid length.
[  432.371566][T16349] loop0: detected capacity change from 0 to 512
[  432.375459][T16349] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  432.389938][T16349] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.3984: Invalid block bitmap block 0 in block_group 0
[  432.410113][T16349] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  432.413688][T16349] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #11: comm syz.0.3984: attempt to clear invalid blocks 983261 len 1
[  432.418680][T16349] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.3984: Invalid inode table block 0 in block_group 0
[  432.430985][T16349] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  432.434942][T16349] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[  432.438582][T16349] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.3984: Invalid inode table block 0 in block_group 0
[  432.443528][T16349] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  432.447873][T16349] EXT4-fs error (device loop0): ext4_truncate:4666: inode #11: comm syz.0.3984: mark_inode_dirty error
[  432.451883][T16349] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[  432.455681][T16349] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.3984: Invalid inode table block 0 in block_group 0
[  432.461315][T16349] EXT4-fs (loop0): 1 truncate cleaned up
[  432.464015][T16349] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  432.479662][ T5898] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  432.485850][T16349] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  432.511823][T13737] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.639081][ T5898] usb 10-1: Using ep0 maxpacket: 8
[  432.642936][ T5898] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  432.647413][ T5898] usb 10-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00
[  432.651341][ T5898] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.662742][ T5898] usb 10-1: config 0 descriptor??
[  432.771055][T16353] loop0: detected capacity change from 0 to 32768
[  432.911186][    C0] vkms_vblank_simulate: vblank timer overrun
[  433.127368][ T5898] sony 0003:1345:3008.000F: hiddev0,hidraw0: USB HID v80.07 Device [HID 1345:3008] on usb-dummy_hcd.9-1/input0
[  433.147358][ T5898] sony 0003:1345:3008.000F: failed to claim input
[  433.155177][   T33] audit: type=1326 audit(1758775053.939:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16360 comm="syz.0.3989" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5cf6f8ec29 code=0x0
[  433.320184][ T5885] usb 10-1: USB disconnect, device number 15
[  433.348071][T16367] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3992'.
[  433.718507][T16369] loop0: detected capacity change from 0 to 32768
[  433.734057][T16369] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  433.760949][T16369] XFS (loop0): Ending clean mount
[  433.768524][T16369] XFS (loop0): Quotacheck needed: Please wait.
[  433.809158][T16369] XFS (loop0): Quotacheck: Done.
[  433.838199][T13737] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  434.402242][T16407] netlink: 'syz.8.4009': attribute type 9 has an invalid length.
[  434.408778][T16407] netlink: 200108 bytes leftover after parsing attributes in process `syz.8.4009'.
[  434.417518][T16407] openvswitch: netlink: Message has 5 unknown bytes.
[  434.629063][ T5885] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  434.689367][T16420] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4014'.
[  434.787071][ T5885] usb 10-1: Using ep0 maxpacket: 16
[  434.797509][ T5885] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  434.805211][ T5885] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  434.809810][ T5885] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  434.815560][ T5885] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  434.819823][ T5885] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.838355][ T5885] usb 10-1: config 0 descriptor??
[  435.338866][ T5885] microsoft 0003:045E:07DA.0010: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.9-1/input0
[  435.354771][ T5885] microsoft 0003:045E:07DA.0010: no inputs found
[  435.374615][ T5885] microsoft 0003:045E:07DA.0010: could not initialize ff, continuing anyway
[  435.577003][ T5885] usb 10-1: USB disconnect, device number 16
[  436.109007][T16443] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4025'.
[  436.113201][T16443] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4025'.
[  436.118793][T16443] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4025'.
[  436.749005][T16480] loop9: detected capacity change from 0 to 2048
[  436.769656][T16480] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  437.155108][ T5885] usb 10-1: new full-speed USB device number 17 using dummy_hcd
[  437.504654][ T2298] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  437.673161][ T2298] usb 1-1: Using ep0 maxpacket: 16
[  437.678789][ T2298] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  437.681952][ T2298] usb 1-1: config 0 has no interface number 0
[  437.685490][ T2298] usb 1-1: config 0 interface 2 altsetting 0 has an endpoint descriptor with address 0xBC, changing to 0x8C
[  437.689969][ T2298] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7
[  437.694696][ T5885] usb 10-1: not running at top speed; connect to a high speed hub
[  437.697941][ T2298] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[  437.703045][ T5885] usb 10-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  437.708014][ T5885] usb 10-1: config 1 interface 0 has no altsetting 0
[  437.711680][ T2298] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[  437.715288][ T2298] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  437.718609][ T2298] usb 1-1: Product: syz
[  437.720432][ T2298] usb 1-1: SerialNumber: syz
[  437.723923][ T5885] usb 10-1: New USB device found, idVendor=046d, idProduct=c227, bcdDevice= 0.40
[  437.727696][ T5885] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.731345][ T5885] usb 10-1: Product: syz
[  437.733070][ T5885] usb 10-1: Manufacturer: syz
[  437.736208][ T5885] usb 10-1: SerialNumber: syz
[  437.739518][ T2298] usb 1-1: config 0 descriptor??
[  437.982036][ T2298] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  437.990270][ T2298] usb 1-1: invalid MIDI out EP 0
[  437.994817][ T5885] usbhid 10-1:1.0: can't add hid device: -71
[  437.997639][ T5885] usbhid 10-1:1.0: probe with driver usbhid failed with error -71
[  438.011250][ T5885] usb 10-1: USB disconnect, device number 17
[  438.046858][ T2298] snd-usb-audio 1-1:0.2: probe with driver snd-usb-audio failed with error -22
[  438.054024][ T2298] usb 1-1: USB disconnect, device number 10
[  438.071325][ T7968] udevd[7968]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  438.991495][T16522] netlink: 116 bytes leftover after parsing attributes in process `syz.9.4061'.
[  439.131106][T16526] batadv_slave_1: entered promiscuous mode
[  439.152831][T16531] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4063'.
[  439.293839][T16534] loop0: detected capacity change from 0 to 8
[  439.310446][T16535] loop9: detected capacity change from 0 to 256
[  439.332822][T16525] batadv_slave_1: left promiscuous mode
[  439.364639][T16534] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  439.420086][T16535] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x311d6643, utbl_chksum : 0xe619d30d)
[  439.428957][T16531] cramfs: bad data blocksize 4294934200
[  439.439603][T16531] cramfs: bad data blocksize 4294934200
[  439.442437][   T33] audit: type=1800 audit(1758775059.823:641): pid=16531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4063" name="file1" dev="loop0" ino=33092 res=0 errno=0
[  439.443801][T16535] exFAT-fs (loop9): valid_size(150994954) is greater than size(10)
[  439.464892][   T33] audit: type=1800 audit(1758775059.832:642): pid=16535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.4066" name="file1" dev="loop9" ino=1048703 res=0 errno=0
[  440.512262][T16554] netlink: 212376 bytes leftover after parsing attributes in process `syz.8.4075'.
[  440.856688][T16574] sit0: entered promiscuous mode
[  440.863855][T16574] netlink: 'syz.8.4084': attribute type 1 has an invalid length.
[  440.866322][T16574] netlink: 1 bytes leftover after parsing attributes in process `syz.8.4084'.
[  440.905739][T16576] tap0: tun_chr_ioctl cmd 1074025677
[  440.907570][T16576] tap0: linktype set to 804
[  441.141580][T16588] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4091'.
[  441.244825][ T5898] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  441.261795][T16594] loop0: detected capacity change from 0 to 764
[  441.417387][ T5898] usb 10-1: Using ep0 maxpacket: 16
[  441.421704][ T5898] usb 10-1: config 0 has an invalid interface number: 230 but max is 0
[  441.425061][ T5898] usb 10-1: config 0 has no interface number 0
[  441.428659][ T5898] usb 10-1: config 0 interface 230 altsetting 2 bulk endpoint 0x8 has invalid maxpacket 8
[  441.433828][ T5898] usb 10-1: config 0 interface 230 altsetting 2 endpoint 0x1 has invalid maxpacket 447, setting to 64
[  441.443559][ T5898] usb 10-1: config 0 interface 230 has no altsetting 0
[  441.455398][ T5898] usb 10-1: New USB device found, idVendor=157e, idProduct=3007, bcdDevice=65.eb
[  441.463136][ T5898] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.466857][ T5898] usb 10-1: Product: syz
[  441.470995][ T5898] usb 10-1: Manufacturer: syz
[  441.473062][ T5898] usb 10-1: SerialNumber: syz
[  441.480345][ T5898] usb 10-1: config 0 descriptor??
[  441.483150][T16580] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  441.491682][ T5898] usb 10-1: Could not find all expected endpoints
[  441.700123][T16607] netlink: 'syz.8.4101': attribute type 10 has an invalid length.
[  441.711117][ T5885] usb 10-1: USB disconnect, device number 18
[  441.743745][T16607] bond_slave_0: entered promiscuous mode
[  441.746484][T16607] bond_slave_1: entered promiscuous mode
[  441.748837][T16607] mac80211_hwsim hwsim19 wlan1: entered promiscuous mode
[  441.758241][T16610] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4101'.
[  441.762898][T16607] team0: Port device bond0 added
[  441.805037][T16610] team_slave_0: left promiscuous mode
[  441.807643][T16610] team_slave_1: left promiscuous mode
[  441.810050][T16610] bond_slave_0: left promiscuous mode
[  441.812440][T16610] bond_slave_1: left promiscuous mode
[  441.814758][T16610] mac80211_hwsim hwsim19 wlan1: left promiscuous mode
[  442.257284][T16610] team0 (unregistering): Port device team_slave_0 removed
[  442.267976][T16610] team0 (unregistering): Port device team_slave_1 removed
[  442.285667][T16610] team0 (unregistering): Port device bond0 removed
[  442.897947][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  443.205521][T16645] loop0: detected capacity change from 0 to 256
[  443.220142][T16645] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  443.269483][T16645] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  443.273213][T16645] FAT-fs (loop0): Filesystem has been set read-only
[  443.380573][T16653] loop9: detected capacity change from 0 to 2048
[  443.410444][T16653] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  443.435478][T16653] EXT4-fs error (device loop9): ext4_find_inline_data_nolock:169: inode #12: comm syz.9.4121: inline data xattr refers to an external xattr inode
[  443.453145][T16653] EXT4-fs (loop9): Remounting filesystem read-only
[  443.493283][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.610926][T16668] loop0: detected capacity change from 0 to 512
[  443.642300][T16668] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.649464][T16668] ext4 filesystem being mounted at /342/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  443.695417][T16672] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  443.722127][T13737] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.808213][T16678] netlink: 96 bytes leftover after parsing attributes in process `syz.9.4131'.
[  444.792711][T16737] netlink: 'syz.8.4157': attribute type 3 has an invalid length.
[  444.808357][T16737] netlink: 'syz.8.4157': attribute type 3 has an invalid length.
[  445.253026][ T6200] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  445.440044][T16763] loop0: detected capacity change from 0 to 1024
[  445.453319][ T6200] usb 10-1: Using ep0 maxpacket: 8
[  445.458554][ T6200] usb 10-1: config index 0 descriptor too short (expected 30, got 18)
[  445.468937][ T6200] usb 10-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  445.474720][ T6200] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.482098][ T6200] usb 10-1: Product: syz
[  445.483489][ T6200] usb 10-1: Manufacturer: syz
[  445.485130][ T6200] usb 10-1: SerialNumber: syz
[  445.486315][T16763] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  445.493981][ T6200] usb 10-1: config 0 descriptor??
[  445.495433][T16763] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  445.502863][ T6200] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  445.510265][ T6200] usb 10-1: setting power ON
[  445.511933][ T6200] dvb-usb: bulk message failed: -22 (2/0)
[  445.520420][ T6200] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  445.535334][ T6200] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  445.539630][ T6200] usb 10-1: media controller created
[  445.593166][T16766] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 2: comm syz.0.4168: lblock 2 mapped to illegal pblock 2 (length 4)
[  445.597339][ T6200] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  445.632904][T16658] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  445.666044][ T6200] usb 10-1: selecting invalid altsetting 6
[  445.668778][ T6200] usb 10-1: digital interface selection failed (-22)
[  445.673090][ T6200] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  445.679316][ T6200] usb 10-1: setting power OFF
[  445.685103][ T6200] dvb-usb: bulk message failed: -22 (2/0)
[  445.688563][ T6200] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  445.692169][ T6200] (NULL device *): no alternate interface
[  445.720727][ T6200] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  445.791488][ T6200] usb 10-1: USB disconnect, device number 19
[  445.994072][T13737] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  446.450285][T16790] loop9: detected capacity change from 0 to 512
[  446.450902][ T6411] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  446.456168][T16790] EXT4-fs (loop9): orphan cleanup on readonly fs
[  446.458896][T16790] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -13
[  446.467277][T16790] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  446.480527][T16790] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #13: comm syz.9.4180: attempt to clear invalid blocks 2 len 1
[  446.490404][T16790] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.4180: invalid indirect mapped block 1819239214 (level 0)
[  446.497301][T16790] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.4180: invalid indirect mapped block 1819239214 (level 1)
[  446.502987][T16790] EXT4-fs (loop9): 1 truncate cleaned up
[  446.507382][T16790] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  446.577069][T16790] EXT4-fs error (device loop9): __ext4_remount:6740: comm syz.9.4180: Abort forced by user
[  446.590304][T16790] EXT4-fs (loop9): Remounting filesystem read-only
[  446.592879][T16790] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000.
[  446.612591][T12775] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.674614][ T6411] usb 1-1: Using ep0 maxpacket: 8
[  446.699611][ T6411] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  446.703006][ T6411] usb 1-1: config 179 has no interface number 0
[  446.706038][ T6411] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  446.721704][ T6411] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  446.726181][ T6411] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  446.745763][ T6411] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  446.758709][ T6411] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  446.764658][ T6411] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  446.768415][ T6411] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.781033][T16774] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  447.150597][T16797] loop9: detected capacity change from 0 to 32768
[  447.155338][T16797] bcachefs (/dev/loop9): error validating superblock: Invalid superblock section members_v2: device 0: bucket size 0 smaller than block size 8
[  447.155338][T16797] members_v2 (size 152):
[  447.155338][T16797] Device:                        0
[  447.155338][T16797]   Label:                       (none)
[  447.155338][T16797]   UUID:                        7af6772b-00de-4159-84cd-1faead05aceb
[  447.155338][T16797]   Size:                        0
[  447.155338][T16797]   read errors:                 0
[  447.155338][T16797]   write errors:                0
[  447.155338][T16797]   checksum errors:             0
[  447.155338][T16797]   seqread iops:                0
[  447.155338][T16797]   seqwrite iops:               0
[  447.155338][T16797]   randread iops:               0
[  447.155338][T16797]   randwrite iops:              0
[  447.155338][T16797]   Bucket size:                 0
[  447.155338][T16797]   First bucket:                0
[  447.155338][T16797]   Buckets:                     128
[  447.155338][T16797]   Last mount:                  1714681267
[  447.155338][T16797]   Last superblock write:       42
[  447.155338][T16797]   State:                       rw
[  447.155338][T16797]   Data allowed:                journal,btree,user
[  447.155338][T16797]   Has data:                    btree
[  447.155338][T16797]   Btree allocated bitmap blocksize:128
[  447.155338][T16797]   Btree allocated bitmap:      0000000000000000000001000010000010011000000000000000000000000000
[  447.155338][T16797]   Durability:        
[  447.155661][T16797] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  447.575191][ T6411] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  447.678369][ T5885] usb 1-1: USB disconnect, device number 11
[  447.680707][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  447.680741][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  447.745929][ T6411] usb 10-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[  447.755531][ T6411] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  447.765155][ T6411] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  447.772373][ T6411] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  447.775151][ T6411] usb 10-1: SerialNumber: syz
[  448.016811][ T6411] usb 10-1: 0:2 : does not exist
[  448.031703][ T6411] usb 10-1: 5:0: failed to get current value for ch 1 (-22)
[  448.061486][ T6411] usb 10-1: USB disconnect, device number 20
[  448.096835][ T6073] udevd[6073]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  448.525558][T16846] netlink: 'syz.8.4206': attribute type 4 has an invalid length.
[  448.532901][T16846] netlink: 'syz.8.4206': attribute type 4 has an invalid length.
[  448.819526][T16852] loop9: detected capacity change from 0 to 4096
[  448.843891][T16853] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  449.652995][T16881] loop9: detected capacity change from 0 to 1024
[  449.732770][   T34] INFO: task syz.7.2358:12394 blocked for more than 143 seconds.
[  449.735902][   T34]       Not tainted syzkaller #0
[  449.742238][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  449.750511][   T34] task:syz.7.2358      state:D stack:23640 pid:12394 tgid:12393 ppid:8267   task_flags:0x400140 flags:0x00004004
[  449.757852][   T34] Call Trace:
[  449.759810][   T34]  <TASK>
[  449.761753][   T34]  __schedule+0x1798/0x4cc0
[  449.766057][   T34]  ? validate_chain+0x897/0x2140
[  449.770460][   T34]  ? __lock_acquire+0xab9/0xd20
[  449.774359][   T34]  ? __pfx___schedule+0x10/0x10
[  449.778930][   T34]  ? schedule+0x91/0x360
[  449.780831][   T34]  schedule+0x165/0x360
[  449.782685][   T34]  schedule_timeout+0x9a/0x270
[  449.784762][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  449.787253][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  449.789516][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  449.791714][   T34]  ? wait_for_completion+0x267/0x5d0
[  449.793954][   T34]  wait_for_completion+0x2bf/0x5d0
[  449.796361][   T34]  ? __pfx_wait_for_completion+0x10/0x10
[  449.798703][   T34]  ? up_write+0x1c4/0x420
[  449.800543][   T34]  ? remove_client_context+0xc0/0x1e0
[  449.802767][   T34]  disable_device+0x1c6/0x320
[  449.804772][   T34]  ? __pfx_disable_device+0x10/0x10
[  449.807136][   T34]  __ib_unregister_device+0x2cb/0x3f0
[  449.809424][   T34]  ? __pfx_ib_device_get_by_index+0x10/0x10
[  449.811906][   T34]  ib_unregister_device_and_put+0xb8/0xf0
[  449.814306][   T34]  nldev_dellink+0x2d1/0x320
[  449.816296][   T34]  ? __pfx_nldev_dellink+0x10/0x10
[  449.818836][   T34]  ? apparmor_capable+0x137/0x1b0
[  449.821010][   T34]  ? bpf_lsm_capable+0x9/0x20
[  449.823013][   T34]  ? security_capable+0x7e/0x2e0
[  449.825119][   T34]  ? __pfx_nldev_dellink+0x10/0x10
[  449.827298][   T34]  rdma_nl_rcv+0x6ae/0x980
[  449.830840][   T34]  ? __pfx_rdma_nl_rcv+0x10/0x10
[  449.833039][   T34]  ? __lock_acquire+0xab9/0xd20
[  449.835130][   T34]  ? netlink_deliver_tap+0x2e/0x1b0
[  449.837464][   T34]  netlink_unicast+0x82f/0x9e0
[  449.839705][   T34]  ? __pfx_netlink_unicast+0x10/0x10
[  449.842078][   T34]  ? netlink_sendmsg+0x642/0xb30
[  449.844292][   T34]  ? skb_put+0x11b/0x210
[  449.846225][   T34]  netlink_sendmsg+0x805/0xb30
[  449.848379][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  449.850722][   T34]  ? aa_sock_msg_perm+0xf1/0x1d0
[  449.852914][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  449.855202][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  449.857539][   T34]  __sock_sendmsg+0x21c/0x270
[  449.859583][   T34]  ____sys_sendmsg+0x505/0x830
[  449.861690][   T34]  ? __pfx_____sys_sendmsg+0x10/0x10
[  449.863950][   T34]  ? import_iovec+0x74/0xa0
[  449.865970][   T34]  ___sys_sendmsg+0x21f/0x2a0
[  449.868050][   T34]  ? __pfx____sys_sendmsg+0x10/0x10
[  449.870329][   T34]  ? __fget_files+0x2a/0x420
[  449.872380][   T34]  ? __fget_files+0x3a0/0x420
[  449.874455][   T34]  __x64_sys_sendmsg+0x19b/0x260
[  449.876672][   T34]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  449.879036][   T34]  ? rcu_is_watching+0x15/0xb0
[  449.881751][   T34]  ? do_syscall_64+0xbe/0x3b0
[  449.883857][   T34]  do_syscall_64+0xfa/0x3b0
[  449.885868][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  449.888206][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.890747][   T34]  ? exc_page_fault+0x9f/0xf0
[  449.892875][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.895421][   T34] RIP: 0033:0x7f6037d8ec29
[  449.897413][   T34] RSP: 002b:00007f6038b7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  449.900906][   T34] RAX: ffffffffffffffda RBX: 00007f6037fd5fa0 RCX: 00007f6037d8ec29
[  449.904299][   T34] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  449.907722][   T34] RBP: 00007f6037e11e41 R08: 0000000000000000 R09: 0000000000000000
[  449.911100][   T34] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  449.914595][   T34] R13: 00007f6037fd6038 R14: 00007f6037fd5fa0 R15: 00007ffd0e5973e8
[  449.917903][   T34]  </TASK>
[  449.919355][   T34] 
[  449.919355][   T34] Showing all locks held in the system:
[  449.922667][   T34] 1 lock held by khungtaskd/34:
[  449.927672][   T34]  #0: ffffffff8e13a0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  449.932342][   T34] 2 locks held by getty/5672:
[  449.934402][   T34]  #0: ffff88802508f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  449.938563][   T34]  #1: ffffc900029062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  449.942819][   T34] 4 locks held by kworker/u8:3/5878:
[  449.945125][   T34]  #0: ffff88801b2f7148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  449.951297][   T34]  #1: ffffc900043dfbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  449.955574][   T34]  #2: ffffffff8f52d2d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  449.959533][   T34]  #3: ffff88803b6ec700 (&device->unregistration_lock){+.+.}-{4:4}, at: rdma_dev_change_netns+0x39/0x300
[  449.964359][   T34] 2 locks held by syz.7.2358/12394:
[  449.966635][   T34]  #0: ffffffff99e6f958 (&rdma_nl_types[idx].sem){.+.+}-{4:4}, at: rdma_nl_rcv+0x302/0x980
[  449.970882][   T34]  #1: ffff88803b6ec700 (&device->unregistration_lock){+.+.}-{4:4}, at: __ib_unregister_device+0x284/0x3f0
[  449.975587][   T34] 
[  449.976721][   T34] =============================================
[  449.976721][   T34] 
[  449.980273][   T34] NMI backtrace for cpu 0
[  449.980286][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  449.980329][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  449.980337][   T34] Call Trace:
[  449.980345][   T34]  <TASK>
[  449.980353][   T34]  dump_stack_lvl+0x189/0x250
[  449.980376][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  449.980393][   T34]  ? __pfx__printk+0x10/0x10
[  449.980418][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  449.980440][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  449.980461][   T34]  ? __pfx__printk+0x10/0x10
[  449.980490][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  449.980513][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  449.980535][   T34]  watchdog+0xf93/0xfe0
[  449.980555][   T34]  ? watchdog+0x1de/0xfe0
[  449.980576][   T34]  kthread+0x711/0x8a0
[  449.980594][   T34]  ? __pfx_watchdog+0x10/0x10
[  449.980610][   T34]  ? __pfx_kthread+0x10/0x10
[  449.980625][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  449.980643][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  449.980655][   T34]  ? __pfx_kthread+0x10/0x10
[  449.980673][   T34]  ret_from_fork+0x439/0x7d0
[  449.980689][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  449.980707][   T34]  ? __switch_to_asm+0x39/0x70
[  449.980722][   T34]  ? __switch_to_asm+0x33/0x70
[  449.980738][   T34]  ? __pfx_kthread+0x10/0x10
[  449.980755][   T34]  ret_from_fork_asm+0x1a/0x30
[  449.980783][   T34]  </TASK>
[  449.980790][   T34] Sending NMI from CPU 0 to CPUs 1:
[  450.042072][    C1] NMI backtrace for cpu 1
[  450.042088][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  450.042098][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  450.042104][    C1] RIP: 0010:try_to_wake_up+0x318/0x12b0
[  450.042120][    C1] Code: bd 28 0a 00 00 be ff ff ff ff e8 33 89 e9 09 85 c0 0f 84 77 05 00 00 4c 8d b5 18 04 00 00 4c 89 f0 48 c1 e8 03 42 0f b6 04 20 <84> c0 0f 85 ee 06 00 00 41 83 3e 02 7c 26 4c 8d b5 40 04 00 00 4c
[  450.042127][    C1] RSP: 0018:ffffc900001e0b20 EFLAGS: 00000806
[  450.042138][    C1] RAX: 0000000000000000 RBX: 1ffff1102265dad5 RCX: a31bfbe881d07500
[  450.042146][    C1] RDX: 0000000000000000 RSI: ffffffff8dba9963 RDI: ffffffff8be33f80
[  450.042153][    C1] RBP: ffff8881132ed640 R08: ffffffff8fa3a737 R09: 1ffffffff1f474e6
[  450.042160][    C1] R10: dffffc0000000000 R11: fffffbfff1f474e7 R12: dffffc0000000000
[  450.042168][    C1] R13: 1ffff1102265dacb R14: ffff8881132eda58 R15: 0000000000000001
[  450.042175][    C1] FS:  0000000000000000(0000) GS:ffff8881a3c13000(0000) knlGS:0000000000000000
[  450.042182][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  450.042190][    C1] CR2: 00007ffe87927e68 CR3: 000000010a9f4000 CR4: 00000000000006f0
[  450.042221][    C1] Call Trace:
[  450.042231][    C1]  <IRQ>
[  450.042241][    C1]  call_timer_fn+0x17e/0x5f0
[  450.042261][    C1]  ? __pfx_process_timeout+0x10/0x10
[  450.042273][    C1]  ? call_timer_fn+0xbe/0x5f0
[  450.042286][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  450.042348][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  450.042364][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  450.042373][    C1]  ? __pfx_process_timeout+0x10/0x10
[  450.042383][    C1]  __run_timer_base+0x61a/0x860
[  450.042395][    C1]  ? ktime_get+0x3e/0x1f0
[  450.042411][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  450.042422][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  450.042438][    C1]  run_timer_softirq+0xb7/0x180
[  450.042450][    C1]  handle_softirqs+0x286/0x870
[  450.042464][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  450.042476][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  450.042488][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  450.042503][    C1]  __irq_exit_rcu+0xca/0x1f0
[  450.042513][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  450.042526][    C1]  irq_exit_rcu+0x9/0x30
[  450.042536][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  450.042548][    C1]  </IRQ>
[  450.042552][    C1]  <TASK>
[  450.042557][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  450.042571][    C1] RIP: 0010:finish_task_switch+0x26b/0x950
[  450.042587][    C1] Code: 0f 84 3c 01 00 00 48 85 db 0f 85 63 01 00 00 0f 1f 44 00 00 4c 8b 75 d0 4c 89 e7 e8 df d6 eb 09 e8 1a 40 36 00 fb 4c 8b 65 c0 <49> 8d bc 24 18 16 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0
[  450.042598][    C1] RSP: 0018:ffffc90000177b58 EFLAGS: 00000282
[  450.042607][    C1] RAX: a31bfbe881d07500 RBX: 0000000000000000 RCX: a31bfbe881d07500
[  450.042615][    C1] RDX: 0000000000000000 RSI: ffffffff8d9ba2fc RDI: ffffffff8be33f80
[  450.042622][    C1] RBP: ffffc90000177bb0 R08: ffffffff8fa3a737 R09: 1ffffffff1f474e6
[  450.042631][    C1] R10: dffffc0000000000 R11: fffffbfff1f474e7 R12: ffff8881000f8000
[  450.042638][    C1] R13: dffffc0000000000 R14: ffff88802111b980 R15: ffff88813663ab58
[  450.042673][    C1]  ? finish_task_switch+0x266/0x950
[  450.042690][    C1]  __schedule+0x17a0/0x4cc0
[  450.042702][    C1]  ? seqcount_lockdep_reader_access+0x15e/0x1c0
[  450.042717][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  450.042730][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  450.042741][    C1]  ? rcu_needs_cpu+0x6a/0xb0
[  450.042752][    C1]  ? __pfx___schedule+0x10/0x10
[  450.042764][    C1]  ? flush_smp_call_function_queue+0x116/0x250
[  450.042776][    C1]  ? __pfx_tick_nohz_idle_exit+0x10/0x10
[  450.042789][    C1]  schedule_idle+0x52/0x90
[  450.042799][    C1]  do_idle+0x4ad/0x510
[  450.042818][    C1]  ? __pfx_do_idle+0x10/0x10
[  450.042827][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  450.042843][    C1]  cpu_startup_entry+0x44/0x60
[  450.042853][    C1]  start_secondary+0x101/0x110
[  450.042869][    C1]  common_startup_64+0x13e/0x147
[  450.042886][    C1]  </TASK>
[  450.043085][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  450.201524][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  450.205086][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  450.209022][   T34] Call Trace:
[  450.210408][   T34]  <TASK>
[  450.211602][   T34]  dump_stack_lvl+0x99/0x250
[  450.213474][   T34]  ? __asan_memcpy+0x40/0x70
[  450.215492][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  450.217571][   T34]  ? __pfx__printk+0x10/0x10
[  450.219492][   T34]  vpanic+0x281/0x750
[  450.221119][   T34]  ? __pfx_vpanic+0x10/0x10
[  450.223027][   T34]  ? preempt_schedule+0xae/0xc0
[  450.225098][   T34]  ? preempt_schedule_common+0x83/0xd0
[  450.227315][   T34]  panic+0xb9/0xc0
[  450.228858][   T34]  ? __pfx_panic+0x10/0x10
[  450.230711][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  450.232952][   T34]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  450.235535][   T34]  watchdog+0xfd2/0xfe0
[  450.237318][   T34]  ? watchdog+0x1de/0xfe0
[  450.239132][   T34]  kthread+0x711/0x8a0
[  450.240856][   T34]  ? __pfx_watchdog+0x10/0x10
[  450.242818][   T34]  ? __pfx_kthread+0x10/0x10
[  450.244780][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  450.246912][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  450.249113][   T34]  ? __pfx_kthread+0x10/0x10
[  450.251043][   T34]  ret_from_fork+0x439/0x7d0
[  450.252998][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  450.255095][   T34]  ? __switch_to_asm+0x39/0x70
[  450.257022][   T34]  ? __switch_to_asm+0x33/0x70
[  450.258848][   T34]  ? __pfx_kthread+0x10/0x10
[  450.260705][   T34]  ret_from_fork_asm+0x1a/0x30
[  450.262645][   T34]  </TASK>
[  450.264615][   T34] Kernel Offset: disabled
[  450.266360][   T34] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:37:53  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff822e4803 RBX=0000000000129970 RCX=ffff88801cb01cc0 RDX=0000000000000000
RSI=ffffffff8be33f60 RDI=0000000000129970 RBP=0000000000000001 RSP=ffffc90007537550
R8 =0000000000000000 R9 =ffffffff822e5807 R10=dffffc0000000000 R11=fffff9400094cb81
R12=0000000000129970 R13=0000000000129970 R14=0000000000000000 R15=ffffea0004a65c18
RIP=ffffffff81bfad98 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055556325a500 ffffffff 00c00000
GS =0000 ffff8880b8613000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f1bb0769fc8 CR3=0000000128ed6000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff81cea4dd ffffffff81688a1f
XMM02=00007f5cf71a7498 ffffffff81688a1f XMM03=00007f5cf71a74a8 00007f5cf71a74a0
XMM04=00007f5cf7d0d100 00007f5cf71a7460 XMM05=00007f5cf71a7478 00007f5cf71a74c0
XMM06=00007f5cf71a74b8 00007f5cf71a74b0 XMM07=00007f5cf71a74a8 00007f5cf71a74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f5cf7012fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff93b55550 RBX=0000000000042054 RCX=366c5742f8e9f96b RDX=0000000000000000
RSI=ffff88810a4744c0 RDI=ffff88810a473980 RBP=0000000000000000 RSP=ffffc900031df498
R8 =0000000000000000 R9 =ffffffff8215d60d R10=dffffc0000000000 R11=ffffffff89fb23e0
R12=0000000000000000 R13=ffff88810a474470 R14=ffff88810a4744c0 R15=896ec07a81aa739a
RIP=ffffffff819da5e1 RFL=00000097 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f0396302800 ffffffff 00c00000
GS =0000 ffff8881a3c13000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055d1198f9ae8 CR3=00000001109a0000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
